aboutsummaryrefslogtreecommitdiff
path: root/tests/client
diff options
context:
space:
mode:
authorAnderson Toshiyuki Sasaki <ansasaki@redhat.com>2019-06-05 15:21:19 +0200
committerAndreas Schneider <asn@cryptomilk.org>2019-06-13 11:00:56 +0200
commit2c385c0e13b9410429d1871504d320d59be93e9c (patch)
tree4a1b509494b1eae0a8bf7f10171f74bfc85553c9 /tests/client
parent66755c478cfe08f41b99ff487f01583eafcc8dc7 (diff)
downloadlibssh-2c385c0e13b9410429d1871504d320d59be93e9c.tar.gz
libssh-2c385c0e13b9410429d1871504d320d59be93e9c.tar.xz
libssh-2c385c0e13b9410429d1871504d320d59be93e9c.zip
tests/client/torture_auth: Skip some tests if in FIPS mode
If in FIPS mode, skip tests which require algorithms not allowed. Also use allowed algorithms when possible to avoid skipping the test. Signed-off-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
Diffstat (limited to 'tests/client')
-rw-r--r--tests/client/torture_auth.c12
1 files changed, 10 insertions, 2 deletions
diff --git a/tests/client/torture_auth.c b/tests/client/torture_auth.c
index de1b5984..aea76d32 100644
--- a/tests/client/torture_auth.c
+++ b/tests/client/torture_auth.c
@@ -616,7 +616,7 @@ static void torture_auth_pubkey_types(void **state)
/* Disable RSA key types for authentication */
rc = ssh_options_set(session, SSH_OPTIONS_PUBLICKEY_ACCEPTED_TYPES,
- "ssh-dss");
+ "ecdsa-sha2-nistp384");
assert_ssh_return_code(session, rc);
rc = ssh_userauth_publickey_auto(session, NULL, NULL);
@@ -675,6 +675,10 @@ static void torture_auth_pubkey_types_ed25519(void **state)
ssh_session session = s->ssh.session;
int rc;
+ if (ssh_fips_mode()) {
+ skip();
+ }
+
rc = ssh_options_set(session, SSH_OPTIONS_USER, TORTURE_SSH_USER_ALICE);
assert_ssh_return_code(session, rc);
@@ -734,7 +738,7 @@ static void torture_auth_pubkey_types_nonblocking(void **state)
/* Disable RSA key types for authentication */
rc = ssh_options_set(session, SSH_OPTIONS_PUBLICKEY_ACCEPTED_TYPES,
- "ssh-dss");
+ "ecdsa-sha2-nistp521");
assert_ssh_return_code(session, rc);
do {
@@ -807,6 +811,10 @@ static void torture_auth_pubkey_types_ed25519_nonblocking(void **state)
ssh_session session = s->ssh.session;
int rc;
+ if (ssh_fips_mode()) {
+ skip();
+ }
+
rc = ssh_options_set(session, SSH_OPTIONS_USER, TORTURE_SSH_USER_ALICE);
assert_ssh_return_code(session, rc);