tests: build improvements and more

- rename tests to have more succint names and a more useful natural
  order.

- rename `simple` and `ssh2` in tests to have the `test_` prefix.

  This avoids a name collisions with `ssh2` in examples.

- cmake: drop the `example-` prefix for generated examples.

  Bringing their names in sync with other build tools, like autotools.

- move common auth test code into the fixture and simplify tests by
  using that.

- move feature guards from CMake to preprocessor for auth tests.

  Now it works with all build tools and it's easier to keep it in sync
  with the lib itself.

  For this we need to include `libssh2_priv.h` in tests, which in turn
  needs tweaking on the trick we use to suppress extra MSVS warnings
  when building tests and examples.

- move mbedTLS blocklist for crypto tests from CMake to the test
  fixture.

- add ed25519 hostkey tests to `test_hostkey` and `test_hostkey_hash`.

- add shell script to regenerate all test keys used for our tests.

- alpha-sort tests.

- rename `signed_*` keys to begin with `key` like the rest of the keys
  do.

- whitespace fixes.

Closes #969

example/CMakeLists.txt

@@ -45,11 +45,11 @@ include(${CMAKE_CURRENT_BINARY_DIR}/Makefile.am.cmake)
 set(EXAMPLES ${noinst_PROGRAMS})
 
 foreach(example ${EXAMPLES})
-  add_executable(example-${example} ${example}.c)
-  list(APPEND EXAMPLE_TARGETS example-${example})
+  add_executable(${example} ${example}.c)
+  list(APPEND EXAMPLE_TARGETS ${example})
   # to find generated header
-  target_include_directories(example-${example} PRIVATE ${CMAKE_CURRENT_BINARY_DIR}/../src ../src)
-  target_link_libraries(example-${example} ${LIB_STATIC} ${LIBRARIES})
+  target_include_directories(${example} PRIVATE ${CMAKE_CURRENT_BINARY_DIR}/../src ../src)
+  target_link_libraries(${example} ${LIB_STATIC} ${LIBRARIES})
 endforeach()
 
 add_target_to_copy_dependencies(

src/libssh2_setup.h

@@ -73,7 +73,8 @@
 # ifndef _CRT_SECURE_NO_WARNINGS
 # define _CRT_SECURE_NO_WARNINGS  /* for fopen(), getenv() */
 # endif
-# ifndef LIBSSH2_LIBRARY  /* apply to examples and tests only */
+# if !defined(LIBSSH2_LIBRARY) || defined(LIBSSH2_TESTS)
+   /* apply to examples and tests only */
 #  ifndef _CRT_NONSTDC_NO_DEPRECATE
 #  define _CRT_NONSTDC_NO_DEPRECATE  /* for strdup(), write() */
 #  endif

tests/CMakeLists.txt

@@ -39,60 +39,6 @@ list(APPEND LIBRARIES ${SOCKET_LIBRARIES})
 
 add_definitions(-DHAVE_CONFIG_H)
 
