diff options
author | Anderson Toshiyuki Sasaki <ansasaki@redhat.com> | 2018-12-07 18:19:33 +0100 |
---|---|---|
committer | Andreas Schneider <asn@cryptomilk.org> | 2018-12-10 16:42:26 +0100 |
commit | fe309ba43fb904da4385fc40a338ecc7482f8388 (patch) | |
tree | 8697d77c23c5259e63ce0e24db7579d22ae64116 /tests | |
parent | c3067f8e73244ae1268ee45b373dee7183216b67 (diff) | |
download | libssh-fe309ba43fb904da4385fc40a338ecc7482f8388.tar.gz libssh-fe309ba43fb904da4385fc40a338ecc7482f8388.tar.xz libssh-fe309ba43fb904da4385fc40a338ecc7482f8388.zip |
packet: Allow SSH2_MSG_EXT_INFO when authenticated
When the server requests rekey, it can send the SSH2_MSG_EXT_INFO. This
message was being filtered out by the packet filtering. This includes a
test to enforce the filtering rules for this packet type.
Signed-off-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
Diffstat (limited to 'tests')
-rw-r--r-- | tests/unittests/torture_packet_filter.c | 31 |
1 files changed, 31 insertions, 0 deletions
diff --git a/tests/unittests/torture_packet_filter.c b/tests/unittests/torture_packet_filter.c index 871eb431..85fb5c1b 100644 --- a/tests/unittests/torture_packet_filter.c +++ b/tests/unittests/torture_packet_filter.c @@ -464,6 +464,36 @@ static void torture_packet_filter_check_auth_success(void **state) assert_int_equal(rc, 0); } +static void torture_packet_filter_check_msg_ext_info(void **state) +{ + int rc; + + global_state accepted[] = { + { + .flags = (COMPARE_SESSION_STATE | + COMPARE_DH_STATE), + .session = SSH_SESSION_STATE_AUTHENTICATING, + .dh = DH_STATE_FINISHED, + }, + { + .flags = (COMPARE_SESSION_STATE | + COMPARE_DH_STATE), + .session = SSH_SESSION_STATE_AUTHENTICATED, + .dh = DH_STATE_FINISHED, + }, + }; + + int accepted_count = 2; + + /* Unused */ + (void) state; + + rc = check_message_in_all_states(accepted, accepted_count, + SSH2_MSG_EXT_INFO); + + assert_int_equal(rc, 0); +} + static void torture_packet_filter_check_channel_open(void **state) { int rc; @@ -494,6 +524,7 @@ int torture_run_tests(void) cmocka_unit_test(torture_packet_filter_check_auth_success), cmocka_unit_test(torture_packet_filter_check_channel_open), cmocka_unit_test(torture_packet_filter_check_unfiltered), + cmocka_unit_test(torture_packet_filter_check_msg_ext_info) }; ssh_init(); |