1
1
Граф коммитов

682 Коммитов

Автор SHA1 Сообщение Дата
Alberto Aguirre
26734a547a torture_packet: Set encryption/decryption keys
Signed-off-by: Alberto Aguirre <albaguirre@gmail.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2018-06-28 09:06:30 +02:00
Aris Adamantiadis
23accdde1a tests: send more packets of various sizes
Signed-off-by: Aris Adamantiadis <aris@0xbadc0de.be>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2018-06-28 09:06:30 +02:00
Aris Adamantiadis
321ec2cb1c tests: packet encryption unit testing
That code is really ugly, but it wasn't meant to be modular at all in the
first place.

Signed-off-by: Aris Adamantiadis <aris@0xbadc0de.be>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2018-06-28 09:06:30 +02:00
Aris Adamantiadis
27711f6a4c tests: test for chacha20-poly1305@openssh.com
Signed-off-by: Aris Adamantiadis <aris@0xbadc0de.be>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2018-06-28 09:06:30 +02:00
Andreas Schneider
c4f3bf4ffa torture: Remove unused variable
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2018-06-28 09:05:58 +02:00
Andreas Schneider
c563ed636a Remove vim modelines from all files
If you want modelines use my vim plugin:
https://github.com/cryptomilk/git-modeline.vim

git config --add vim.modeline "ts=4 sw=4 et"

Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2018-06-28 08:41:08 +02:00
Andreas Schneider
f3de2974a9 tests: Disable ssh_is_ipaddr("255.255.255") on Win32
Till we get the issue fixed in Wine.

Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2018-06-28 08:36:54 +02:00
Andreas Schneider
1b8ce5a6ed tests: Workaround for a Wine bug
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2018-06-28 08:27:08 +02:00
Jon Simons
deb7630c67 pkd: log but ignore ungraceful client disconnects
Signed-off-by: Jon Simons <jon@jonsimons.org>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2018-06-27 21:38:35 -07:00
Jon Simons
cbd9569b99 pkd: move hmac-sha2-256 to OpenSSH-only lists
Signed-off-by: Jon Simons <jon@jonsimons.org>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2018-06-27 19:52:32 -07:00
Jon Simons
a45a04ff4d pkd: omit -v for dbclient by default
The `-v` is only recognized by `dbclient` when dropbear is built
in its DEBUG_TRACE mode.  Omit that flag by default to avoid a
warning log emitted to stderr.

Signed-off-by: Jon Simons <jon@jonsimons.org>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2018-06-27 19:42:57 -07:00
Jon Simons
7aa496d844 pkd: remove blowfish-cbc cipher passes
Support for the `blowfish-cbc` cipher has been removed from OpenSSH
as of version 7.6.  Remove this cipher from the pkd tests so that
the tests will pass together with a modern OpenSSH client.

Signed-off-by: Jon Simons <jon@jonsimons.org>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2018-06-27 19:42:51 -07:00
Jon Simons
bf10a66b5d pkd: emit error message for OpenSSH clients < 7.0
Emit a friendly error message for OpenSSH clients older than
7.0.  Some of the recent pkd changes now require a modern
client to support some newer config options.

Signed-off-by: Jon Simons <jon@jonsimons.org>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2018-06-27 19:42:43 -07:00
Jon Simons
adc817cf13 pkd: specify PubkeyAcceptedTypes for OpenSSH client
As of OpenSSH 6.9, support for `ssh-dss` user keys is disabled by default
at runtime.  Specify an explicit `-o PubkeyAcceptedKeyTYpes` in the pkd
tests to explicitly enable each user key type being tested, including
`ssh-dss`.

Signed-off-by: Jon Simons <jon@jonsimons.org>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2018-06-27 19:42:37 -07:00
Jon Simons
787a649390 pkd: specify HostKeyAlgorithms for OpenSSH client
As of OpenSSH 6.9, support for `ssh-dss` host keys is disabled by default
at runtime.  Specify an explicit `-o HostKeyAlgorithms` in the pkd tests
to explicitly enable each host key type being tested, including `ssh-dss`.

Signed-off-by: Jon Simons <jon@jonsimons.org>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2018-06-27 19:42:33 -07:00
Jon Simons
54690e6cdd pkd: run with SOCKET_WRAPPER_LIBRARY
Use the socket_wrapper preload shim when running the `pkd_hello`
test with `make test`.  The end goal here is to get this test
running alongside normal tests in regular CI.  Changes to do
this:

 * Configure PKD_ENVIRONMENT for the `pkd_hello_i1` test in the
   CMakeLists.txt file.

 * Add a `--socket-wrapper-dir|-w` flag that is used to opt-in to
   initializing a SOCKET_WRAPPER_DIR as expected by the socket_wrapper
   library.

   A runtime flag is used here to make it easy to run `pkd_hello`
   with the socket_wrapper library while avoiding a hard dependency.

Testing done: observed socker_wrapper in effect with `strace`;
running `make test` uses the wrapper correctly on my local
machine.

Signed-off-by: Jon Simons <jon@jonsimons.org>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2018-06-27 19:41:10 -07:00
Jon Simons
4e3fb81172 pkd: add_test pkd_hello_i1 for make test
Add an entry for a `pkd_hello_i1` test which runs one iteration
through each of the pkd algorithm combinations.

Testing done: now `make test` will run `pkd_hello -i1` which
completes in ~25 seconds on my local machine.

Signed-off-by: Jon Simons <jon@jonsimons.org>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2018-06-27 19:41:02 -07:00
Jon Simons
6273c409e3 pkd: fix missing config.h #include
Ensure to include config.h so that the `HAVE_DSA` value is properly set
when building the pkd tests.