-set(TESTS
-  simple
-  ssh2
-  test_warmup    # keep this the first test
-  test_hostkey
-  test_hostkey_hash
-  test_password_auth_succeeds_with_correct_credentials
-  test_password_auth_fails_with_wrong_password
-  test_password_auth_fails_with_wrong_username
-  test_public_key_auth_fails_with_wrong_key
-  test_public_key_auth_succeeds_with_correct_rsa_key
-  test_public_key_auth_succeeds_with_correct_encrypted_rsa_key
-  test_keyboard_interactive_auth_fails_with_wrong_response
-  test_keyboard_interactive_auth_succeeds_with_correct_response
-  test_keyboard_interactive_auth_info_request
-  test_agent_forward_succeeds
-  test_read
-)
-
-if(CRYPTO_BACKEND STREQUAL "OpenSSL" OR CRYPTO_BACKEND STREQUAL "wolfSSL")
-  list(APPEND TESTS
-    test_public_key_auth_succeeds_with_correct_rsa_openssh_key
-  )
-  if(OPENSSL_VERSION VERSION_GREATER "1.1.0" OR CRYPTO_BACKEND STREQUAL "wolfSSL")
-    list(APPEND TESTS
-      test_public_key_auth_succeeds_with_correct_ed25519_key
-      test_public_key_auth_succeeds_with_correct_encrypted_ed25519_key
-      test_public_key_auth_succeeds_with_correct_ed25519_key_from_mem
-      test_public_key_auth_succeeds_with_correct_ecdsa_key
-      test_public_key_auth_succeeds_with_correct_signed_ecdsa_key
-      test_public_key_auth_succeeds_with_correct_signed_rsa_key
-    )
-  endif()
-endif()
-
-if(NOT CRYPTO_BACKEND STREQUAL "mbedTLS")
-  list(APPEND TESTS
-    test_public_key_auth_succeeds_with_correct_dsa_key
-  )
-endif()
-
-add_library(runner STATIC runner.h runner.c openssh_fixture.h openssh_fixture.c session_fixture.h session_fixture.c)
-target_include_directories(runner PRIVATE "${CMAKE_CURRENT_BINARY_DIR}/../src" ../src ../include)
-target_compile_definitions(runner PRIVATE FIXTURE_WORKDIR="${CMAKE_CURRENT_SOURCE_DIR}")
-
-# test building against shared libssh2 lib
-if(BUILD_SHARED_LIBS)
-  foreach(test ssh2)
-    add_executable(${test}_shared ${test}.c)
-    target_include_directories(${test}_shared PRIVATE "${CMAKE_CURRENT_BINARY_DIR}/../src" ../src)
-    target_link_libraries(${test}_shared ${LIB_SHARED} ${LIBRARIES})
-  endforeach()
-endif()
-
 if(CMAKE_COMPILER_IS_GNUCC)
   find_program(GCOV_PATH gcov)
   if(GCOV_PATH)
@@ -103,20 +49,61 @@ if(CMAKE_COMPILER_IS_GNUCC)
   endif()
 endif()
 
+set(TESTS
+  test_aa_warmup  # keep this first
+  test_agent_forward_ok
+  test_auth_keyboard_fail
+  test_auth_keyboard_info_request
+  test_auth_keyboard_ok
+  test_auth_password_fail_password
+  test_auth_password_fail_username
+  test_auth_password_ok
+  test_auth_pubkey_fail
+  test_auth_pubkey_ok_dsa
+  test_auth_pubkey_ok_ecdsa
+  test_auth_pubkey_ok_ecdsa_signed
+  test_auth_pubkey_ok_ed25519
+  test_auth_pubkey_ok_ed25519_encrypted
+  test_auth_pubkey_ok_ed25519_mem
+  test_auth_pubkey_ok_rsa
+  test_auth_pubkey_ok_rsa_encrypted
+  test_auth_pubkey_ok_rsa_openssh
+  test_auth_pubkey_ok_rsa_signed
+  test_hostkey
+  test_hostkey_hash
+  test_read
+  test_simple
+  test_ssh2
+)
+
+add_library(runner STATIC runner.h runner.c openssh_fixture.h openssh_fixture.c session_fixture.h session_fixture.c)
+target_compile_definitions(runner PRIVATE "${CRYPTO_BACKEND_DEFINE}")
+target_include_directories(runner PRIVATE "${CMAKE_CURRENT_BINARY_DIR}/../src" ../src ../include "${CRYPTO_BACKEND_INCLUDE_DIR}")
+target_compile_definitions(runner PRIVATE FIXTURE_WORKDIR="${CMAKE_CURRENT_SOURCE_DIR}")
+
+# test building against shared libssh2 lib
+if(BUILD_SHARED_LIBS)
+  foreach(test test_ssh2)
+    add_executable(${test}_shared ${test}.c)
+    target_include_directories(${test}_shared PRIVATE "${CMAKE_CURRENT_BINARY_DIR}/../src" ../src)
+    target_link_libraries(${test}_shared ${LIB_SHARED} ${LIBRARIES})
+  endforeach()
+endif()
+
 foreach(test ${TESTS})
   add_executable(${test} ${test}.c)
   target_compile_definitions(${test} PRIVATE "${CRYPTO_BACKEND_DEFINE}")
   target_include_directories(${test} PRIVATE "${CMAKE_CURRENT_BINARY_DIR}/../src" ../src "${CRYPTO_BACKEND_INCLUDE_DIR}")
 
