aboutsummaryrefslogtreecommitdiff
path: root/tests
diff options
context:
space:
mode:
authorAnderson Toshiyuki Sasaki <ansasaki@redhat.com>2019-05-16 14:57:49 +0200
committerAndreas Schneider <asn@cryptomilk.org>2019-06-12 10:17:54 +0200
commit8f6e6f774e4dc731bf5a6cd6f03290b9e6de826c (patch)
treef4d1f87bdd898b7ce42855b9e409664a0b71fa4a /tests
parentf4363f56551509e1c43a20115448af269525285f (diff)
downloadlibssh-8f6e6f774e4dc731bf5a6cd6f03290b9e6de826c.tar.gz
libssh-8f6e6f774e4dc731bf5a6cd6f03290b9e6de826c.tar.xz
libssh-8f6e6f774e4dc731bf5a6cd6f03290b9e6de826c.zip
bind_config: Add support for PubkeyAcceptedKeyTypes
Add support for setting the accepted public key types through configuration file. Note that this does NOT add support for adding or removing values using '+' or '-'. Only replacing the whole list is supported. Signed-off-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com> Reviewed-by: Jakub Jelen <jjelen@redhat.com>
Diffstat (limited to 'tests')
-rw-r--r--tests/unittests/torture_bind_config.c64
1 files changed, 64 insertions, 0 deletions
diff --git a/tests/unittests/torture_bind_config.c b/tests/unittests/torture_bind_config.c
index 4fcc6613..d9e67068 100644
--- a/tests/unittests/torture_bind_config.c
+++ b/tests/unittests/torture_bind_config.c
@@ -48,6 +48,7 @@ extern LIBSSH_THREAD int ssh_log_level;
#define HOSTKEYALGORITHMS "ssh-ed25519,ecdsa-sha2-nistp521,ssh-rsa"
#define HOSTKEYALGORITHMS2 "ssh-rsa"
#define PUBKEYACCEPTEDTYPES "rsa-sha2-512,ssh-rsa,ecdsa-sha2-nistp521"
+#define PUBKEYACCEPTEDTYPES_UNKNOWN "rsa-sha2-512,ssh-rsa,unknown,ecdsa-sha2-nistp521"
#define PUBKEYACCEPTEDTYPES2 "ssh-rsa"
#define MACS "hmac-sha1,hmac-sha2-256,hmac-sha2-512,hmac-sha1-etm@openssh.com,hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com"
#define MACS2 "hmac-sha1"
@@ -103,6 +104,12 @@ extern LIBSSH_THREAD int ssh_log_level;
#define LIBSSH_TEST_BIND_CONFIG_MATCH_INVALID "libssh_test_bind_config_match_invalid"
#define LIBSSH_TEST_BIND_CONFIG_MATCH_INVALID2 "libssh_test_bind_config_match_invalid2"
+#define LIBSSH_TEST_BIND_CONFIG_PUBKEY_ACCEPTED "libssh_test_bind_config_pubkey"
+#define LIBSSH_TEST_BIND_CONFIG_PUBKEY_ACCEPTED2 "libssh_test_bind_config_pubkey2"
+#define LIBSSH_TEST_BIND_CONFIG_PUBKEY_ACCEPTED_TWICE "libssh_test_bind_config_pubkey_twice"
+#define LIBSSH_TEST_BIND_CONFIG_PUBKEY_ACCEPTED_TWICE_REC "libssh_test_bind_config_pubkey_twice_rec"
+#define LIBSSH_TEST_BIND_CONFIG_PUBKEY_ACCEPTED_UNKNOWN "libssh_test_bind_config_pubkey_unknown"
+
const char template[] = "temp_dir_XXXXXX";
struct bind_st {
@@ -319,6 +326,18 @@ static int setup_config_files(void **state)
"Match All\n"
"\tLogLevel "LOGLEVEL4"\n");
