1
1
Граф коммитов

682 Коммитов

Автор SHA1 Сообщение Дата
Andreas Schneider
aa56b8ca53 tests: Fix chroot_wrapper location
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2018-11-15 13:38:02 +01:00
Sanne Raymaekers
67f418218b knownhosts: Take StrictHostKeyChecking option into account
Signed-off-by: Sanne Raymaekers <sraymaek@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2018-11-08 16:19:18 +01:00
Sanne Raymaekers
03c30e9c8a tests: Ensure the ssh session fd is read-/writeable in torture_proxycommand
Signed-off-by: Sanne Raymaekers <sraymaek@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2018-11-08 16:18:16 +01:00
Andreas Schneider
c88fb4c55b tests: Use correct assert function in torture_client_config
CID 1396565
CID 1396564
CID 1396563

Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2018-11-05 07:57:13 +01:00
Andreas Schneider
a8ed5e31dc tests: Check for NULL in torture_client_config
CID 1396566

Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2018-11-05 07:54:30 +01:00
Jakub Jelen
6eb43fcbf3 tests: Verify the configuration reparsing with real client
This tests verifies that the only the first seen option is applied
throughout all the configuration files processed. It also verifies
that the configuration files are parsed automatically and that this
behavior can be overridden by configuration option.

Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2018-11-02 11:16:38 +01:00
Jakub Jelen
9aa47fef99 tests: Adjust test that require complete config re-parsing
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2018-11-02 11:16:38 +01:00
Jakub Jelen
4a95a35bc6 tests: Properly set the bob's UID also in other tests than pubkey
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2018-11-02 11:16:38 +01:00
Jakub Jelen
f6b390084e tests: Make sure that no other configuration options will get pulled to the auth test from system
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2018-11-02 11:16:38 +01:00
Jakub Jelen
89a8a6fcf0 Process OpenSSH configuration files by default.
This will allow to use the same configuration in client applications
including the users aliases or system wide cryptographic configuration.

As the configuration parsing is the last thing before doing the
actual connection, it might overwrite previously set options.
If this is not intended, the client application can
ask the configuration files to be parsed before setting some other
options that should not ve overwritten. The code ensures that
the configuration is not parsed again.

Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2018-11-02 11:15:30 +01:00
Jakub Jelen
7e44ce1556 tests: Improve error reporting in auth test
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2018-11-02 10:08:20 +01:00
Jakub Jelen
5fc4d5b22a tests: Typo -- the flags should be checked according to the comment
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2018-11-02 10:08:20 +01:00
Jakub Jelen
e1a8b359c1 tests/pkd: Properly clean up memory
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2018-10-30 16:22:17 +01:00
Sanne Raymaekers
ced05eb6db socket: Undouble socket fds
Signed-off-by: Sanne Raymaekers <sraymaek@redhat.com>
2018-10-25 18:49:29 +02:00
Andreas Schneider
cf3c2ee5b3 tests: Improve asserts in torture_pki_ecdsa
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2018-10-24 09:48:35 +02:00
Andreas Schneider
57eb6a400a tests: Init pubkey string with NULL in torture_keyfiles
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2018-10-24 09:48:35 +02:00
Andreas Schneider
8c77a49729 tests: Fix pointer arithmetic in torture_pki_*_publickey_base64
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2018-10-24 09:48:35 +02:00
Andreas Schneider
8c8026b892 tests: Init cipher structure in thread_crypto_aes256_cbc()
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2018-10-24 09:48:35 +02:00
Jakub Jelen
0386e088eb tests: Verify we can authenticate using ed25519 key
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2018-10-19 17:43:20 +02:00
Jakub Jelen
e91bb29e9d tests: Global known_hosts are used for host key verification
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2018-10-19 17:43:20 +02:00
Jakub Jelen
bdb3bb9ccd tests: Verify the hostkey ordering for negotiation is correct
Previously, not all of the host keys algorithms were used for algorithm
negotiation. This verifies the algorithms list is sane and ordered
with the key types from known hosts in the first place.

Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2018-10-19 17:43:20 +02:00
Jakub Jelen
32e502a79d tests: Generate valid known_hosts file, fixing the current test
Previously, the file contained the known_hosts strings separated
by NULL bytes which somehow magically worked.

The test was also expecting all the keys from the file will have
the same key type, which was not indeed true.

Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2018-10-19 17:43:20 +02:00
Jakub Jelen
6ec5a08639 tests: Verify the ecdsa key types are handled correctly
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2018-10-19 17:43:20 +02:00
Jakub Jelen
9285e8516b tests: Do not trace sshd
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2018-10-19 17:42:55 +02:00
Andreas Schneider
49e287006f tests: Add option tests for global and user specific known_hosts
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2018-10-19 12:31:04 +02:00
Anderson Toshiyuki Sasaki
e1548a71bd CVE-2018-10933: Add tests for packet filtering
Created the test torture_packet_filter.c which tests if packets are
being correctly filtered.

