build: fix make distcheck regressions

- add #included C files to `EXTRA_DIST`.

  Regression from 4f0f4bff5a

- fix `tests/sshd_fixture.sh` to not write into the test dir, by using
  a pre-assembled `TrustedUserCAKeys` file. Update `Dockerfile` too to
  use this.

  Regression from a459a25302

Also update `tests/sshd_fixture.sh` to use
`openssh_server/authorized_keys` like `Dockerfile` does. And a few more
cosmetic updates.

Closes #1006

src/Makefile.am

@@ -1,6 +1,6 @@
 AUTOMAKE_OPTIONS = foreign nostdinc
 
-# Get the CSOURCES and HHEADERS defines
+# Get the CSOURCES, HHEADERS and EXTRA_DIST_SOURCES defines
 include Makefile.inc
 
 libssh2_la_SOURCES = $(CSOURCES) $(HHEADERS)
@@ -8,7 +8,8 @@ if HAVE_WINDRES
 libssh2_la_SOURCES += libssh2.rc
 endif
 
-EXTRA_DIST = libssh2_config.h.in libssh2_config_cmake.h.in CMakeLists.txt
+EXTRA_DIST = $(EXTRA_DIST_SOURCES) \
+  libssh2_config.h.in libssh2_config_cmake.h.in CMakeLists.txt
 
 lib_LTLIBRARIES = libssh2.la
 

src/Makefile.inc

@@ -44,3 +44,11 @@ HHEADERS =              \
   userauth.h            \
   userauth_kbd_packet.h \
   wincng.h
+
+EXTRA_DIST_SOURCES =    \
+  blowfish.c            \
+  libgcrypt.c           \
+  mbedtls.c             \
+  openssl.c             \
+  os400qc3.c            \
+  wincng.c

tests/Makefile.am

@@ -113,6 +113,7 @@ EXTRA_DIST = \
   openssh_server/ca_ecdsa.pub \
   openssh_server/ca_rsa \
   openssh_server/ca_rsa.pub \
+  openssh_server/ca_user_keys.pub \
   openssh_server/ssh_host_ecdsa_key \
   openssh_server/ssh_host_ed25519_key \
   openssh_server/ssh_host_rsa_key \

tests/gen_keys.sh

@@ -1,4 +1,6 @@
-#!/bin/sh -e
+#!/bin/sh
+
+set -e
 
 # Generate test keys
 
@@ -47,7 +49,12 @@ cat \
   'key_ed25519.pub' \
   'key_ed25519_encrypted.pub' \
   'key_ecdsa.pub' \
-  > openssh_server/authorized_keys
+  > 'openssh_server/authorized_keys'
+
+cat \
+  'openssh_server/ca_ecdsa.pub' \
+  'openssh_server/ca_rsa.pub' \
+  > 'openssh_server/ca_user_keys.pub'
 
 # tests/test_*.c
 

tests/openssh_server/Dockerfile

@@ -46,6 +46,8 @@ RUN mkdir /var/run/sshd
 #
 # Copying to a temp location, then moving because chmodding the copied file has
 # no effect (Docker AUFS-related bug maybe?)
+
+# Host keys
 COPY ssh_host_rsa_key /tmp/etc/ssh/ssh_host_rsa_key
 RUN mv /tmp/etc/ssh/ssh_host_rsa_key /etc/ssh/ssh_host_rsa_key
 RUN chmod 600 /etc/ssh/ssh_host_rsa_key
@@ -58,30 +60,28 @@ COPY ssh_host_ed25519_key /tmp/etc/ssh/ssh_host_ed25519_key
 RUN mv /tmp/etc/ssh/ssh_host_ed25519_key /etc/ssh/ssh_host_ed25519_key
 RUN chmod 600 /etc/ssh/ssh_host_ed25519_key
 
-COPY ca_ecdsa.pub /tmp/etc/ssh/ca_ecdsa.pub
-RUN mv /tmp/etc/ssh/ca_ecdsa.pub /etc/ssh/ca_ecdsa.pub
-RUN cp /etc/ssh/ca_ecdsa.pub /etc/ssh/ca_main.pub
-RUN chmod 600 /etc/ssh/ca_main.pub
-
+# Trusted CA keys
 COPY ca_ecdsa /tmp/etc/ssh/ca_ecdsa
 RUN mv /tmp/etc/ssh/ca_ecdsa /etc/ssh/ca_ecdsa
 RUN chmod 600 /etc/ssh/ca_ecdsa
 
-COPY ca_rsa.pub /tmp/etc/ssh/ca_rsa.pub
-RUN mv /tmp/etc/ssh/ca_rsa.pub /etc/ssh/ca_rsa.pub
-RUN cat /etc/ssh/ca_rsa.pub >> /etc/ssh/ca_main.pub
-
 COPY ca_rsa /tmp/etc/ssh/ca_rsa
 RUN mv /tmp/etc/ssh/ca_rsa /etc/ssh/ca_rsa
 RUN chmod 600 /etc/ssh/ca_rsa
 
