diff options
author | Axel Eppe <aeppe@google.com> | 2015-08-23 18:17:27 +0100 |
---|---|---|
committer | Andreas Schneider <asn@cryptomilk.org> | 2015-09-08 17:34:04 +0200 |
commit | a98812777b202fb2e379654c12cf04be02500990 (patch) | |
tree | cb1e864f3238bf0c917ef2295d7ba258d5957fda | |
parent | ab4456998bcb51b5a695c200a0f885dfa79ff413 (diff) | |
download | libssh-master-cert.tar.gz libssh-master-cert.tar.xz libssh-master-cert.zip |
Client cert auth: adding auth test.master-cert
Signed-off-by: Axel Eppe <aeppe@google.com>
-rw-r--r-- | tests/client/torture_auth.c | 37 |
1 files changed, 37 insertions, 0 deletions
diff --git a/tests/client/torture_auth.c b/tests/client/torture_auth.c index d686b4c5..e384060a 100644 --- a/tests/client/torture_auth.c +++ b/tests/client/torture_auth.c @@ -366,6 +366,42 @@ static void torture_auth_agent_nonblocking(void **state) { assert_true(rc == SSH_AUTH_SUCCESS); } +static void torture_auth_agent_with_cert(void **state) { + /* This test assumes: + - TrustedUserCAKeys is configured on the SSH server we test against + - $TORTURE_CERT_USER was used as a principal during signing (i.e. + ssh-keygen -s user_ca -I key_id -n $TORTURE_CERT_USER key.pub). + */ + ssh_session session = *state; + char *user = getenv("TORTURE_CERT_USER"); + int rc; + + if (user == NULL) { + print_message("*** Please set the environment variable TORTURE_CERT_USER" + " to enable this test!!\n"); + return; + } + if (!agent_is_running(session)){ + print_message("*** Agent not running. Test ignored\n"); + return; + } + rc = ssh_options_set(session, SSH_OPTIONS_USER, user); + assert_true(rc == SSH_OK); + + rc = ssh_connect(session); + assert_true(rc == SSH_OK); + + rc = ssh_userauth_none(session,NULL); + /* This request should return a SSH_REQUEST_DENIED error */ + if (rc == SSH_ERROR) { + assert_true(ssh_get_error_code(session) == SSH_REQUEST_DENIED); + } + rc = ssh_userauth_list(session, NULL); + assert_true(rc & SSH_AUTH_METHOD_PUBLICKEY); + + rc = ssh_userauth_agent(session, NULL); + assert_true(rc == SSH_AUTH_SUCCESS); +} static void torture_auth_none(void **state) { ssh_session session = *state; @@ -433,6 +469,7 @@ int torture_run_tests(void) { cmocka_unit_test_setup_teardown(torture_auth_autopubkey, setup, teardown), cmocka_unit_test_setup_teardown(torture_auth_autopubkey_nonblocking, setup, teardown), cmocka_unit_test_setup_teardown(torture_auth_agent, setup, teardown), + cmocka_unit_test_setup_teardown(torture_auth_agent_with_cert, setup, teardown), cmocka_unit_test_setup_teardown(torture_auth_agent_nonblocking, setup, teardown), cmocka_unit_test_setup_teardown(torture_auth_none, setup, teardown), cmocka_unit_test_setup_teardown(torture_auth_none_nonblocking, setup, teardown), |