+ torture_write_file(LIBSSH_TEST_BIND_CONFIG_PUBKEY_ACCEPTED,
+ "PubkeyAcceptedKeyTypes "PUBKEYACCEPTEDTYPES"\n");
+ torture_write_file(LIBSSH_TEST_BIND_CONFIG_PUBKEY_ACCEPTED2,
+ "PubkeyAcceptedKeyTypes "PUBKEYACCEPTEDTYPES2"\n");
+ torture_write_file(LIBSSH_TEST_BIND_CONFIG_PUBKEY_ACCEPTED_TWICE,
+ "PubkeyAcceptedKeyTypes "PUBKEYACCEPTEDTYPES"\n"
+ "PubkeyAcceptedKeyTypes "PUBKEYACCEPTEDTYPES2"\n");
+ torture_write_file(LIBSSH_TEST_BIND_CONFIG_PUBKEY_ACCEPTED_TWICE_REC,
+ "PubkeyAcceptedKeyTypes "PUBKEYACCEPTEDTYPES2"\n"
+ "Include "LIBSSH_TEST_BIND_CONFIG_KEXALGORITHMS"\n");
+ torture_write_file(LIBSSH_TEST_BIND_CONFIG_PUBKEY_ACCEPTED_UNKNOWN,
+ "PubkeyAcceptedKeyTypes "PUBKEYACCEPTEDTYPES_UNKNOWN"\n");
return 0;
}
@@ -692,6 +711,49 @@ static void torture_bind_config_kexalgorithms(void **state)
}
+static void torture_bind_config_pubkey_accepted(void **state)
+{
+ struct bind_st *test_state;
+ ssh_bind bind;
+ int rc;
+
+ assert_non_null(state);
+ test_state = *((struct bind_st **)state);
+ assert_non_null(test_state);
+ assert_non_null(test_state->bind);
+ bind = test_state->bind;
+
+ rc = ssh_bind_config_parse_file(bind,
+ LIBSSH_TEST_BIND_CONFIG_PUBKEY_ACCEPTED);
+ assert_int_equal(rc, 0);
+ assert_non_null(bind->pubkey_accepted_key_types);
+ assert_string_equal(bind->pubkey_accepted_key_types, PUBKEYACCEPTEDTYPES);
+
+ rc = ssh_bind_config_parse_file(bind,
+ LIBSSH_TEST_BIND_CONFIG_PUBKEY_ACCEPTED2);
+ assert_int_equal(rc, 0);
+ assert_non_null(bind->pubkey_accepted_key_types);
+ assert_string_equal(bind->pubkey_accepted_key_types, PUBKEYACCEPTEDTYPES2);
+
+ rc = ssh_bind_config_parse_file(bind,
+ LIBSSH_TEST_BIND_CONFIG_PUBKEY_ACCEPTED_TWICE);
+ assert_int_equal(rc, 0);
+ assert_non_null(bind->pubkey_accepted_key_types);
+ assert_string_equal(bind->pubkey_accepted_key_types, PUBKEYACCEPTEDTYPES);
+
+ rc = ssh_bind_config_parse_file(bind,
+ LIBSSH_TEST_BIND_CONFIG_PUBKEY_ACCEPTED_TWICE_REC);
+ assert_int_equal(rc, 0);
+ assert_non_null(bind->pubkey_accepted_key_types);
+ assert_string_equal(bind->pubkey_accepted_key_types, PUBKEYACCEPTEDTYPES2);
+
+ rc = ssh_bind_config_parse_file(bind,
+ LIBSSH_TEST_BIND_CONFIG_PUBKEY_ACCEPTED_UNKNOWN);
+ assert_int_equal(rc, 0);
+ assert_non_null(bind->pubkey_accepted_key_types);
+ assert_string_equal(bind->pubkey_accepted_key_types, PUBKEYACCEPTEDTYPES);
+}
+
static int assert_full_bind_config(void **state)
{
struct bind_st *test_state;
@@ -1034,6 +1096,8 @@ int torture_run_tests(void)
sshbind_setup, sshbind_teardown),
cmocka_unit_test_setup_teardown(torture_bind_config_match_invalid,
sshbind_setup, sshbind_teardown),
+ cmocka_unit_test_setup_teardown(torture_bind_config_pubkey_accepted,
+ sshbind_setup, sshbind_teardown),
};
ssh_init();