Introduced with 778652460f,

Testing done: with this change, the `pkd_hello` test is passing on an
OpenSSL 1.1.0 build for me.  Previously it would fail pubkey exchange
early on for DSA- and ECDSA-type host keys.

Signed-off-by: Jon Simons <jon@jonsimons.org>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2018-06-27 21:25:36 +02:00
Jon Simons
732818ebb2 tests: fix -Wunused-function warning in torture_pki_ecdsa.c
Wrap some function definitions with `HAVE_LIBCRYPTO` ifdefs to
match their usages in `torture_run_tests`.

Fixes this warning I observe when building locally:

    torture_pki_ecdsa.c:341:13: warning:
         ‘torture_pki_ecdsa_write_privkey’ defined but not used
         [-Wunused-function]

Signed-off-by: Jon Simons <jon@jonsimons.org>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2018-06-27 21:25:30 +02:00
Andreas Schneider
6c97122120 torture: Don't exclude filter mechanism on Windows
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2018-06-27 10:51:45 +02:00
Andreas Schneider
0dd33d8ed1 torture: Don't include sys/socket.h on Windows
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2018-06-27 10:44:31 +02:00
Andreas Schneider
e880cafed0 tests: Call ssh_session_is_known_server()
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2018-06-27 09:45:35 +02:00
Andreas Schneider
b74a184172 torture: Fix building on Windows
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2018-06-27 09:45:35 +02:00
Andreas Schneider
03b05c8a5e tests: Add missing newline to KNOWN_HOST_ENTRY_ED25519
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2018-06-05 14:42:21 +02:00
Andreas Schneider
9e4f9a26d4 tests: Allow knownhosts verify test to validate ed25519 and ecdsa
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2018-06-05 10:50:59 +02:00
Andreas Schneider
a209f928d2 kwonhosts: Add functions to check if servers public key is known
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2018-06-04 11:20:28 +02:00
Andreas Schneider
974e1831a0 knownhosts: Add ssh_session_export_known_hosts_entry()
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2018-06-04 11:20:28 +02:00
Andreas Schneider
963c46e4fb knownhosts: Add ssh_session_has_known_hosts_entry()
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2018-06-04 11:20:28 +02:00
Andreas Schneider
32c49ea134 misc: Add ssh_list_count()
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2018-06-04 11:20:28 +02:00
Andreas Schneider
a465ea2d49 knownhosts: Add ssh_known_hosts_read_entries()
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2018-06-04 11:20:28 +02:00
Andreas Schneider
702e9e8ad5 knownhosts: Introduce new known hosts managing functions
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2018-06-04 11:20:28 +02:00
Andreas Schneider
250bf37a28 tortrue: Add ed25519 hostkey to sshd
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2018-06-04 11:20:28 +02:00
Andreas Schneider
bcaeaf17af tests: Fix size for bob_ssh_cert
Fixes a gcc8 warning.

Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2018-06-04 11:12:36 +02:00
Andreas Schneider
f1ff9ae00c torture: Increase wait time for process termination to 10ms
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2018-05-07 21:01:05 +02:00
Andreas Schneider
72f6b34dbc tests: We should only init and finalize libssh once
This should fix a segfault with gcrypt.

Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2018-05-07 08:33:32 +02:00
Andreas Schneider
816234350d pki: Fix duplicating ed25519 public keys
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2018-04-25 16:25:32 +02:00
Nikos Mavrogiannopoulos
f3a19d8c96 torture_path_expand_tilde_unix: use getpwuid() if no env variables
This allows operating under environments where the username variables
are not present.

Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2018-04-17 17:59:14 +02:00
Andreas Schneider
6026fc8036 cmake: Fix libfuzzer linking with clang6
This is always available using -fsanitize=fuzzer now.

Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2018-04-10 11:13:57 +02:00
Andreas Schneider
467d78a442 tests: Fix mixed code compiler warning in torture_rand
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2018-03-21 20:41:16 +01:00
Andreas Schneider
a4aeee972c torture: Increase wait time for the sshd process to exit
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2018-03-21 20:40:04 +01:00
Alberto Aguirre
dd20253fec tests: fix OSX build errors when enabling tests
Fix OSX build error about embedding a directive within macro arguments.
Apparently, snprintf is implemented as a macro on that platform.

Signed-off-by: Alberto Aguirre <albaguirre@gmail.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2018-03-11 22:54:47 +01:00
Juraj Vijtiuk
d11869bdb6 pki: Add mbedTLS ECDSA key comparison support
Signed-off-by: Juraj Vijtiuk <juraj.vijtiuk@sartura.hr>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2018-03-07 15:44:05 +01:00
jvijtiuk
963111b836 tests: Fix segfault with mbedTLS built without threading support
torture_rand and torture_server_x11 call ssh_init without checking
the return value. If mbedTLS is built without threading support
ssh_init fails but the tests continue and then segfault since threading
wasn't correctly initialised.

Add a section that documents requirements for mbedTLS usage in a
multi threaded environment to README.mbedtls.

