lib/libssh
1
0
Fork 0
mirror of https://git.libssh.org/projects/libssh.git synced 2025-07-31 00:03:07 +03:00
Code Activity

tests/client/torture_auth: Skip some tests if in FIPS mode

Browse Source 
If in FIPS mode, skip tests which require algorithms not allowed.  Also
use allowed algorithms when possible to avoid skipping the test.

Signed-off-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
This commit is contained in:
Anderson Toshiyuki Sasaki
2019-06-05 15:21:19 +02:00
committed by Andreas Schneider
parent 66755c478c
commit 2c385c0e13
1 changed files with 10 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

12
tests/client/torture_auth.c
View File

@ -616,7 +616,7 @@ static void torture_auth_pubkey_types(void **state)
/* Disable RSA key types for authentication */ /* Disable RSA key types for authentication */
rc = ssh_options_set(session, SSH_OPTIONS_PUBLICKEY_ACCEPTED_TYPES, rc = ssh_options_set(session, SSH_OPTIONS_PUBLICKEY_ACCEPTED_TYPES,
"ssh-dss"); "ecdsa-sha2-nistp384");
assert_ssh_return_code(session, rc); assert_ssh_return_code(session, rc);
rc = ssh_userauth_publickey_auto(session, NULL, NULL); rc = ssh_userauth_publickey_auto(session, NULL, NULL);
@ -675,6 +675,10 @@ static void torture_auth_pubkey_types_ed25519(void **state)
ssh_session session = s->ssh.session; ssh_session session = s->ssh.session;
int rc; int rc;
if (ssh_fips_mode()) {
skip();
}
rc = ssh_options_set(session, SSH_OPTIONS_USER, TORTURE_SSH_USER_ALICE); rc = ssh_options_set(session, SSH_OPTIONS_USER, TORTURE_SSH_USER_ALICE);
assert_ssh_return_code(session, rc); assert_ssh_return_code(session, rc);
@ -734,7 +738,7 @@ static void torture_auth_pubkey_types_nonblocking(void **state)
/* Disable RSA key types for authentication */ /* Disable RSA key types for authentication */
rc = ssh_options_set(session, SSH_OPTIONS_PUBLICKEY_ACCEPTED_TYPES, rc = ssh_options_set(session, SSH_OPTIONS_PUBLICKEY_ACCEPTED_TYPES,
"ssh-dss"); "ecdsa-sha2-nistp521");
assert_ssh_return_code(session, rc); assert_ssh_return_code(session, rc);
do { do {
@ -807,6 +811,10 @@ static void torture_auth_pubkey_types_ed25519_nonblocking(void **state)
ssh_session session = s->ssh.session; ssh_session session = s->ssh.session;
int rc; int rc;
if (ssh_fips_mode()) {
skip();
}
rc = ssh_options_set(session, SSH_OPTIONS_USER, TORTURE_SSH_USER_ALICE); rc = ssh_options_set(session, SSH_OPTIONS_USER, TORTURE_SSH_USER_ALICE);
assert_ssh_return_code(session, rc); assert_ssh_return_code(session, rc);