Fixes T101

Signed-off-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2018-10-16 09:19:03 +02:00
Andreas Schneider
a80caec19b cmake: Disable deprecation warnings for old known_hosts API
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2018-10-16 08:56:46 +02:00
Jakub Jelen
42bd7cdf6c tests: Add aes-gcm ciphers tests
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2018-10-09 13:05:38 +02:00
Andreas Schneider
85a274ff3c include: Add macros for bytearray handling
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
Reviewed-by: Jakub Jelen <jjelen@redhat.com>
2018-10-05 14:38:43 +02:00
Anderson Toshiyuki Sasaki
6eef4b4a3c tests: Add frees to avoid memory leak errors
The added frees are unnecessary, but the static analyser does not know.

Signed-off-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2018-09-27 15:21:30 +02:00
Anderson Toshiyuki Sasaki
79e907402e tests: Replace ssh_buffer_free() with SSH_BUFFER_FREE()
Signed-off-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2018-09-27 15:21:30 +02:00
Anderson Toshiyuki Sasaki
ca7da823c3 tests: Replace ssh_string_free() with SSH_STRING_FREE()
Signed-off-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2018-09-27 15:21:30 +02:00
Anderson Toshiyuki Sasaki
2eaa23a20e tests: Replace ssh_key_free() with SSH_KEY_FREE()
Signed-off-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2018-09-27 15:21:30 +02:00
Anderson Toshiyuki Sasaki
143b5e2e50 tests: Use SSH_STRING_FREE_CHAR
Signed-off-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2018-09-27 15:21:30 +02:00
Anderson Toshiyuki Sasaki
667fb5f9a9 cmake: Rewritten AddCMockaTest.cmake
This changes add_cmocka_test() to receive compiler options, the
libraries to be linked to the test, and the linker options.  The way the
tests are declared in tests/unittests and tests/client were updated.

Signed-off-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2018-09-26 16:27:22 +02:00
Andreas Schneider
8410f43d8b tests: Add a test for ssh_pki_export_privkey_base64()
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2018-09-20 16:35:13 +02:00
Andreas Schneider
5a198732a5 tests: Add test for ssh_get_fingerprint_hash()
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2018-09-20 16:35:13 +02:00
Anderson Toshiyuki Sasaki
71594f9d6c dh: Add diffie-hellman-group18-sha512 support
Signed-off-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>
2018-09-20 15:37:23 +02:00
Anderson Toshiyuki Sasaki
d9d3b65df2 dh: Add diffie-hellman-group16-sha512 support
Signed-off-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2018-09-19 12:17:02 +02:00
Andreas Schneider
5123f7955b tests: Add OK: and a new line to ssh_ping
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2018-09-18 18:46:28 +02:00
Jakub Jelen
c15ad753a7 tests: Wait for the server to start
The previous timeout of 500 ms was not enough on slower machines or
while running the tests under valgrind. On much faster machines the
sleep() was bringing unnecessary overhead.

This method opens simple connection to the server verifying it is ready
to accept the connection from the test for 5 seconds. It the server
does not start until then, it fails the tests during initialization,
rather than leaving the cases to run against missing server.

Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2018-09-18 18:07:27 +02:00
Anderson Toshiyuki Sasaki
63aa274f4b tests: Add null checks in torture_threads_pki_rsa.c
Signed-off-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2018-09-18 10:19:59 +02:00
Anderson Toshiyuki Sasaki
8170e30073 tests: Add null checks in torture_pki_rsa.c
Signed-off-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2018-09-18 10:19:59 +02:00
Anderson Toshiyuki Sasaki
77f58a225f tests: Add null checks in torture_pki_ed25519.c
Signed-off-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2018-09-18 10:19:59 +02:00
Anderson Toshiyuki Sasaki
48459c37f6 tests: Add null checks in torture_pki_ecdsa.c
Signed-off-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2018-09-18 10:19:59 +02:00
Anderson Toshiyuki Sasaki
31f24ed23e tests: Add null checks and frees in torture_pki_dsa.c
These frees are unnecessary because the negative tests should not
allocate the keys, but the static analyser reports memory leak errors.

Signed-off-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2018-09-18 10:19:59 +02:00
Anderson Toshiyuki Sasaki
82c3faa44d tests: Add return and null checks in torture_options.c
Signed-off-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2018-09-18 10:19:59 +02:00
Anderson Toshiyuki Sasaki
7c75e76d10 tests: Add null checks in torture_config.c
Signed-off-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2018-09-18 10:19:59 +02:00
Jakub Jelen
39975fdd6d tests: Verify we can read public key from OpenSSH container
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2018-09-18 09:53:49 +02:00
Jakub Jelen
2307be32cf Revert "pkd: Generate host keys in old format"
This is no longer needed since libssh can read the private keys
in new OpenSSH format.

This reverts commit 100c9c98ce.

Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2018-09-18 09:53:49 +02:00