This also replaces some occurrences of assert_true with assert_null.
Signed-off-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
The ssh_options_copy() function was missing several options that were added
in recent years.
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
* This makes the array constant in the session structure, avoiding
allocations and frees while parsing the file
* It also drops passing the seen array to all the functions,
because it is already part of the passed session
* The test cases are adjusted to match these changes
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
This allows adjusting the log level of config and options tests using
environment variable LIBSSH_VERBOSITY as it works in most of the other
tests.
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
The match_hostname() expects comma separated list, while the Host
config keyword in openssh uses spaces separated list by default.
Therefore any subseqent match or negated match in space separated
list will overwrite the previous matches.
This also adjusts the tests to make sure both of the versions work.
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
Verify the PUBLICKEY_ACCEPTED_TYPES option is handled correctly
and affects the signature algorithm selection based on the
extensions and can be used to limit list of offered mechanisms
to the server.
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
Summary:
This patch adds support for mbedTLS as a crypto backend for libssh.
mbedTLS is an SSL/TLS library that has been designed to mainly be used
in embedded systems. It is loosely coupled and has a low memory
footprint. mbedTLS also provides a cryptography library (libmbedcrypto)
that can be used without the TLS modules.
The patch is unfortunately quite big, since several new files had to
be added.
DSA is disabled at compile time, since mbedTLS doesn't support DSA
Patch review and feedback would be appreciated, and if any issues or
suggestions appear, I'm willing to work on them.
Signed-off-by: Juraj Vijtiuk <juraj.vijtiuk@sartura.hr>
Test Plan:
* The patch has been tested with a Debug and MinSizeRel build, with
libssh unit tests, client tests and the pkd tests.
* All the tests have been run with valgrind's memcheck, drd and helgrind
tools.
* The examples/samplessh client works when built with the patch.
Reviewers: asn, aris
Subscribers: simonsj
Differential Revision: https://bugs.libssh.org/D1
Summary:
Hello, this is a resend for a quick memory leak fix for one of the unit
tests, originally sent to the mailing list here:
* https://www.libssh.org/archive/libssh/2017-07/0000017.html
Test Plan:
* Before the fix and running the test with valgrind:
```
[simonsj@simonsj-lx5 : unittests] valgrind --leak-check=full ./torture_options >/dev/null
==93134== Memcheck, a memory error detector
==93134== Copyright (C) 2002-2013, and GNU GPL'd, by Julian Seward et al.
==93134== Using Valgrind-3.10.0 and LibVEX; rerun with -h for copyright info
==93134== Command: ./torture_options
==93134==
[ PASSED ] 10 test(s).
[ PASSED ] 1 test(s).
==93134==
==93134== HEAP SUMMARY:
==93134== in use at exit: 80 bytes in 1 blocks
==93134== total heap usage: 977 allocs, 976 frees, 75,029 bytes allocated
==93134==
==93134== 80 bytes in 1 blocks are definitely lost in loss record 1 of 1
==93134== at 0x4C28C20: malloc (vg_replace_malloc.c:296)
==93134== by 0x41BAB0: ssh_key_new (pki.c:107)
==93134== by 0x40DF90: torture_bind_options_import_key (torture_options.c:222)
==93134== by 0x4E3AA3A: cmocka_run_one_test_or_fixture (cmocka.c:2304)
==93134== by 0x4E3ACEA: cmocka_run_one_tests (cmocka.c:2412)
==93134== by 0x4E3B036: _cmocka_run_group_tests (cmocka.c:2517)
==93134== by 0x40E9E3: torture_run_tests (torture_options.c:276)
==93134== by 0x40DE68: main (torture.c:1100)
==93134==
==93134== LEAK SUMMARY:
==93134== definitely lost: 80 bytes in 1 blocks
==93134== indirectly lost: 0 bytes in 0 blocks
==93134== possibly lost: 0 bytes in 0 blocks
==93134== still reachable: 0 bytes in 0 blocks
==93134== suppressed: 0 bytes in 0 blocks
==93134==
==93134== For counts of detected and suppressed errors, rerun with: -v
==93134== ERROR SUMMARY: 1 errors from 1 contexts (suppressed: 0 from 0)
```
* And after:
```
[simonsj@simonsj-lx5 : unittests] valgrind --leak-check=full ./torture_options >/dev/null
==93294== Memcheck, a memory error detector
==93294== Copyright (C) 2002-2013, and GNU GPL'd, by Julian Seward et al.
==93294== Using Valgrind-3.10.0 and LibVEX; rerun with -h for copyright info
==93294== Command: ./torture_options
==93294==
[ PASSED ] 10 test(s).
[ PASSED ] 1 test(s).
==93294==
==93294== HEAP SUMMARY:
==93294== in use at exit: 0 bytes in 0 blocks
==93294== total heap usage: 977 allocs, 977 frees, 75,029 bytes allocated
==93294==
==93294== All heap blocks were freed -- no leaks are possible
==93294==
==93294== For counts of detected and suppressed errors, rerun with: -v
==93294== ERROR SUMMARY: 0 errors from 0 contexts (suppressed: 0 from 0)
```
Reviewers: asn
Reviewed By: asn
Differential Revision: https://bugs.libssh.org/D3
This sets the bind private key directly from an ssh_key struct instead
of reading a file.
Signed-off-by: Alfredo Mazzinghi <am2419@cl.cam.ac.uk>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
Option can be used to filter out irrelevant tests
usage: ./torture_pki '*ed25519'
Signed-off-by: Aris Adamantiadis <aris@0xbadc0de.be>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
* Use SSH_ERROR and SSH_OK instead of `-1` and `0`.
* Re-factor for code duplication
* No longer call `ssh_set_error_invalid(ssh_session)` when the
ssh_session is NULL.
