aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorAris Adamantiadis <aris@0xbadc0de.be>2019-10-19 23:18:27 +0200
committerAnderson Toshiyuki Sasaki <ansasaki@redhat.com>2020-08-13 17:35:09 +0200
commit41e54ce0421abeb4fa73e5451483be8e7b7088e3 (patch)
tree1ae755089e73f0f3bc40f90756aa3c8e80640617
parenta7c0ccd35e83797351459b4abdfd45f57f7fa337 (diff)
downloadlibssh-41e54ce0421abeb4fa73e5451483be8e7b7088e3.tar.gz
libssh-41e54ce0421abeb4fa73e5451483be8e7b7088e3.tar.xz
libssh-41e54ce0421abeb4fa73e5451483be8e7b7088e3.zip
tests: use OpenSSH-provided ciphers
Signed-off-by: Aris Adamantiadis <aris@0xbadc0de.be> Reviewed-by: Andreas Schneider <asn@cryptomilk.org> (cherry picked from commit 7ec67011c5bb9cf700a76084550b095640605c85)
-rw-r--r--tests/client/torture_algorithms.c28
-rw-r--r--tests/torture.c49
2 files changed, 25 insertions, 52 deletions
diff --git a/tests/client/torture_algorithms.c b/tests/client/torture_algorithms.c
index 19f25dbb..729505ef 100644
--- a/tests/client/torture_algorithms.c
+++ b/tests/client/torture_algorithms.c
@@ -472,8 +472,7 @@ static void torture_algorithms_3des_cbc_hmac_sha2_512_etm(void **state) {
test_algorithm(s->ssh.session, NULL/*kex*/, "3des-cbc", "hmac-sha2-512-etm@openssh.com");
}
-#ifdef WITH_BLOWFISH_CIPHER
-#if ((OPENSSH_VERSION_MAJOR == 7 && OPENSSH_VERSION_MINOR < 6) || OPENSSH_VERSION_MAJOR <= 6)
+#if defined(WITH_BLOWFISH_CIPHER) && defined(OPENSSH_BLOWFISH_CBC)
static void torture_algorithms_blowfish_cbc_hmac_sha1(void **state) {
struct torture_state *s = *state;
@@ -533,9 +532,9 @@ static void torture_algorithms_blowfish_cbc_hmac_sha2_512_etm(void **state) {
test_algorithm(s->ssh.session, NULL/*kex*/, "blowfish-cbc", "hmac-sha2-512-etm@openssh.com");
}
-#endif
#endif /* WITH_BLOWFISH_CIPHER */
+#ifdef OPENSSH_CHACHA20_POLY1305_OPENSSH_COM
static void torture_algorithms_chacha20_poly1305(void **state)
{
struct torture_state *s = *state;
@@ -549,6 +548,7 @@ static void torture_algorithms_chacha20_poly1305(void **state)
"chacha20-poly1305@openssh.com",
NULL);
}
+#endif /* OPENSSH_CHACHA20_POLY1305_OPENSSH_COM */
static void torture_algorithms_zlib(void **state) {
struct torture_state *s = *state;
@@ -647,7 +647,7 @@ static void torture_algorithms_ecdh_sha2_nistp521(void **state) {
}
#endif
-#if ((OPENSSH_VERSION_MAJOR == 7 && OPENSSH_VERSION_MINOR >= 3) || OPENSSH_VERSION_MAJOR > 7)
+#ifdef OPENSSH_CURVE25519_SHA256
static void torture_algorithms_ecdh_curve25519_sha256(void **state) {
struct torture_state *s = *state;
@@ -657,9 +657,9 @@ static void torture_algorithms_ecdh_curve25519_sha256(void **state) {
test_algorithm(s->ssh.session, "curve25519-sha256", NULL/*cipher*/, NULL/*hmac*/);
