aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorAris Adamantiadis <aris@0xbadc0de.be>2011-06-12 20:54:33 +0200
committerAris Adamantiadis <aris@0xbadc0de.be>2011-06-12 20:54:33 +0200
commit113de1354322f3fb310b23b412c548d8a9e417bc (patch)
treee2be35ef0d5dba3f295e3bafe59a2c4a1fbdfd80
parentb54e8cdae5b742d98a015fd91708b308848e86e3 (diff)
downloadlibssh-113de1354322f3fb310b23b412c548d8a9e417bc.tar.gz
libssh-113de1354322f3fb310b23b412c548d8a9e417bc.tar.xz
libssh-113de1354322f3fb310b23b412c548d8a9e417bc.zip
Test for ecdh and dh-group1
-rw-r--r--include/libssh/libssh.h3
-rw-r--r--src/options.c14
-rw-r--r--tests/client/torture_algorithms.c43
3 files changed, 59 insertions, 1 deletions
diff --git a/include/libssh/libssh.h b/include/libssh/libssh.h
index 425be1a..3453177 100644
--- a/include/libssh/libssh.h
+++ b/include/libssh/libssh.h
@@ -303,7 +303,8 @@ enum ssh_options_e {
SSH_OPTIONS_BINDADDR,
SSH_OPTIONS_STRICTHOSTKEYCHECK,
SSH_OPTIONS_COMPRESSION,
- SSH_OPTIONS_COMPRESSION_LEVEL
+ SSH_OPTIONS_COMPRESSION_LEVEL,
+ SSH_OPTIONS_KEY_EXCHANGE
};
enum {
diff --git a/src/options.c b/src/options.c
index 5a9c5bf..d111f72 100644
--- a/src/options.c
+++ b/src/options.c
@@ -312,6 +312,11 @@ int ssh_options_set_algo(ssh_session session, int algo,
* Set the symmetric cipher server to client (const char *,
* comma-separated list).
*
+ * - SSH_OPTIONS_KEY_EXCHANGE:
+ * Set the key exchange method to be used (const char *,
+ * comma-separated list). ex:
+ * "ecdh-sha2-nistp256,diffie-hellman-group1-sha1"
+ *
* - SSH_OPTIONS_COMPRESSION_C_S:
* Set the compression to use for client to server
* communication (const char *, "yes", "no" or a specific
@@ -583,6 +588,15 @@ int ssh_options_set(ssh_session session, enum ssh_options_e type,
return -1;
}
break;
+ case SSH_OPTIONS_KEY_EXCHANGE:
+ if(value == NULL) {
+ ssh_set_error_invalid(session, __FUNCTION__);
+ return -1;
+ } else {
+ if (ssh_options_set_algo(session, SSH_KEX, value) < 0)
+ return -1;
+ }
+ break;
case SSH_OPTIONS_COMPRESSION_C_S:
if (value == NULL) {
ssh_set_error_invalid(session, __FUNCTION__);
diff --git a/tests/client/torture_algorithms.c b/tests/client/torture_algorithms.c
index 8f51d40..6bec543 100644
--- a/tests/client/torture_algorithms.c
+++ b/tests/client/torture_algorithms.c
@@ -148,6 +148,47 @@ static void torture_algorithms_zlib_openssh(void **state) {
ssh_disconnect(session);
}
+static void torture_algorithms_ecdh_sha2_nistp256(void **state) {
+ ssh_session session = *state;
+ int rc;
+
+ rc = ssh_options_set(session,SSH_OPTIONS_HOST,"localhost");
+ assert_true(rc == SSH_OK);
+
+ rc = ssh_options_set(session, SSH_OPTIONS_KEY_EXCHANGE, "ecdh-sha2-nistp256");
+ assert_true(rc == SSH_OK);
+
+ rc = ssh_connect(session);
+ assert_true(rc == SSH_OK);
+ rc = ssh_userauth_none(session, NULL);
+ if (rc != SSH_OK) {
+ rc = ssh_get_error_code(session);
+ assert_true(rc == SSH_REQUEST_DENIED);
+ }
+
+ ssh_disconnect(session);
+}
+
+static void torture_algorithms_dh_group1(void **state) {
+ ssh_session session = *state;
+ int rc;
+
+ rc = ssh_options_set(session,SSH_OPTIONS_HOST,"localhost");
+ assert_true(rc == SSH_OK);
+
+ rc = ssh_options_set(session, SSH_OPTIONS_KEY_EXCHANGE, "diffie-hellman-group1-sha1");
+ assert_true(rc == SSH_OK);
+
+ rc = ssh_connect(session);
+ assert_true(rc == SSH_OK);
+ rc = ssh_userauth_none(session, NULL);
+ if (rc != SSH_OK) {
+ rc = ssh_get_error_code(session);
+ assert_true(rc == SSH_REQUEST_DENIED);
+ }
+
+ ssh_disconnect(session);
+}
int torture_run_tests(void) {
int rc;
const UnitTest tests[] = {
@@ -161,6 +202,8 @@ int torture_run_tests(void) {
unit_test_setup_teardown(torture_algorithms_blowfish_cbc, setup, teardown),
unit_test_setup_teardown(torture_algorithms_zlib, setup, teardown),
unit_test_setup_teardown(torture_algorithms_zlib_openssh, setup, teardown),
+ unit_test_setup_teardown(torture_algorithms_dh_group1,setup,teardown),
+ unit_test_setup_teardown(torture_algorithms_ecdh_sha2_nistp256,setup,teardown)
};
ssh_init();