The SSH library (LGPL license)
https://www.libssh.org
9dc932c02b
Introduce a sample public-key testing daemon to the 'pkd' test directory, and add support code for cycling through various combinations of different key exchange, cipher, and MAC algorithms. The goal of the 'pkd_hello' test is to make it easy to test interactions between non-libssh clients and a libssh-server, and to provide a starting point for testing new implementations for key types, ciphers, MACs, and so on. The thinking is that testing a new algorithm should be as simple as adding a new line for it in the PKDTESTS_* lists. Macros are used to generate the tests and helper functions for a couple of clients -- here, OpenSSH and dropbear are included for the first cut. If binaries are found for these clients, their test lists will be enabled; when binaries are not found for a given client, those tests are skipped. Tests are run in one large batch by default, but can also be run individually to help with tracking down things like signature bugs that may take many iterations to reproduce. Each test logs its stdout and stderr to its own file, which is cleaned up when a test succeeds. For failures, those logs can be combined with verbose libssh output from pkd itself to start debugging things. Some example usages: pkd_hello Run all tests with default number of iterations. pkd_hello --list List available individual test names. pkd_hello -i 1000 -t torture_pkd_openssh_ecdsa_256_ecdh_sha2_nistp256 Run only the torture_pkd_openssh_ecdsa_256_ecdh_sha2_nistp256 testcase 1000 times. pkd_hello -v -v -v -v -e -o Run all tests with maximum libssh and pkd logging. Included in the tests are passes for all existing kex, cipher, and MAC algorithms. BUG: https://red.libssh.org/issues/144 Signed-off-by: Jon Simons <jon@jonsimons.org> Reviewed-by: Andreas Schneider <asn@cryptomilk.org> |
||
---|---|---|
cmake/Modules | ||
doc | ||
examples | ||
include | ||
obj | ||
src | ||
tests | ||
.clang_complete | ||
.gitignore | ||
AUTHORS | ||
BSD | ||
ChangeLog | ||
CMakeLists.txt | ||
CodingStyle | ||
config.h.cmake | ||
ConfigureChecks.cmake | ||
COPYING | ||
CPackConfig.cmake | ||
CTestConfig.cmake | ||
DefineOptions.cmake | ||
INSTALL | ||
libssh_threads.pc.cmake | ||
libssh-build-tree-settings.cmake.in | ||
libssh-config-version.cmake.in | ||
libssh-config.cmake.in | ||
libssh.pc.cmake | ||
README | ||
SubmittingPatches |
_ _ _ _ (_) (_) (_) (_) (_) _ (_) _ _ _ _ _ (_) _ (_) (_) (_)(_) _ (_)(_) (_)(_) (_)(_) _ (_) (_) (_) (_) _ (_) _ (_) (_) (_) (_) (_) (_)(_)(_) (_)(_) (_)(_) (_) (_).org The SSH library ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ 1* Why ? -_-_-_-_-_ Why not ? :) I've began to work on my own implementation of the ssh protocol because i didn't like the currently public ones. Not any allowed you to import and use the functions as a powerful library, and so i worked on a library-based SSH implementation which was non-existing in the free and open source software world. 2* How/Who ? -_-_-_-_-_-_-_ If you downloaded this file, you must know what it is : a library for accessing ssh client services through C libraries calls in a simple manner. Everybody can use this software under the terms of the LGPL - see the COPYING file If you ask yourself how to compile libssh, please read INSTALL before anything. 3* Where ? -_-_-_-_-_-_ http://www.libssh.org 4* API Changes ! -_-_-_-_-_-_-_-_-_ Changes between 0.4 and 0.5 --------------------------- We use the ssh_ prefix as namespace for every function now. There is a legacy.h which could be used to get the old function names. Changes between 0.3 and 0.4 --------------------------- We changed libssh to be typesafe now: SSH_SESSION *session -> ssh_session session SFTP_SESSION *sftp -> sftp_session sftp CHANNEL *channel -> ssh_channel channel STRING *string -> ssh_string string ... The options structure has been removed and there is a new function. This function can set all available options now. You can find the enum in the header file and it is documented. Example: ssh_options_set(session, SSH_OPTIONS_HOST, "localhost"); 5* Copyright policy -_-_-_-_-_-_-_-_-_-_ libssh is a project with distributed copyright ownership, which means we prefer the copyright on parts of libssh to be held by individuals rather than corporations if possible. There are historical legal reasons for this, but one of the best ways to explain it is that it’s much easier to work with individuals who have ownership than corporate legal departments if we ever need to make reasonable compromises with people using and working with libssh. We track the ownership of every part of libssh via git, our source code control system, so we know the provenance of every piece of code that is committed to libssh. So if possible, if you’re doing libssh changes on behalf of a company who normally owns all the work you do please get them to assign personal copyright ownership of your changes to you as an individual, that makes things very easy for us to work with and avoids bringing corporate legal departments into the picture. If you can’t do this we can still accept patches from you owned by your employer under a standard employment contract with corporate copyright ownership. It just requires a simple set-up process first. We use a process very similar to the way things are done in the Linux Kernel community, so it should be very easy to get a sign off from your corporate legal department. The only changes we’ve made are to accommodate the license we use, which is LGPLv2 (or later) whereas the Linux kernel uses GPLv2. The process is called signing. How to sign your work ---------------------- Once you have permission to contribute to libssh from your employer, simply email a copy of the following text from your corporate email address to: contributing@libssh.org -------------------------------------------------------------------------- libssh Developer's Certificate of Origin. Version 1.0 By making a contribution to this project, I certify that: (a) The contribution was created in whole or in part by me and I have the right to submit it under the appropriate version of the GNU General Public License; or (b) The contribution is based upon previous work that, to the best of my knowledge, is covered under an appropriate open source license and I have the right under that license to submit that work with modifications, whether created in whole or in part by me, under the GNU General Public License, in the appropriate version; or (c) The contribution was provided directly to me by some other person who certified (a) or (b) and I have not modified it. (d) I understand and agree that this project and the contribution are public and that a record of the contribution (including all metadata and personal information I submit with it, including my sign-off) is maintained indefinitely and may be redistributed consistent with the libssh Team's policies and the requirements of the GNU GPL where they are relevant. (e) I am granting this work to this project under the terms of the GNU Lesser General Public License as published by the Free Software Foundation; either version 2.1 of the License, or (at the option of the project) any later version. http://www.gnu.org/licenses/lgpl-2.1.html -------------------------------------------------------------------------- We will maintain a copy of that email as a record that you have the rights to contribute code to libssh under the required licenses whilst working for the company where the email came from. Then when sending in a patch via the normal mechanisms described above, add a line that states: Signed-off-by: Random J Developer <random@developer.example.org> using your real name and the email address you sent the original email you used to send the libssh Developer’s Certificate of Origin to us (sorry, no pseudonyms or anonymous contributions.) That’s it! Such code can then quite happily contain changes that have copyright messages such as: (c) Example Corporation. and can be merged into the libssh codebase in the same way as patches from any other individual. You don’t need to send in a copy of the libssh Developer’s Certificate of Origin for each patch, or inside each patch. Just the sign-off message is all that is required once we’ve received the initial email. Have fun and happy libssh hacking! The libssh Team