}
-#endif
+#endif /* OPENSSH_CURVE25519_SHA256 */
-#if ((OPENSSH_VERSION_MAJOR == 6 && OPENSSH_VERSION_MINOR >= 5) || OPENSSH_VERSION_MAJOR > 6)
+#ifdef OPENSSH_CURVE25519_SHA256_LIBSSH_ORG
static void torture_algorithms_ecdh_curve25519_sha256_libssh_org(void **state) {
struct torture_state *s = *state;
@@ -669,7 +669,7 @@ static void torture_algorithms_ecdh_curve25519_sha256_libssh_org(void **state) {
test_algorithm(s->ssh.session, "curve25519-sha256@libssh.org", NULL/*cipher*/, NULL/*hmac*/);
}
-#endif
+#endif /* OPENSSH_CURVE25519_SHA256_LIBSSH_ORG */
static void torture_algorithms_dh_group1(void **state) {
struct torture_state *s = *state;
@@ -874,8 +874,7 @@ int torture_run_tests(void) {
cmocka_unit_test_setup_teardown(torture_algorithms_3des_cbc_hmac_sha2_512_etm,
session_setup,
session_teardown),
-#ifdef WITH_BLOWFISH_CIPHER
-#if ((OPENSSH_VERSION_MAJOR == 7 && OPENSSH_VERSION_MINOR < 6) || OPENSSH_VERSION_MAJOR <= 6)
+#if defined(WITH_BLOWFISH_CIPHER) && defined(OPENSSH_BLOWFISH_CBC)
cmocka_unit_test_setup_teardown(torture_algorithms_blowfish_cbc_hmac_sha1,
session_setup,
session_teardown),
@@ -894,11 +893,12 @@ int torture_run_tests(void) {
cmocka_unit_test_setup_teardown(torture_algorithms_blowfish_cbc_hmac_sha2_512_etm,
session_setup,
session_teardown),
-#endif
#endif /* WITH_BLOWFISH_CIPHER */
+#ifdef OPENSSH_CHACHA20_POLY1305_OPENSSH_COM
cmocka_unit_test_setup_teardown(torture_algorithms_chacha20_poly1305,
session_setup,
session_teardown),
+#endif /* OPENSSH_CHACHA20_POLY1305_OPENSSH_COM */
cmocka_unit_test_setup_teardown(torture_algorithms_zlib,
session_setup,
session_teardown),
@@ -928,16 +928,16 @@ int torture_run_tests(void) {
session_setup,
session_teardown),
#endif /* WITH_GEX */
-#if ((OPENSSH_VERSION_MAJOR == 7 && OPENSSH_VERSION_MINOR >= 3) || OPENSSH_VERSION_MAJOR > 7)
+#ifdef OPENSSH_CURVE25519_SHA256
cmocka_unit_test_setup_teardown(torture_algorithms_ecdh_curve25519_sha256,
session_setup,
session_teardown),
-#endif
-#if ((OPENSSH_VERSION_MAJOR == 6 && OPENSSH_VERSION_MINOR >= 5) || OPENSSH_VERSION_MAJOR > 6)
+#endif /* OPENSSH_CURVE25519_SHA256 */
+#ifdef OPENSSH_CURVE25519_SHA256_LIBSSH_ORG
cmocka_unit_test_setup_teardown(torture_algorithms_ecdh_curve25519_sha256_libssh_org,
session_setup,
session_teardown),
-#endif
+#endif /* OPENSSH_CURVE25519_SHA256_LIBSSH_ORG */
#if defined(HAVE_ECC)
cmocka_unit_test_setup_teardown(torture_algorithms_ecdh_sha2_nistp256,
session_setup,
diff --git a/tests/torture.c b/tests/torture.c
index 05186197..cd1c5bd4 100644
--- a/tests/torture.c
+++ b/tests/torture.c
@@ -608,20 +608,15 @@ static void torture_setup_create_sshd_config(void **state, bool pam)