+COPY ca_user_keys.pub /tmp/etc/ssh/ca_user_keys.pub
+RUN cp /tmp/etc/ssh/ca_user_keys.pub /etc/ssh/ca_user_keys.pub
+RUN chmod 600 /etc/ssh/ca_user_keys.pub
+
+# User
 RUN adduser --disabled-password --gecos 'Test user for libssh2 integration tests' libssh2
 RUN echo 'libssh2:my test password' | chpasswd
 
+# Config
 RUN sed -i 's/KbdInteractiveAuthentication no/KbdInteractiveAuthentication yes/' /etc/ssh/sshd_config
 COPY sshd_config /tmp/etc/ssh/sshd_config
 RUN cat /tmp/etc/ssh/sshd_config >> /etc/ssh/sshd_config
-RUN echo "TrustedUserCAKeys /etc/ssh/ca_main.pub" >> /etc/ssh/sshd_config
+RUN echo "TrustedUserCAKeys /etc/ssh/ca_user_keys.pub" >> /etc/ssh/sshd_config
 
 
 # SSH login fix. Otherwise user is kicked off after login

tests/openssh_server/ca_user_keys.pub

@@ -0,0 +1,2 @@
+ecdsa-sha2-nistp521 AAAAE2VjZHNhLXNoYTItbmlzdHA1MjEAAAAIbmlzdHA1MjEAAACFBAB+/Xmz4bbGDnon5q50oAzgb2o5MWttlGjQJPC+Rv+get/3/ZFJapizH/SbmZgJlWV5ydmrBEcA6iVdtz9hvhwaOwAtSPdQOKuydhHtV75LCe6eSm9b8fdr3ywDexL4cKl3lFul9YKVIE4j0kQCU+1LUKsRDsSY7uGaUU4fZwvSp8cLJg== CA
+ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQDEiBsRlsihCg0nJGNqURhszCZw1FwZmDpkD64L6HFf2U/GFXFgDBtYJZ8zdgua+RA9F/QNhq14OUemJX39HggAox/Acwg1vKPm6WPYAb3DMyzXT4ws32SbFd5ld/sQrqJUeMxaFLu1f02eY0UttQe4+nMjoM4Me98Qho7TzgpDIgn9nls42Sjt6KM9muqTBIVv4USwi9IsFn+54e0CEjfgiFyU8/8bH6vp1rtMPA6m4vuidyt2pP7PHFnUnikQGsaG4ldO/D/G0FFtMqPXeC1wQXI5RHnRns9TiI6Ep3r3h64ZI5iBYZeG16Fk+nuGvtp+WLWE5m01vfEHc5o+p09j+Ni1mQ5pmUq3AOM/MZMh+eCkTstnCyng/bHEZTIKQi1nnu694Mcq8W1v34wgMyBN3bvE65NhjIdLubnHvDgzVn127wjPEdeVD9ShtACxNS4a6xJCWg6llHVyzezqnj68umXre02MsXLbFikV/fEvUOXUp/rDeo+LJizk2bHAlyk= ca_rsa

tests/sshd_fixture.sh

@@ -20,17 +20,12 @@ SSHD="${SSHD:-/usr/sbin/sshd}"
 # for our test clients:
 [ -z "${PRIVKEY}" ] && export PRIVKEY="${d}/key_rsa"
 [ -z "${PUBKEY}" ]  && export PUBKEY="${d}/key_rsa.pub"
-cakeys="${d}/ca_main.pub"
+cakeys="${d}/openssh_server/ca_user_keys.pub"
 
 if [ -n "${DEBUG}" ]; then
   libssh2_sshd_params="-d -d"
 fi
 
-cat \
-  "${d}/openssh_server/ca_ecdsa.pub" \
-  "${d}/openssh_server/ca_rsa.pub" \
-  > "${cakeys}"
-
 chmod go-rwx \
   "${d}"/openssh_server/ssh_host_* \
   "${cakeys}"
@@ -44,7 +39,7 @@ export OPENSSH_NO_DOCKER=1
   -h "${d}/openssh_server/ssh_host_rsa_key" \
   -h "${d}/openssh_server/ssh_host_ecdsa_key" \
   -h "${d}/openssh_server/ssh_host_ed25519_key" \
-  -o "AuthorizedKeysFile ${PUBKEY} ${d}/key_dsa.pub ${d}/key_rsa.pub ${d}/key_rsa_encrypted.pub ${d}/key_rsa_openssh.pub ${d}/key_ed25519.pub ${d}/key_ed25519_encrypted.pub ${d}/key_ecdsa.pub" \
+  -o "AuthorizedKeysFile ${PUBKEY} ${d}/openssh_server/authorized_keys" \
   -o "TrustedUserCAKeys ${cakeys}" \
   -D \
   ${libssh2_sshd_params} &
@@ -65,8 +60,6 @@ eval "${cmd}"
 ec=$?
 : "Self-test exit code ${ec}"
 
-rm -f "${cakeys}"
-
 : "killing sshd (${sshdpid})"
 kill "${sshdpid}" > /dev/null 2>&1
 trap '' EXIT