Signed-off-by: Juraj Vijtiuk <juraj.vijtiuk@sartura.hr>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2018-02-12 20:05:49 +01:00
Andreas Schneider
25ff1214a4 cmake: Build ssh_server_fuzzer if enabled
Fixes T67

Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2018-02-04 11:52:45 +01:00
Alex Gaynor
d84b0926f0 tests: Added a fuzzer for the server
Fixes T67

Signed-off-by: Alex Gaynor <alex.gaynor@gmail.com>
2018-02-04 11:51:58 +01:00
Andreas Schneider
e9073a6bdb torture_pki_ed25519: Add tests for private key with passphrase
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2018-01-10 22:31:02 +01:00
Andreas Schneider
9086d5ca33 torture_pki_ecdsa: Add tests for private key with passphrase
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2018-01-10 22:31:02 +01:00
Andreas Schneider
3c65057fad torture_key: Add ecdsa keys with passphrase
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2018-01-10 22:31:02 +01:00
Andreas Schneider
f9b1dece41 torture_pki_dsa: Add tests for private key with passphrase
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2018-01-10 22:31:02 +01:00
Andreas Schneider
f7a2330de7 torture_pki_rsa: Add tests for private key with passphrase
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2018-01-10 22:31:02 +01:00
Andreas Schneider
67b8f3d6df pki_crypto: Fix private key generation with password
We need to specify a cipher when we generate a key with a password.
OpenSSH uses aes_128_cbc, so we should use the same.

Thanks to Julian Lunz for the report.

Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2018-01-10 22:31:02 +01:00
Andreas Schneider
b0af812710 tests: Move torture keys to own file
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2018-01-10 22:31:02 +01:00
Andreas Schneider
d13a17a27c cmake: Move ed25519 tests into unix part
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2018-01-10 22:31:02 +01:00
Andreas Schneider
ddfc36aa56 tests: Move rsa tests to own test file
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2018-01-10 22:31:02 +01:00
Andreas Schneider
a5997d180d tests: Remove obsolete setup_both_keys()
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2018-01-10 22:31:02 +01:00
Andreas Schneider
51875db70c tests: Move ed25519 functions to the right file
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2018-01-10 22:31:02 +01:00
Andreas Schneider
5ad7da7fd2 tests: Move ecdsa tests to own test file
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2018-01-10 22:27:52 +01:00
Andreas Schneider
59308bc269 tests: Move dsa tests to own test file
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2018-01-10 22:27:52 +01:00
Andreas Schneider
fd2ef07f37 tests: Move helper functions to a common file
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2018-01-10 22:24:11 +01:00
Andreas Schneider
37acd3eca8 torture: Give sshd more time to start up
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2018-01-10 22:24:11 +01:00
Andreas Schneider
cc13e85202 tests: Fix torture_pki with libcrypto
This stops asking for a passphrase on commandline.

Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2018-01-04 15:35:37 +01:00
Juraj Vijtiuk
778652460f add mbedtls crypto support
Summary:
This patch adds support for mbedTLS as a crypto backend for libssh.
mbedTLS is an SSL/TLS library that has been designed to mainly be used
in embedded systems.  It is loosely coupled and has a low memory
footprint.  mbedTLS also provides a cryptography library (libmbedcrypto)
that can be used without the TLS modules.
The patch is unfortunately quite big, since several new files had to
be added.
DSA is disabled at compile time, since mbedTLS doesn't support DSA
Patch review and feedback would be appreciated, and if any issues or
suggestions appear, I'm willing to work on them.

Signed-off-by: Juraj Vijtiuk <juraj.vijtiuk@sartura.hr>

Test Plan:
* The patch has been tested with a Debug and MinSizeRel build, with
libssh unit tests, client tests and the pkd tests.
* All the tests have been run with valgrind's memcheck, drd and helgrind
tools.
* The examples/samplessh client works when built with the patch.

Reviewers: asn, aris

Subscribers: simonsj

Differential Revision: https://bugs.libssh.org/D1
2017-12-28 11:17:39 +01:00
Jakub Jelen
176b92a4f4 tests/client/algorithms: Respect global verbosity settings
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2017-12-21 11:43:19 +01:00
Jakub Jelen
afc6a4e973 tests/config: Verify LogLevel from config is applied
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2017-12-21 11:43:19 +01:00
Jakub Jelen
53d84abb17 tests/config: Newly parsed options
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2017-12-21 11:43:19 +01:00
Jakub Jelen
dab8985c05 tests/config: Enable and disable authentication methods
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2017-12-21 11:43:19 +01:00
Jakub Jelen
0bd6ccc066 tests/config: Verify known_hosts files are applied
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2017-12-21 11:43:19 +01:00
Jakub Jelen
5c7b8802f2 tests: HostkeyAlgorithms passed from config to options
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2017-12-21 11:43:19 +01:00
Jakub Jelen
b8e301ade3 config: Add CMake check for glob() 2017-12-21 11:43:19 +01:00
NoName115
99c5160cb5 config: glob support for include with test
Signed-off-by: NoName115 <robert.kolcun@gmail.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2017-12-21 11:43:14 +01:00
Jakub Jelen
110da49504 config: support for MACs
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2017-12-15 12:00:49 +01:00
Jakub Jelen
f3754dc072 tests/config: Text KexAlgorithms parsing in ssh_config
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2017-12-15 12:00:49 +01:00
Jakub Jelen
78a3ab2eaa tests/options: Verify key exchange algorithms are set properly
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2017-12-15 12:00:49 +01:00
Aris Adamantiadis
f818e63f8f Add new options
Pair-Programmed-With: Jakub Jelen <jjelen@redhat.com>
Signed-off-by: Aris Adamantiadis <aris@0xbadc0de.be>
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2017-12-15 12:00:49 +01:00
Jakub Jelen
094aa5eb02 tests: Temporarily build chroot_wrapper 2017-12-15 12:00:49 +01:00
Jakub Jelen
5d3ab421e1 tests: Do not generate pcap file by default
pcap file is generated by the processes writing to the sockets,
which is not allowed for privilege-separated process in new
OpenSSH servers (confined by seccomp filter).

Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2017-12-15 12:00:49 +01:00
Jakub Jelen
f8f7989c3d tests: Give server more time to start
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2017-12-15 12:00:49 +01:00
Jakub Jelen
b92c499626 tests: Do not test blowfish ciphers with OpenSSH 7.6 and newer 2017-12-15 11:59:19 +01:00
Andreas Schneider
7a65f7f028 test: ssh_userauth_kbdint_setanswer() does not network interaction
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2017-11-09 15:35:22 +01:00
Jon Simons
9d79b7629c torture_algorithms: deduplicate kex method passes
Summary: Signed-off-by: Jon Simons <jon@jonsimons.org>

Test Plan:  * Re-ran the `torture_algorithms` test.

Reviewers: asn

Tags: #libssh

Differential Revision: https://bugs.libssh.org/D8
2017-10-29 15:50:09 +01:00
Andreas Schneider
f0ddde4826 Fix config.h includes
We need stdlib.h and string.h in priv.h for free() and memset().

Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2017-10-28 14:31:37 +02:00
Jon Simons
9003f92e8f pkd_daemon.c: force close pkd_state.server_fd upon stop
There's a race window between the accept loop's call to
accept(2) and it checking `ctx.keep_going`.  Forcefully
close the server socket such that any raced `accept` ends
up failing.

Signed-off-by: Jon Simons <jon@jonsimons.org>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2017-09-11 16:31:01 +02:00
Jon Simons
8d7563a9c3 pkd_daemon.c: split final close loop; wait for client to close
Sometimes, but not always, the pkd tests will fail because they
close the socket at hand a bit too early for the client.  The
client in turn may exit non-zero when that happens.

Split up the final close loop so that pkd waits to receive a
channel close from the client, and then socket close, before
finally returning.

With this change I observe that tests are now passing in
environments that would previously tickle the above race
and fail.

Signed-off-by: Jon Simons <jon@jonsimons.org>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2017-09-11 16:30:54 +02:00
Jon Simons
4c4a03f056 pkd_hello.c: fix return code upon test failure
Signed-off-by: Jon Simons <jon@jonsimons.org>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2017-09-11 16:30:45 +02:00
Jon Simons
1c9eb4dfb9 config: fix memory leak with repeated opcodes
Fix a memory leak in the path where parsing returns early due
to seeing a repeated opcode.  A testcase is added which
demonstrates the leak and fix with valgrind.

Resolves CID 1374267.

Signed-off-by: Jon Simons <jon@jonsimons.org>
2017-09-11 16:26:41 +02:00
Jon Simons
7204d2f485 ecdh: enable ecdh_sha2_nistp{384,521} kex methods
Summary:
Based on Dirkjan's original patch series here:

 * https://www.libssh.org/archive/libssh/2015-08/0000029.html

Here the changes are adapted for the current master
branch, and expanded to include libgcrypt support.

Co-Authored-By: Dirkjan Bussink <d.bussink@gmail.com>
Signed-off-by: Jon Simons <jon@jonsimons.org>

Test Plan:
 * Ran pkd tests for libcrypto and libgcrypt builds.
 * Ran client torture_algorithms.c tests for libcrypto and libgcrypt builds.
 * Tested across multiple libgcrypts ("1.6.3" and "1.7.6-beta").

Reviewers: aris, asn

Reviewed By: asn

Tags: #libssh

Differential Revision: https://bugs.libssh.org/D7
2017-08-24 18:19:25 +02:00
Jon Simons
6252aab88a ecdh: enable ecdh_sha2_nistp{384,521} kex methods
Summary:
Based on Dirkjan's original patch series here:

 * https://www.libssh.org/archive/libssh/2015-08/0000029.html

Here the changes are adapted for the current master
branch, and expanded to include libgcrypt support.

Co-Authored-By: Dirkjan Bussink <d.bussink@gmail.com>
Signed-off-by: Jon Simons <jon@jonsimons.org>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>

Test Plan:
 * Ran pkd tests for libcrypto and libgcrypt builds.
 * Ran client torture_algorithms.c tests for libcrypto and libgcrypt builds.
 * Tested across multiple libgcrypts ("1.6.3" and "1.7.6-beta").

Reviewers: aris, asn

Tags: #libssh

Differential Revision: https://bugs.libssh.org/D7
2017-08-24 18:18:41 +02:00
Nikos Mavrogiannopoulos
316ee071cf torture_options: test the setting of ciphers and MACs
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
2017-08-24 18:01:41 +02:00
Nikos Mavrogiannopoulos
efb7635162 tests: added unit test on including config files
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2017-08-24 15:57:19 +02:00
Jon Simons
a4dc74064c tests: plug leak in torture_bind_options_import_key
Summary:
Hello, this is a resend for a quick memory leak fix for one of the unit
tests, originally sent to the mailing list here:

 * https://www.libssh.org/archive/libssh/2017-07/0000017.html

Test Plan:
 * Before the fix and running the test with valgrind:

```
[simonsj@simonsj-lx5 : unittests] valgrind --leak-check=full ./torture_options >/dev/null
==93134== Memcheck, a memory error detector
==93134== Copyright (C) 2002-2013, and GNU GPL'd, by Julian Seward et al.
==93134== Using Valgrind-3.10.0 and LibVEX; rerun with -h for copyright info
==93134== Command: ./torture_options
==93134==
[  PASSED  ] 10 test(s).
[  PASSED  ] 1 test(s).
==93134==
==93134== HEAP SUMMARY:
==93134==     in use at exit: 80 bytes in 1 blocks
==93134==   total heap usage: 977 allocs, 976 frees, 75,029 bytes allocated
==93134==
==93134== 80 bytes in 1 blocks are definitely lost in loss record 1 of 1
==93134==    at 0x4C28C20: malloc (vg_replace_malloc.c:296)
==93134==    by 0x41BAB0: ssh_key_new (pki.c:107)
==93134==    by 0x40DF90: torture_bind_options_import_key (torture_options.c:222)
==93134==    by 0x4E3AA3A: cmocka_run_one_test_or_fixture (cmocka.c:2304)
==93134==    by 0x4E3ACEA: cmocka_run_one_tests (cmocka.c:2412)
==93134==    by 0x4E3B036: _cmocka_run_group_tests (cmocka.c:2517)
==93134==    by 0x40E9E3: torture_run_tests (torture_options.c:276)
==93134==    by 0x40DE68: main (torture.c:1100)
==93134==
==93134== LEAK SUMMARY:
==93134==    definitely lost: 80 bytes in 1 blocks
==93134==    indirectly lost: 0 bytes in 0 blocks
==93134==      possibly lost: 0 bytes in 0 blocks
==93134==    still reachable: 0 bytes in 0 blocks
==93134==         suppressed: 0 bytes in 0 blocks
==93134==
==93134== For counts of detected and suppressed errors, rerun with: -v
==93134== ERROR SUMMARY: 1 errors from 1 contexts (suppressed: 0 from 0)
```

 * And after:

```
[simonsj@simonsj-lx5 : unittests] valgrind --leak-check=full ./torture_options >/dev/null
==93294== Memcheck, a memory error detector
==93294== Copyright (C) 2002-2013, and GNU GPL'd, by Julian Seward et al.
==93294== Using Valgrind-3.10.0 and LibVEX; rerun with -h for copyright info
==93294== Command: ./torture_options
==93294==
[  PASSED  ] 10 test(s).
[  PASSED  ] 1 test(s).
==93294==
==93294== HEAP SUMMARY:
==93294==     in use at exit: 0 bytes in 0 blocks
==93294==   total heap usage: 977 allocs, 977 frees, 75,029 bytes allocated
==93294==
==93294== All heap blocks were freed -- no leaks are possible
==93294==
==93294== For counts of detected and suppressed errors, rerun with: -v
==93294== ERROR SUMMARY: 0 errors from 0 contexts (suppressed: 0 from 0)
```

Reviewers: asn

Reviewed By: asn

Differential Revision: https://bugs.libssh.org/D3
2017-08-17 09:33:13 +02:00
Jon Simons
fa86229673 pkd: a few improvements and fixups
Summary:
Hello, resending this patch series for the `pkd` tests, originally
sent to the mailing list here:

 *  https://www.libssh.org/archive/libssh/2017-07/0000011.html

Here are a few improvements and fixups for the `pkd` tests, including
a new flag `-m` that can be used to run only certain subsets of the
test passes.

Jon Simons (5):
  pkd: rename AES192 cipher suite -> OPENSSHONLY
  pkd_daemon.c: mark `pkd_ready` field as volatile
  pkd: fixups for updated CMocka CMUnitTest struct
  pkd: refactor -t testname lookup-by-name
  pkd: support -m to match multiple tests

 tests/pkd/pkd_daemon.c |  2 +-
 tests/pkd/pkd_daemon.h |  1 +
 tests/pkd/pkd_hello.c  | 84 +++++++++++++++++++++++++++++++++-----------------
 3 files changed, 58 insertions(+), 29 deletions(-)

--

Test Plan:
 * I've been using the new `-m` mode locally for a long time to run
   only certain groups of tests.

 * The CMocka struct fixes can be seen in the pkd output before and
   after: after, there are no more extraneous test output strings.

 * The fix for the `pkd_ready` field can be observed when building
   the libssh tests with `-Os` on a Debian system (before the fix,
   pkd would hang, after the fix, it runs as intended).

Reviewers: asn

Reviewed By: asn

Tags: #libssh

Differential Revision: https://bugs.libssh.org/D2
2017-08-17 09:24:19 +02:00
Jon Simons
380390c4b6 misc: relax fatal errors in ssh_analyze_banner
Relax the cases where `ssh_analyze_banner` fails to extract a
major and minor version from banners which appear like OpenSSH
banners.

Update the tests to demonstrate that now a banner as might be
sent by `ssh-keyscan(1)` ("SSH-2.0-OpenSSH-keyscan") no longer
returns failure.

Signed-off-by: Jon Simons <jon@jonsimons.org>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2017-07-18 09:32:31 +02:00
Andreas Schneider
d9ff44b46e tests: Fix endif
Ups.

Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2017-07-14 08:53:15 +02:00
Andreas Schneider
c480ac8522 tests: Only run ssh_bind test if we build with server support
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2017-07-14 08:52:08 +02:00
Jon Simons
a89a67e008 misc: fix error-checking in ssh_analyze_banner
Fix error-checking for `strtoul` in `ssh_analyze_banner`, and
enable some tests which demonstrate the fix before-and-after.

Signed-off-by: Jon Simons <jon@jonsimons.org>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2017-07-13 19:35:34 +02:00
Jon Simons
14d8e940e6 tests: torture-misc: add torture_ssh_analyze_banner
Signed-off-by: Jon Simons <jon@jonsimons.org>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2017-07-13 19:32:58 +02:00
Jon Simons
effd7ba13c tests: torture-misc: fix 4-space indentation
Signed-off-by: Jon Simons <jon@jonsimons.org>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2017-07-13 19:32:35 +02:00
Aris Adamantiadis
b0c2ca1b66 tests: fix buffer overflow in testcase 2017-06-07 18:49:56 +02:00
Alfredo Mazzinghi
9dc650b7fb server: Add option SSH_BIND_OPTIONS_IMPORT_KEY to server
This sets the bind private key directly from an ssh_key struct instead
of reading a file.