   # build a single test with gcov
-  if(GCOV_PATH AND test STREQUAL test_keyboard_interactive_auth_info_request)
+  if(GCOV_PATH AND test STREQUAL test_auth_keyboard_info_request)
     target_compile_options(${test} BEFORE PRIVATE ${GCOV_OPTIONS})
     target_link_libraries(${test} runner ${LIB_STATIC} ${LIBRARIES} gcov)
   else()
     target_link_libraries(${test} runner ${LIB_STATIC} ${LIBRARIES})
   endif()
 
-  if(test MATCHES "^test_")
+  if(NOT test STREQUAL "test_ssh2")  # skip test that needs ssh2.sh to run
     list(APPEND TEST_TARGETS ${test})
     add_test(
       NAME ${test} COMMAND $<TARGET_FILE:${test}>
@@ -138,24 +125,16 @@ foreach(test
 endforeach()
 
 # CRYPT tests
-set(TESTS
-  aes128-ctr
-  aes192-ctr
-  aes256-ctr
-)
-# Due to a bug with mbedTLS support, these crypt methods fail. Until that bug
-# is fixed, don't run them there to avoid this known issue causing red tests.
-# See https://github.com/libssh2/libssh2/issues/793
-if(NOT CRYPTO_BACKEND STREQUAL "mbedTLS")
-  list(APPEND TESTS
+foreach(test
   3des-cbc
   aes128-cbc
+  aes128-ctr
   aes192-cbc
+  aes192-ctr
   aes256-cbc
+  aes256-ctr
   rijndael-cbc@lysator.liu.se
-  )
-endif()
-foreach(test ${TESTS})
+)
   add_test(NAME test_${test} COMMAND "$<TARGET_FILE:test_read>")
   set_tests_properties(test_${test} PROPERTIES ENVIRONMENT "FIXTURE_TEST_CRYPT=${test}")
 endforeach()

tests/Makefile.am

@@ -2,37 +2,37 @@ SUBDIRS = ossfuzz
 
 AM_CPPFLAGS = -I$(top_builddir)/src -I$(top_srcdir)/src -I$(top_srcdir)/include
 
-ctests = simple$(EXEEXT)
+ctests = test_simple$(EXEEXT)
 TESTS = $(ctests) mansyntax.sh
 check_PROGRAMS = $(ctests)
 
 if SSHD
 TESTS += ssh2.sh
-check_PROGRAMS += ssh2
+check_PROGRAMS += test_ssh2
 endif
 
 INTEGRATION_TESTS = \
-  test_warmup \
-  test_agent_forward_succeeds \
+  test_aa_warmup \
+  test_agent_forward_ok \
+  test_auth_keyboard_fail \
+  test_auth_keyboard_info_request \
+  test_auth_keyboard_ok \
+  test_auth_password_fail_password \
+  test_auth_password_fail_username \
+  test_auth_password_ok \
+  test_auth_pubkey_fail \
+  test_auth_pubkey_ok_dsa \
+  test_auth_pubkey_ok_ecdsa \
+  test_auth_pubkey_ok_ecdsa_signed \
+  test_auth_pubkey_ok_ed25519 \
+  test_auth_pubkey_ok_ed25519_encrypted \
+  test_auth_pubkey_ok_ed25519_mem \
+  test_auth_pubkey_ok_rsa \
+  test_auth_pubkey_ok_rsa_encrypted \
+  test_auth_pubkey_ok_rsa_openssh \
+  test_auth_pubkey_ok_rsa_signed \
   test_hostkey \
   test_hostkey_hash \
-  test_keyboard_interactive_auth_fails_with_wrong_response \
-  test_keyboard_interactive_auth_info_request \
-  test_keyboard_interactive_auth_succeeds_with_correct_response \
-  test_password_auth_fails_with_wrong_password \
-  test_password_auth_fails_with_wrong_username \
-  test_password_auth_succeeds_with_correct_credentials \
-  test_public_key_auth_fails_with_wrong_key \
-  test_public_key_auth_succeeds_with_correct_dsa_key \
-  test_public_key_auth_succeeds_with_correct_ecdsa_key \
-  test_public_key_auth_succeeds_with_correct_ed25519_key \
-  test_public_key_auth_succeeds_with_correct_ed25519_key_from_mem \
-  test_public_key_auth_succeeds_with_correct_encrypted_ed25519_key \
-  test_public_key_auth_succeeds_with_correct_encrypted_rsa_key \
-  test_public_key_auth_succeeds_with_correct_rsa_key \
-  test_public_key_auth_succeeds_with_correct_rsa_openssh_key \
-  test_public_key_auth_succeeds_with_correct_signed_ecdsa_key \
-  test_public_key_auth_succeeds_with_correct_signed_rsa_key \
   test_read
 
