tests/pkd: repro rsa-sha2-{256,512} negotiation bug

Add four passes to the pkd tests to exercise codepaths where an OpenSSH client requests these HostKeyAlgorithms combinations: * rsa-sha2-256 * rsa-sha2-512 * rsa-sha2-256,rsa-sha2-512 * rsa-sha2-512,rsa-sha2-256 The tests demonstrate that the third combination currently fails: libssh ends up choosing `rsa-sha2-512` instead of `rsa-sha2-256`, and the initial exchange fails on the client side citing a signature failure. Signed-off-by: Jon Simons <jon@jonsimons.org> Reviewed-by: Jakub Jelen <jjelen@redhat.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2025-07-29 13:01:13 +03:00 · 2019-02-04 17:39:36 -05:00
parent 128015bb17
commit c2077ab775
2 changed files with 17 additions and 6 deletions
--- a/tests/pkd/pkd_client.h
+++ b/tests/pkd/pkd_client.h
@ -46,12 +46,12 @@
  OPENSSH_PKACCEPTED_ECDSA      \
  OPENSSH_PKACCEPTED_DSA

-#define OPENSSH_CMD_START \
+#define OPENSSH_CMD_START(hostkey_algos) \
    OPENSSH_BINARY " "                  \
    "-o UserKnownHostsFile=/dev/null "  \
    "-o StrictHostKeyChecking=no "      \
    "-F /dev/null "                     \
-    OPENSSH_HOSTKEY_ALGOS " "           \
+    hostkey_algos " "                   \
    OPENSSH_PKACCEPTED_TYPES " "        \
    "-i " CLIENT_ID_FILE " "            \
    "1> %s.out "                        \
@ -61,16 +61,19 @@
 #define OPENSSH_CMD_END "-p 1234 localhost ls"

 #define OPENSSH_CMD \
-    OPENSSH_CMD_START OPENSSH_CMD_END
+    OPENSSH_CMD_START(OPENSSH_HOSTKEY_ALGOS) OPENSSH_CMD_END

 #define OPENSSH_KEX_CMD(kexalgo) \
-    OPENSSH_CMD_START "-o KexAlgorithms=" kexalgo " " OPENSSH_CMD_END
+    OPENSSH_CMD_START(OPENSSH_HOSTKEY_ALGOS) "-o KexAlgorithms=" kexalgo " " OPENSSH_CMD_END

 #define OPENSSH_CIPHER_CMD(ciphers) \
-    OPENSSH_CMD_START "-c " ciphers " " OPENSSH_CMD_END
+    OPENSSH_CMD_START(OPENSSH_HOSTKEY_ALGOS) "-c " ciphers " " OPENSSH_CMD_END

 #define OPENSSH_MAC_CMD(macs) \
-    OPENSSH_CMD_START "-o MACs=" macs " " OPENSSH_CMD_END
+    OPENSSH_CMD_START(OPENSSH_HOSTKEY_ALGOS) "-o MACs=" macs " " OPENSSH_CMD_END
+
+#define OPENSSH_HOSTKEY_CMD(hostkeyalgo) \
+    OPENSSH_CMD_START("-o HostKeyAlgorithms=" hostkeyalgo " ") OPENSSH_CMD_END


 /* Dropbear */