aboutsummaryrefslogtreecommitdiff
path: root/tests
diff options
context:
space:
mode:
authorAnderson Toshiyuki Sasaki <ansasaki@redhat.com>2018-12-07 18:19:33 +0100
committerAndreas Schneider <asn@cryptomilk.org>2018-12-10 16:42:26 +0100
commitfe309ba43fb904da4385fc40a338ecc7482f8388 (patch)
tree8697d77c23c5259e63ce0e24db7579d22ae64116 /tests
parentc3067f8e73244ae1268ee45b373dee7183216b67 (diff)
downloadlibssh-fe309ba43fb904da4385fc40a338ecc7482f8388.tar.gz
libssh-fe309ba43fb904da4385fc40a338ecc7482f8388.tar.xz
libssh-fe309ba43fb904da4385fc40a338ecc7482f8388.zip
packet: Allow SSH2_MSG_EXT_INFO when authenticated
When the server requests rekey, it can send the SSH2_MSG_EXT_INFO. This message was being filtered out by the packet filtering. This includes a test to enforce the filtering rules for this packet type. Signed-off-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
Diffstat (limited to 'tests')
-rw-r--r--tests/unittests/torture_packet_filter.c31
1 files changed, 31 insertions, 0 deletions
diff --git a/tests/unittests/torture_packet_filter.c b/tests/unittests/torture_packet_filter.c
index 871eb431..85fb5c1b 100644
--- a/tests/unittests/torture_packet_filter.c
+++ b/tests/unittests/torture_packet_filter.c
@@ -464,6 +464,36 @@ static void torture_packet_filter_check_auth_success(void **state)
assert_int_equal(rc, 0);
}
+static void torture_packet_filter_check_msg_ext_info(void **state)
+{
+ int rc;
+
+ global_state accepted[] = {
+ {
+ .flags = (COMPARE_SESSION_STATE |
+ COMPARE_DH_STATE),
+ .session = SSH_SESSION_STATE_AUTHENTICATING,
+ .dh = DH_STATE_FINISHED,
+ },
+ {
+ .flags = (COMPARE_SESSION_STATE |
+ COMPARE_DH_STATE),
+ .session = SSH_SESSION_STATE_AUTHENTICATED,
+ .dh = DH_STATE_FINISHED,
+ },
+ };
+
+ int accepted_count = 2;
+
+ /* Unused */
+ (void) state;
+
+ rc = check_message_in_all_states(accepted, accepted_count,
+ SSH2_MSG_EXT_INFO);
+
+ assert_int_equal(rc, 0);
+}
+
static void torture_packet_filter_check_channel_open(void **state)
{
int rc;
@@ -494,6 +524,7 @@ int torture_run_tests(void)
cmocka_unit_test(torture_packet_filter_check_auth_success),
cmocka_unit_test(torture_packet_filter_check_channel_open),
cmocka_unit_test(torture_packet_filter_check_unfiltered),
+ cmocka_unit_test(torture_packet_filter_check_msg_ext_info)
};
ssh_init();