 # Integration tests using Docker
@@ -48,7 +48,7 @@ check_LTLIBRARIES = librunner.la
 
 # This program uses an internal libssh2 function so it needs to be statically
 # linked against libssh2
-test_keyboard_interactive_auth_info_request_LDFLAGS = -static
+test_auth_keyboard_info_request_LDFLAGS = -static
 
 # This must be last in the list so it resolves symbols in previous libraries
 LDADD += ../src/libssh2.la
@@ -69,12 +69,9 @@ EXTRA_DIST = \
   key_dsa_wrong.pub \
   key_ecdsa \
   key_ecdsa.pub \
-  signed_key_ecdsa \
-  signed_key_ecdsa.pub \
-  signed_key_ecdsa-cert.pub \
-  signed_key_rsa \
-  signed_key_rsa-cert.pub \
-  signed_key_rsa.pub \
+  key_ecdsa_signed \
+  key_ecdsa_signed-cert.pub \
+  key_ecdsa_signed.pub \
   key_ed25519 \
   key_ed25519.pub \
   key_ed25519_encrypted \
@@ -85,6 +82,9 @@ EXTRA_DIST = \
   key_rsa_encrypted.pub \
   key_rsa_openssh \
   key_rsa_openssh.pub \
+  key_rsa_signed \
+  key_rsa_signed-cert.pub \
+  key_rsa_signed.pub \
   mansyntax.sh \
   openssh_server/Dockerfile \
   openssh_server/authorized_keys \
@@ -95,9 +95,9 @@ EXTRA_DIST = \
   openssh_server/ssh_host_ecdsa_key \
   openssh_server/ssh_host_ed25519_key \
   openssh_server/ssh_host_rsa_key \
-  simple.c \
+  test_simple.c \
   sshdwrap \
-  ssh2.c \
+  test_ssh2.c \
   ssh2.sh \
   sshd_fixture.sh.in \
   test_read_3des-cbc \