"/usr/libexec/openssh/sftp-server",
"/usr/lib/openssh/sftp-server", /* Debian */
};
-#ifndef OPENSSH_VERSION_MAJOR
-#warning "OPENSSH_VERSION_MAJOR undefined, using default"
-#define OPENSSH_VERSION_MAJOR 7U
-#define OPENSSH_VERSION_MINOR 0U
-#endif /* OPENSSH_VERSION_MAJOR */
const char config_string[]=
"Port 22\n"
"ListenAddress 127.0.0.10\n"
- "%s %s\n"
+ "%s %s\n" /* ed25519 HostKey */
#ifdef HAVE_DSA
- "%s %s\n"
+ "%s %s\n" /* DSA HostKey */
#endif /* HAVE_DSA */
- "%s %s\n"
- "%s %s\n"
+ "%s %s\n" /* RSA HostKey */
+ "%s %s\n" /* ECDSA HostKey */
"\n"
"TrustedUserCAKeys %s\n"
"\n"
@@ -635,33 +630,11 @@ static void torture_setup_create_sshd_config(void **state, bool pam)
"\n"
"%s" /* Here comes UsePam */
"\n"
-#if (OPENSSH_VERSION_MAJOR == 6 && OPENSSH_VERSION_MINOR >= 7) || (OPENSSH_VERSION_MAJOR >= 7)
-# ifdef HAVE_DSA
- "HostKeyAlgorithms +ssh-dss\n"
-# else /* HAVE_DSA */
- "HostKeyAlgorithms +ssh-rsa\n"
-# endif /* HAVE_DSA */
-# if (OPENSSH_VERSION_MAJOR == 7 && OPENSSH_VERSION_MINOR < 6)
- "Ciphers +3des-cbc,aes128-cbc,aes192-cbc,aes256-cbc,blowfish-cbc\n"
-# else /* OPENSSH_VERSION 7.0 - 7.5 */
- "Ciphers +3des-cbc,aes128-cbc,aes192-cbc,aes256-cbc\n"
-# endif /* OPENSSH_VERSION 7.0 - 7.6 */
- "KexAlgorithms +diffie-hellman-group1-sha1,"
- "diffie-hellman-group-exchange-sha1"
-#else /* OPENSSH_VERSION >= 6.7 */
- "Ciphers 3des-cbc,aes128-cbc,aes192-cbc,aes256-cbc,aes128-ctr,"
- "aes192-ctr,aes256-ctr,aes128-gcm@openssh.com,"
- "aes256-gcm@openssh.com,arcfour128,arcfour256,arcfour,"
- "blowfish-cbc,cast128-cbc,chacha20-poly1305@openssh.com\n"
- "KexAlgorithms curve25519-sha256@libssh.org,ecdh-sha2-nistp256,"
- "ecdh-sha2-nistp384,ecdh-sha2-nistp521,"
- "diffie-hellman-group-exchange-sha256,"
- "diffie-hellman-group-exchange-sha1,"
- "diffie-hellman-group16-sha512,"
- "diffie-hellman-group18-sha512,"
- "diffie-hellman-group14-sha1,"
- "diffie-hellman-group1-sha1\n"
-#endif /* OPENSSH_VERSION >= 6.7 */
+ /* add all supported algorithms */
+ "HostKeyAlgorithms " OPENSSH_KEYS "\n"
+ "Ciphers " OPENSSH_CIPHERS "\n"
+ "KexAlgorithms " OPENSSH_KEX "\n"
+ "MACs " OPENSSH_MACS "\n"
"\n"
"AcceptEnv LANG LC_CTYPE LC_NUMERIC LC_TIME LC_COLLATE LC_MONETARY LC_MESSAGES\n"
"AcceptEnv LC_PAPER LC_NAME LC_ADDRESS LC_TELEPHONE LC_MEASUREMENT\n"
@@ -673,8 +646,8 @@ static void torture_setup_create_sshd_config(void **state, bool pam)
const char fips_config_string[]=
"Port 22\n"
"ListenAddress 127.0.0.10\n"
- "%s %s\n" /* HostKey */
- "%s %s\n" /* HostKey */
+ "%s %s\n" /* RSA HostKey */
+ "%s %s\n" /* ECDSA HostKey */
"\n"
"TrustedUserCAKeys %s\n" /* Trusted CA */
"\n"