diff options
author | Jakub Jelen <jjelen@redhat.com> | 2018-10-19 14:48:51 +0200 |
---|---|---|
committer | Andreas Schneider <asn@cryptomilk.org> | 2018-10-19 17:43:20 +0200 |
commit | e91bb29e9d8c452a84d552b8884853251507d013 (patch) | |
tree | 936c0274352104034fd8cb8c3a860ec9b80cc9e9 /tests | |
parent | f622c4309b0ffe4679bd1b124638fc1bcddb5758 (diff) | |
download | libssh-e91bb29e9d8c452a84d552b8884853251507d013.tar.gz libssh-e91bb29e9d8c452a84d552b8884853251507d013.tar.xz libssh-e91bb29e9d8c452a84d552b8884853251507d013.zip |
tests: Global known_hosts are used for host key verification
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
Diffstat (limited to 'tests')
-rw-r--r-- | tests/unittests/torture_knownhosts_parsing.c | 64 |
1 files changed, 64 insertions, 0 deletions
diff --git a/tests/unittests/torture_knownhosts_parsing.c b/tests/unittests/torture_knownhosts_parsing.c index b17a3355..148c5da8 100644 --- a/tests/unittests/torture_knownhosts_parsing.c +++ b/tests/unittests/torture_knownhosts_parsing.c @@ -265,6 +265,33 @@ static void torture_knownhosts_host_exists(void **state) ssh_options_set(session, SSH_OPTIONS_HOST, "localhost"); ssh_options_set(session, SSH_OPTIONS_KNOWNHOSTS, knownhosts_file); + /* This makes sure the system's known_hosts are not used */ + ssh_options_set(session, SSH_OPTIONS_GLOBAL_KNOWNHOSTS, "/dev/null"); + + found = ssh_session_has_known_hosts_entry(session); + assert_int_equal(found, SSH_KNOWN_HOSTS_OK); + assert_true(found == SSH_KNOWN_HOSTS_OK); + + ssh_options_set(session, SSH_OPTIONS_HOST, "wurstbrot"); + found = ssh_session_has_known_hosts_entry(session); + assert_true(found == SSH_KNOWN_HOSTS_UNKNOWN); + + ssh_free(session); +} + +static void torture_knownhosts_host_exists_global(void **state) +{ + const char *knownhosts_file = *state; + enum ssh_known_hosts_e found; + ssh_session session; + + session = ssh_new(); + assert_non_null(session); + + ssh_options_set(session, SSH_OPTIONS_HOST, "localhost"); + /* This makes sure the user's known_hosts are not used */ + ssh_options_set(session, SSH_OPTIONS_KNOWNHOSTS, "/dev/null"); + ssh_options_set(session, SSH_OPTIONS_GLOBAL_KNOWNHOSTS, knownhosts_file); found = ssh_session_has_known_hosts_entry(session); assert_int_equal(found, SSH_KNOWN_HOSTS_OK); @@ -295,6 +322,37 @@ torture_knownhosts_algorithms(void **state) ssh_options_set(session, SSH_OPTIONS_HOST, "localhost"); ssh_options_set(session, SSH_OPTIONS_KNOWNHOSTS, knownhosts_file); + /* This makes sure the system's known_hosts are not used */ + ssh_options_set(session, SSH_OPTIONS_GLOBAL_KNOWNHOSTS, "/dev/null"); + + algo_list = ssh_client_select_hostkeys(session); + assert_non_null(algo_list); + assert_string_equal(algo_list, expect); + free(algo_list); + + ssh_free(session); +} + +static void +torture_knownhosts_algorithms_global(void **state) +{ + const char *knownhosts_file = *state; + char *algo_list = NULL; + ssh_session session; + const char *expect = "ssh-ed25519,ssh-rsa,ecdsa-sha2-nistp521," + "ecdsa-sha2-nistp384,ecdsa-sha2-nistp256" +#ifdef HAVE_DSA + ",ssh-dss" +#endif + ; + + session = ssh_new(); + assert_non_null(session); + + ssh_options_set(session, SSH_OPTIONS_HOST, "localhost"); + /* This makes sure the current-user's known hosts are not used */ + ssh_options_set(session, SSH_OPTIONS_KNOWNHOSTS, "/dev/null"); + ssh_options_set(session, SSH_OPTIONS_GLOBAL_KNOWNHOSTS, knownhosts_file); algo_list = ssh_client_select_hostkeys(session); assert_non_null(algo_list); @@ -319,9 +377,15 @@ int torture_run_tests(void) { cmocka_unit_test_setup_teardown(torture_knownhosts_host_exists, setup_knownhosts_file, teardown_knownhosts_file), + cmocka_unit_test_setup_teardown(torture_knownhosts_host_exists_global, + setup_knownhosts_file, + teardown_knownhosts_file), cmocka_unit_test_setup_teardown(torture_knownhosts_algorithms, setup_knownhosts_file, teardown_knownhosts_file), + cmocka_unit_test_setup_teardown(torture_knownhosts_algorithms_global, + setup_knownhosts_file, + teardown_knownhosts_file), }; ssh_init(); |