tests/gen_keys.sh

@@ -0,0 +1,74 @@
+#!/bin/sh -e
+
+# Generate test keys
+
+# tests/openssh_server
+
+rm ./openssh_server/*_key || true
+
+ssh-keygen -t rsa     -b 2048 -N ''          -m PEM -C ''                        -f 'openssh_server/ssh_host_rsa_key'
+ssh-keygen -t ecdsa   -b  256 -N ''          -m PEM -C ''                        -f 'openssh_server/ssh_host_ecdsa_key'
+ssh-keygen -t ed25519         -N ''                 -C ''                        -f 'openssh_server/ssh_host_ed25519_key'
+
+rm ./openssh_server/ca_* || true
+
+ssh-keygen -t ecdsa   -b  521 -N ''                 -C 'ca_ecdsa'                -f 'openssh_server/ca_ecdsa'
+ssh-keygen -t rsa     -b 3072 -N ''                 -C 'ca_rsa'                  -f 'openssh_server/ca_rsa'
+
+# tests
+
+rm './key_'* || true
+
+pw='libssh2'
+id='identity'
+pr='libssh2'
+
+ssh-keygen -t dsa             -N ''          -m PEM -C 'key_dsa'                 -f 'key_dsa'
+ssh-keygen -t dsa             -N ''          -m PEM -C 'key_dsa_wrong'           -f 'key_dsa_wrong'  # FIXME?
+
+ssh-keygen -t rsa     -b 2048 -N ''          -m PEM -C 'key_rsa'                 -f 'key_rsa'
+ssh-keygen -t rsa     -b 2048 -N "${pw}"     -m PEM -C 'key_rsa_encrypted'       -f 'key_rsa_encrypted'
+ssh-keygen -t rsa     -b 2048 -N ''                 -C 'key_rsa_openssh'         -f 'key_rsa_openssh'
+ssh-keygen -t rsa     -b 4096 -N ''                 -C 'key_rsa_signed'          -f 'key_rsa_signed'
+                   ssh-keygen -I "${id}" -n "${pr}" -s 'openssh_server/ca_rsa'      'key_rsa_signed.pub'
+
+ssh-keygen -t ecdsa   -b  384 -N ''                 -C 'key_ecdsa'               -f 'key_ecdsa'
+ssh-keygen -t ecdsa   -b  384 -N ''                 -C 'key_ecdsa_signed'        -f 'key_ecdsa_signed'
+                   ssh-keygen -I "${id}" -n "${pr}" -s 'openssh_server/ca_ecdsa'    'key_ecdsa_signed.pub'
+
+ssh-keygen -t ed25519         -N ''                 -C 'key_ed25519'             -f 'key_ed25519'
+ssh-keygen -t ed25519         -N "${pw}"            -C 'key_ed25519_encrypted'   -f 'key_ed25519_encrypted'
+
+cat \
+  'key_dsa.pub' \
+  'key_rsa.pub' \
+  'key_rsa_encrypted.pub' \
+  'key_rsa_openssh.pub' \
+  'key_ecdsa.pub' \
+  'key_ed25519.pub' \
+  'key_ed25519_encrypted.pub' \
+  > openssh_server/authorized_keys
+
+# tests/etc
+
+rm etc/host* etc/user* || true
+
+ssh-keygen -t rsa     -b 2048 -N ''           -m PEM -C 'etc_host_rsa'           -f 'etc/host'
+ssh-keygen -t rsa     -b 2048 -N ''           -m PEM -C 'etc_user_rsa'           -f 'etc/user'
+
+# tests/test_*.c
+
+echo 'Add these public keys and hashes to:'
+echo ' - test_hostkey.c'
+echo ' - test_hostkey_hash.c'
+
+for fn in ./openssh_server/*_key.pub; do
+  pub="$(grep -a -o -E ' [A-Za-z0-9+/=]+' < "${fn}" | head -1 | cut -c 2-)"
+  printf '====== %s\n' "${fn}"
+  printf 'BASE64 %s\n' "${pub}"
+  {
+    printf 'MD5    %s\n' "$(printf '%s' "${pub}" | openssl base64 -d -A | openssl dgst -hex -md5)"
+    printf 'SHA1   %s\n' "$(printf '%s' "${pub}" | openssl base64 -d -A | openssl dgst -hex -sha1)"
+    printf 'SHA256 %s\n' "$(printf '%s' "${pub}" | openssl base64 -d -A | openssl dgst -hex -sha256)"
+  } | tr '[:lower:]' '[:upper:]'
+done