Signed-off-by: Alfredo Mazzinghi <am2419@cl.cam.ac.uk>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2017-04-11 10:00:13 +02:00
Andreas Schneider
f8ef200e76 tests: Fix session management of torture_knownhosts
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2016-11-08 08:16:20 +01:00
Andreas Schneider
639dc3b5fd tests: Fix typo in torture_crypto
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2016-11-07 07:50:24 +01:00
Andreas Schneider
528b9c5323 cmake: Correctly check for sys/[u]time.h
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2016-11-06 11:52:12 +01:00
Andreas Schneider
5437deed1b callbacks: Add support for MSVC
__typeof__ is GCC specific

Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2016-11-05 20:00:02 +01:00
Andreas Schneider
e9aebb1198 tests: Fix memory leak in torture_auth_cert
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2016-11-05 11:13:43 +01:00
Andreas Schneider
fbe8ccdf3b tests: Fix memory leak in torture_callbacks
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2016-11-04 08:33:33 +01:00
Andreas Schneider
34241cbb2b tests: Reset output buffer in torture_crypto
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2016-11-04 08:31:43 +01:00
Andreas Schneider
e9ba2da9e9 tests: Some cleanup for torture_pki
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2016-11-04 08:21:39 +01:00
Andreas Schneider
5b84772343 tests: Fix memory leak in torture_auth_cert
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2016-11-04 08:15:38 +01:00
Andreas Schneider
d8474207b6 tests: Fix memory leaks in torture_knownhosts
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2016-11-04 08:11:50 +01:00
Andreas Schneider
b78f2ed75d tests: Fix build warning with pkd_hello and cmocka 1.1.0
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2016-11-04 07:58:52 +01:00
Andreas Schneider
ad0ac12c40 tests: Disable x11 test which fails too often
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2016-11-03 15:22:00 +01:00
Andreas Schneider
1ec528b048 tests: Add test for sftp_fsync()
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2016-10-08 13:38:56 +02:00
Andreas Schneider
2a9c396603 torture: Add support to specify verbosity level via env variable
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2016-10-08 13:38:18 +02:00
Andreas Schneider
72eb4adbf0 tests: Try to fix the x11 test
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2016-05-09 15:47:38 +02:00
Andreas Schneider
3f9ce10525 tests: Fix buffer test without NARG macro support
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2016-05-09 15:45:45 +02:00
Andreas Schneider
2fe9c2e352 tests: Improve the torture_request_env test
This still doesn't work on FreeBSD

Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2016-05-03 12:52:07 +02:00
Andreas Schneider
2bd6501552 torture: Fix a warning
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2016-05-03 10:35:11 +02:00
Aris Adamantiadis
5c67530f1e tests: Add test for ssh_callbacks_iterate()
Signed-off-by: Aris Adamantiadis <aris@0xbadc0de.be>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2016-05-02 16:56:50 +02:00
Aris Adamantiadis
6f3a7d36bb tests: Add unit test for ssh_callbacks_execute_list
Signed-off-by: Aris Adamantiadis <aris@0xbadc0de.be>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2016-05-02 16:56:25 +02:00
Aris Adamantiadis
886fdc8bc2 osx: fix compilation 2016-05-02 13:33:34 +02:00
Justus Winter
e37fd83254 tests: Make test suite work out of the box on Debian
* tests/torture.c (torture_setup_create_sshd_config): Rework how the
location of the sftp server is discovered, and add the Debian-specific
location.

Signed-off-by: Justus Winter <justus@g10code.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2016-03-21 20:06:04 +01:00
Justus Winter
9a54f91bb7 torture: Fix guard
* tests/unittests/torture_pki.c (setup_ecdsa_key*): Check for
'HAVE_ECC' instead of 'HAVE_OPENSSL_ECC'.

Signed-off-by: Justus Winter <justus@g10code.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2016-03-21 18:38:57 +01:00
Andreas Schneider
16d58e93af cmake: Fix torture build
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2016-03-17 10:45:40 +01:00
Andreas Schneider
2384236849 cmake: Try to fix FindArgp module
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2016-03-17 10:42:52 +01:00
Axel Eppe
252cd6eae9 torture_auth: Add tests for client side certificate authentication
- enabled TrustedUserCAKeys option in torture.c
 - adds a new set of (signed) keys for bob in a separate dir

 The private key used to generate the certs is included, but not required.

Signed-off-by: Axel Eppe <aeppe@google.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2016-03-15 08:38:13 +01:00
Andreas Schneider
1bc4176d65 torture: Use ECDSA key for x11 test
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2016-02-08 18:46:22 +01:00
Andreas Schneider
de309c51a7 torture: Fix ssh version detection
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2016-02-08 18:38:24 +01:00
Andreas Schneider
f128ffd88b tests: Fix running ssh-agent
ssh-agent needs to be executed as the local user and not a fake user or
we will not be able to add identies.

Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2016-02-03 09:01:29 +01:00
Andreas Schneider
063430744d torture: Set sshd debug level to DEBUG3
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2016-02-03 09:01:27 +01:00
Andreas Schneider
cbd75c3e35 tests: Switch to user bob in setup
This makes sure we can apply options correctly.

Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2016-02-03 09:01:24 +01:00
Andreas Schneider
1729d4a168 tests: Always start tests as root so we can switch to a user
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2016-02-03 09:01:22 +01:00
Andreas Schneider
773771659e tests: Use different uids and gids for testing
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2016-02-03 09:01:17 +01:00
Andreas Schneider
c365ff3d05 torture: Also write stderr to a file
This allows to capture debug information of the wrappers.

Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2016-01-21 14:11:26 +01:00
Andreas Schneider
1bbfe058f9 torture: Add additional sftp-server path for BSD
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2016-01-21 12:21:58 +01:00
Andreas Schneider
02d9b05f54 torture: Give sshd more time to start
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2016-01-21 09:07:02 +01:00
Fabiano Fidêncio
05fd0acf45 buffer: do not use ssh_buffer_get_rest_len()
As ssh_buffer_get_len() actually calls ssh_buffer_get_rest_len(), let's
just use the first one. This is a preparatory step for removing
ssh_buffer_get_rest_len().

Signed-off-by: Fabiano Fidêncio <fidencio@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2016-01-19 11:31:08 +01:00
Fabiano Fidêncio
954341dd1f buffer: rename ssh_buffer_get_rest() to ssh_buffer_get()
Signed-off-by: Fabiano Fidêncio <fidencio@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2016-01-19 11:31:07 +01:00
Fabiano Fidêncio
1226add976 tests: Fix warning about expected format for printf
/home/ffidenci/src/upstream/libssh/tests/benchmarks/bench_scp.c: In
function ‘benchmarks_scp_down’:
/home/ffidenci/src/upstream/libssh/tests/benchmarks/bench_scp.c:112:14:
warning: format ‘%d’ expects argument of type ‘int’, but argument 2 has
type ‘size_t {aka long unsigned int}’ [-Wformat=]
       printf("Only %d bytes available (on %lu requested).\n",size,bytes);
              ^
/home/ffidenci/src/upstream/libssh/tests/benchmarks/bench_scp.c:116:14:
warning: format ‘%d’ expects argument of type ‘int’, but argument 2 has
type ‘size_t {aka long unsigned int}’ [-Wformat=]
        printf("File is %d bytes (on %lu requested). Will cut the end\n"
        ,size,bytes);

Signed-off-by: Fabiano Fidêncio <fidencio@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2016-01-19 11:31:07 +01:00
Fabiano Fidêncio
adc8c20ac1 cleanup: use ssh_ prefix in the buffer (non-static) functions
Having "ssh_" prefix in the functions' name will avoid possible clashes
when compiling libssh statically.

Signed-off-by: Fabiano Fidêncio <fidencio@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2016-01-19 11:31:07 +01:00
Fabiano Fidêncio
77052d3a1e cleanup: use ssh_ prefix in the agent (non-static) functions
Having "ssh_" prefix in the functions' name will avoid possible clashes
when compiling libssh statically.

Signed-off-by: Fabiano Fidêncio <fidencio@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2016-01-19 11:31:07 +01:00
Andreas Schneider
9ccb6864be tests: Initialize output and iv in torture_crypto
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2016-01-19 11:15:42 +01:00
Andreas Schneider
b1c0121507 valgrind: Add suppression for glibc dlopen issue
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2016-01-19 11:03:52 +01:00
Andreas Schneider
f6bea8d061 torture: Fix a memory leak
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2016-01-19 11:02:13 +01:00
Andreas Schneider
9bb7e68b86 torture: Add missing include for AF_INET
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2016-01-18 15:19:20 +01:00
Andreas Schneider
20718ec52b tests: Require pam_wrapper 1.0.1
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2016-01-18 12:02:45 +01:00
Andreas Schneider
a3557b81de tests: Wait for sshd to start before connecting
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2016-01-18 12:01:56 +01:00
Andreas Schneider
485d78d768 tests: Turn on kbdint tests in torture_auth
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2016-01-14 08:04:49 +01:00
Andreas Schneider
7aa84318ae tests: Turn on PAM support in sshd with pam_wrapper
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2016-01-14 08:04:49 +01:00
Andreas Schneider
0e98f1214d torture: Improve process termination function
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2016-01-14 08:04:49 +01:00
Andreas Schneider
6e7eae968a tests: Support other openssh versions ...
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2016-01-14 08:04:49 +01:00
Andreas Schneider
5bb9b570f4 tests: Rename torture_sftp_static to torture_sftp_ext
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2016-01-14 08:04:49 +01:00
Andreas Schneider
571f547556 tests: Migrate torture_sftp_read to a cwrap test
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2016-01-14 08:04:49 +01:00
Andreas Schneider
af3de262b6 tests: Migrate torture_sftp_dir to cwrap test
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2016-01-14 08:04:49 +01:00
Andreas Schneider
bd4a0aa705 torture: Add sftp session pointer to torture_state
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2016-01-14 08:04:49 +01:00
Andreas Schneider
4bc6af6c17 tests: Migrate torture_request_env to cwrap test
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2016-01-14 08:04:49 +01:00
Andreas Schneider
27834cce2c tests: Migrate torture_session to cwrap test
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2016-01-14 08:04:49 +01:00
Andreas Schneider
a30d16c48a torture: Start sshd as root
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2016-01-14 08:04:49 +01:00
Andreas Schneider
e4653b82bd tests: Migrate torture_proxycommand to new cwrap test
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2016-01-14 08:04:49 +01:00
Andreas Schneider
b65dcb3a35 tests: Migrate torture_knownhosts to new cwrap test
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2016-01-14 08:04:49 +01:00
Andreas Schneider
c1fb948397 torture: Enable old host key algos for testing
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2016-01-14 08:04:49 +01:00
Andreas Schneider
be25b58380 tests: Migrate torture_forward to a cwrap test
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2016-01-14 08:04:49 +01:00
Andreas Schneider
66f51df9df torture: Fix torture_ssh_session() for cwrap testing
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2016-01-14 08:04:49 +01:00
Andreas Schneider
3014e3c458 tests: Migrate torture_algorithms to a cwrap test
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2016-01-14 08:04:49 +01:00
Andreas Schneider
dd0d04ae8d torture: Enable old cipher and kex algos in sshd
We need to test them, so enable them in the sshd.

Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2016-01-14 08:04:49 +01:00
Andreas Schneider
112d4cc7e6 tests: Migrate torture_auth as a cwrap test
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2016-01-14 08:04:49 +01:00
Andreas Schneider
ee8664418a tests: Add public keys for bob
This also allows bob to auth as alice.

Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2016-01-14 08:04:49 +01:00
Andreas Schneider
ae89b6c078 torture: Create a torture_terminate_process() function
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2016-01-14 08:04:49 +01:00
Andreas Schneider
d403c01a30 tests: Convert torture_connect to a cwrap test
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2016-01-14 08:04:49 +01:00
Andreas Schneider
14f1ce2e5b torture: Add torture_teardown_sshd_server().
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2016-01-14 08:04:49 +01:00
Andreas Schneider
62b0f58d24 torture: Restrict files to we write to our user.
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2016-01-14 08:04:49 +01:00
Andreas Schneider
c3f963e71e torture: Add function to setup sshd server
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2016-01-14 08:04:49 +01:00
Andreas Schneider
fd09c4cb29 torture: Add torture_teardown_socket_dir().
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2016-01-14 08:04:49 +01:00
Andreas Schneider
13f68fc2d5 torture: Add torture_setup_socket_dir().
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2016-01-14 08:04:49 +01:00
Andreas Schneider
7a523597ad torture: Add server to get address and port.
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2016-01-14 08:04:49 +01:00
Andreas Schneider
c2d636270c tests: Add ssh host keys for test environment.
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2016-01-14 08:04:49 +01:00
Andreas Schneider
21b0d29e38 cmake: Configure nss_wrapper and uid_wrapper
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2016-01-14 08:04:49 +01:00
Andreas Schneider
6596d27e19 cmake: Search for cwrap and sshd.
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2016-01-14 08:04:49 +01:00
Fabiano Fidêncio
0d7da3207f Fix a bunch of -Wmaybe-uninitialized
Reviewed-By: Aris Adamantiadis <aris@0xbadc0de.be>
2015-12-17 15:01:05 +01:00
Aris Adamantiadis
677fa8ced2 tests: add test for cipher.(de|en)crypt 2015-09-23 15:09:23 +02:00
Andreas Schneider
f55b10e4ed tests: Fix return code of torture_init
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2015-09-09 09:17:46 +02:00
Axel Eppe
d8be35de7f tests: Add tests for the new ssh_pki cert functions
Signed-off-by: Axel Eppe <aeppe@google.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2015-09-07 13:30:34 +02:00
Andreas Schneider
7bfe8d2f03 tests: Migrate pkd_hello to new cmocka API
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2015-09-07 12:44:23 +02:00
Andreas Schneider
3b0b1c3ee3 pki: Use the standard logging function
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2015-09-07 10:57:34 +02:00
Andreas Schneider
82a80b205b tests: Migrate to new cmocka API
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2015-09-07 10:40:12 +02:00
Andreas Schneider
5b586fdfec cmake: Handle libssh threas library correctly
This should fix the build on Windows and would not install pkg files.

Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2015-09-07 07:46:11 +02:00
Andreas Schneider
d54a1ab798 tests: Add checks for ssh_key_is_private()
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2015-08-10 13:57:47 +02:00
Aris Adamantiadis
52b5258ed4 fix permissions 2015-07-08 16:33:34 +02:00
Andreas Schneider
728c2fbd01 cmake: Fix zlib include directory
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2015-07-03 12:36:26 +02:00
Douglas Heriot
a65af1b3b8 cmake: Do not use CMAKE_(SOURCE|BINARY)_DIR 2015-06-24 18:17:05 +02:00
Andreas Schneider
90e4786523 valgrind: Add suppression for openssl FIPS dlopen leak
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2015-05-06 10:27:09 +02:00
Andreas Schneider
f65f41acc2 valgrind: Ignore valgrind free bug on exit
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2015-05-06 10:23:27 +02:00
Andreas Schneider
8979150745 tests: Migrate torture_keyfiles to testkey functions
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2015-05-06 09:47:37 +02:00
Andreas Schneider
f81d296e54 torture: Move TORTURE_TESTKEY_PASSWORD to header
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2015-05-06 09:47:17 +02:00
Andreas Schneider
57afe78167 tests: Fix memory leak in torture_server_x11 test
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2015-05-06 09:33:51 +02:00
Andreas Schneider
3eaad77de2 tests: Only link against threading library if available
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2015-05-05 19:09:51 +02:00
Andreas Schneider
9244750a63 cmake: Add missing OpenSSL include directory
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2015-05-05 19:04:49 +02:00
Andreas Schneider
e4e3b3052f tests: Apply umask before calling mkstemp()
CID: #978660

Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2015-05-05 11:27:09 +02:00
Andreas Schneider
4948fe21cd tests: Fix ctest default script
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2015-05-04 15:52:17 +02:00
Andreas Schneider
d6fe9dc220 unittests: Fix memory leak in torture_pki_ed25519
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
2015-04-02 15:05:19 +02:00
Aris Adamantiadis
2e445d5871 torture: fix includes for freebsd10 2015-02-14 22:09:02 +01:00