1
0
mirror of https://git.libssh.org/projects/libssh.git synced 2025-07-29 13:01:13 +03:00

14 Commits

Author SHA1 Message Date
f14568262a tests: Update PKCS#11 tests to follow global verbosity
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Sahana Prasad <sahana@redhat.com>
2025-02-27 10:52:17 +01:00
46d7417620 tests: Do not use global openssl.cnf
The global openssl configuration file automatically loads a pkcs11
provider, but it does it before we set up the token, which makes
the pkcs11 tests failing.

The workaround is to not load the global configuration, which is
delaying the loading of the pkcs11 provider to the time of first
use.

Consequently, this will require separate integration end-to-end
test that will verify the libssh works correctly with the pkcs11
provider loaded early.

Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Sahana Prasad <sahana@redhat.com>
2024-10-25 13:46:22 +02:00
2c918aad67 tests: Use /tmp for tmpdirs that contain sockets
Socket paths have a length limit, and depending on the working directory of the
source code, these tests occasionally fail if the path is too long. Avoid this
by using a template string that is absolute and in /tmp, which should avoid the
socket path length issues.

This fixes building libssh with pkcs11 provider support in 'fedpkg mockbuild'.

Signed-off-by: Clemens Lang <cllang@redhat.com>
Reviewed-by: Jakub Jelen <jjelen@redhat.com>
2024-01-26 14:49:01 +01:00
2539d72b7c Add support for PKCS#11 provider in OpenSSL 3.0
The engine API in OpenSSL 3.0 is deprecated so we are in the progress of working
on a PKCS#11 provider for OpenSSL. This commit introduces a conditional build
with the pkcs11-provider support (instead of engines) with all the changes
required for the provider to work with existing code and tests.

The CI modification is only temporary before we will have the real package in
Fedora or somewhere to use.

Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>
Reviewed-by: Norbert Pocs <npocs@redhat.com>
2023-03-01 11:35:28 +01:00
b231562858 tests: Use assert_return_code instead of assert_true
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Norbert Pocs <npocs@redhat.com>
2023-01-25 16:53:19 +01:00
bb9c3245c4 tests: Avoid needless free and fix formatting
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Norbert Pocs <npocs@redhat.com>
2023-01-25 16:53:19 +01:00
aeb60fcf28 tests: Refactor the PKCS#11 URI tests
This avoids a lot of long and hard to read constants by replacing them with
dynamic snprintf()s and a bit or reformatting

Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Norbert Pocs <npocs@redhat.com>
2023-01-25 16:53:19 +01:00
a81e78aff4 pki: Rework handling of EVP_PKEYs in OpenSSL backend
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
Reviewed-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>
2022-08-25 14:43:31 +02:00
bc0c027ac0 tests: Prevent memory leaks from test
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
Reviewed-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>
2022-08-25 14:43:31 +02:00
b6a4330fe4 Change include order in unittest files
The tests are compiled without -D_GNU_SOURCE, therefore
the XSI version of strerror_r is used. Defining
_GNU_SOURCE in torture.h then including *.c gives error
because it is assuming GNU version of strerror_r in
the source file.

Signed-off-by: Norbert Pocs <npocs@redhat.com>
Reviewed-by: Jakub Jelen <jjelen@redhat.com>
2022-07-04 11:55:40 +02:00
4e4711d2fb unittests: updates torture_pki_ecdsa_uri test by adding negative test cases to ensure there is no crash when
ssh_pki_export_pubkey_blob() is incorrectly used to export ecdsa pubkeys from privkeys
           when pubkeys are not imported into pkcs #11 tokens.

Signed-off-by: Sahana Prasad <sahana@redhat.com>
Reviewed-by: Jakub Jelen <jjelen@redhat.com>
2020-05-20 12:49:29 +02:00
7eb6c7ee6c tests/torture.c: update the definition of torture_setup_tokens() to take load_public as an option that
determines if public keys must be loaded in pkcs #11 tokens or not.
tests:           Adds the load_public parameter in all files where torture_setup_tokens() was used.

Signed-off-by: Sahana Prasad <sahana@redhat.com>
Reviewed-by: Jakub Jelen <jjelen@redhat.com>
2020-05-20 12:49:29 +02:00
844f92efea unittests: Removes extra empty lines.
Signed-off-by: Sahana Prasad <sahana@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
Reviewed-by: Jakub Jelen <jjelen@redhat.com>
2020-01-23 09:19:07 +01:00
fa95fe3e1b unittests: Adds unitests for ecdsa and rsa with PKCS11 URIs.
Signed-off-by: Sahana Prasad <sahana@redhat.com>
Reviewed-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2019-12-20 16:18:31 +01:00