tests/key_ecdsa_signed-cert.pub

@@ -1 +1 @@
-ecdsa-sha2-nistp384-cert-v01@openssh.com AAAAKGVjZHNhLXNoYTItbmlzdHAzODQtY2VydC12MDFAb3BlbnNzaC5jb20AAAAgQCXc1JaqZ4XzkudbzP/pgEUbkioo7pl9aB09h6sg7KYAAAAIbmlzdHAzODQAAABhBG/X9+c3VK4iSDbbaNifJKognzwnkzdsHokZ6WgqEi+dl085JUW4UGO4Xs0+sauybztCy1AVsOIuEiVwM0cirRWFLmK0c0yO0LpiZFHHuaVBJc9tFEXkxyXG8MkIzIAhqAAAAAAAAAABAAAAAQAAAAhpZGVudGl0eQAAAAsAAAAHbGlic3NoMgAAAAAAAAAA//////////8AAAAAAAAAggAAABVwZXJtaXQtWDExLWZvcndhcmRpbmcAAAAAAAAAF3Blcm1pdC1hZ2VudC1mb3J3YXJkaW5nAAAAAAAAABZwZXJtaXQtcG9ydC1mb3J3YXJkaW5nAAAAAAAAAApwZXJtaXQtcHR5AAAAAAAAAA5wZXJtaXQtdXNlci1yYwAAAAAAAAAAAAAArAAAABNlY2RzYS1zaGEyLW5pc3RwNTIxAAAACG5pc3RwNTIxAAAAhQQAfv15s+G2xg56J+audKAM4G9qOTFrbZRo0CTwvkb/oHrf9/2RSWqYsx/0m5mYCZVlecnZqwRHAOolXbc/Yb4cGjsALUj3UDirsnYR7Ve+SwnunkpvW/H3a98sA3sS+HCpd5RbpfWClSBOI9JEAlPtS1CrEQ7EmO7hmlFOH2cL0qfHCyYAAACnAAAAE2VjZHNhLXNoYTItbmlzdHA1MjEAAACMAAAAQgGxnhh8z8LNk5pMw0D9InyEtVRm8OJi23XEhqj/ieT/BsLZXbu65UAcMjrUn6DPdERxF9Dwe9pdIAWOLLjLHYEFBQAAAEIAlxz+XjUKa9Q2vpH0y8IgJMm0H1hTBUM1DQEoL8No1BVtgtIO20mac2fE3I35JxNDmmXoW+FuzmJnyrY9rxY+YXM= ./signed_key_ecdsa.pub
+ecdsa-sha2-nistp384-cert-v01@openssh.com AAAAKGVjZHNhLXNoYTItbmlzdHAzODQtY2VydC12MDFAb3BlbnNzaC5jb20AAAAgQCXc1JaqZ4XzkudbzP/pgEUbkioo7pl9aB09h6sg7KYAAAAIbmlzdHAzODQAAABhBG/X9+c3VK4iSDbbaNifJKognzwnkzdsHokZ6WgqEi+dl085JUW4UGO4Xs0+sauybztCy1AVsOIuEiVwM0cirRWFLmK0c0yO0LpiZFHHuaVBJc9tFEXkxyXG8MkIzIAhqAAAAAAAAAABAAAAAQAAAAhpZGVudGl0eQAAAAsAAAAHbGlic3NoMgAAAAAAAAAA//////////8AAAAAAAAAggAAABVwZXJtaXQtWDExLWZvcndhcmRpbmcAAAAAAAAAF3Blcm1pdC1hZ2VudC1mb3J3YXJkaW5nAAAAAAAAABZwZXJtaXQtcG9ydC1mb3J3YXJkaW5nAAAAAAAAAApwZXJtaXQtcHR5AAAAAAAAAA5wZXJtaXQtdXNlci1yYwAAAAAAAAAAAAAArAAAABNlY2RzYS1zaGEyLW5pc3RwNTIxAAAACG5pc3RwNTIxAAAAhQQAfv15s+G2xg56J+audKAM4G9qOTFrbZRo0CTwvkb/oHrf9/2RSWqYsx/0m5mYCZVlecnZqwRHAOolXbc/Yb4cGjsALUj3UDirsnYR7Ve+SwnunkpvW/H3a98sA3sS+HCpd5RbpfWClSBOI9JEAlPtS1CrEQ7EmO7hmlFOH2cL0qfHCyYAAACnAAAAE2VjZHNhLXNoYTItbmlzdHA1MjEAAACMAAAAQgGxnhh8z8LNk5pMw0D9InyEtVRm8OJi23XEhqj/ieT/BsLZXbu65UAcMjrUn6DPdERxF9Dwe9pdIAWOLLjLHYEFBQAAAEIAlxz+XjUKa9Q2vpH0y8IgJMm0H1hTBUM1DQEoL8No1BVtgtIO20mac2fE3I35JxNDmmXoW+FuzmJnyrY9rxY+YXM= key_ecdsa_signed.pub

tests/key_ecdsa_signed.pub

@@ -1 +1 @@
-ecdsa-sha2-nistp384 AAAAE2VjZHNhLXNoYTItbmlzdHAzODQAAAAIbmlzdHAzODQAAABhBG/X9+c3VK4iSDbbaNifJKognzwnkzdsHokZ6WgqEi+dl085JUW4UGO4Xs0+sauybztCy1AVsOIuEiVwM0cirRWFLmK0c0yO0LpiZFHHuaVBJc9tFEXkxyXG8MkIzIAhqA== 
+ecdsa-sha2-nistp384 AAAAE2VjZHNhLXNoYTItbmlzdHAzODQAAAAIbmlzdHAzODQAAABhBG/X9+c3VK4iSDbbaNifJKognzwnkzdsHokZ6WgqEi+dl085JUW4UGO4Xs0+sauybztCy1AVsOIuEiVwM0cirRWFLmK0c0yO0LpiZFHHuaVBJc9tFEXkxyXG8MkIzIAhqA== key_ecdsa_signed

tests/key_rsa_openssh.pub

@@ -1 +1 @@
-ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDTe1lN2L/yet0Ma1JzXkQf3t1f+pauALec2FsGZy87KRJW1AOxcTTiePjlFwP1yfSK1lWXQ+uf0b61gkKqqR52FDky24HJWuYlfXlEQMn2d/PNDNVDDbO4TXKyNxxUHFJ6qYMNd4kWjOH+6rmYoWKsWV+3mDRbHagbVPEYL8wep8OTqKOqruVLVPzZyYZkBtn4XOFi6UE8WKiSVdK1Am1O5UxvlD95t32eYch6wQ9azgMqja6spe/L5UJgP83QZFknVC3wPZWkjqomVFql0FpaQclENwyY/OZMxr0cT/f7bCL6s4A/1XpbsGmC0xak4/THHbOn+0LdIej2nGV8JFoR will@iCube.local
+ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDTe1lN2L/yet0Ma1JzXkQf3t1f+pauALec2FsGZy87KRJW1AOxcTTiePjlFwP1yfSK1lWXQ+uf0b61gkKqqR52FDky24HJWuYlfXlEQMn2d/PNDNVDDbO4TXKyNxxUHFJ6qYMNd4kWjOH+6rmYoWKsWV+3mDRbHagbVPEYL8wep8OTqKOqruVLVPzZyYZkBtn4XOFi6UE8WKiSVdK1Am1O5UxvlD95t32eYch6wQ9azgMqja6spe/L5UJgP83QZFknVC3wPZWkjqomVFql0FpaQclENwyY/OZMxr0cT/f7bCL6s4A/1XpbsGmC0xak4/THHbOn+0LdIej2nGV8JFoR

tests/key_rsa_signed-cert.pub

@@ -1 +1 @@
-ssh-rsa-cert-v01@openssh.com AAAAHHNzaC1yc2EtY2VydC12MDFAb3BlbnNzaC5jb20AAAAgqdnJWdHT2qMpEe6kVJ81q9c0U3ODMvcuWfJJkV8UVBoAAAADAQABAAACAQCwMtW6rz83hgCKqV1Xf2KPgtWA5pkVA3jY4CosgWsV8rjwSpq+AMmB1wzVdTT/zrEEyy2iLoIwiAXQ7wlpo1QQWklnChIdlbaxg+F0UullsYIYoExrL+9YMwRGwmd00yIe/POHlBCa10qeBWfdMmjt5ZDlakPVYwFjvK5lZ0UW1FM1ucqX5HoIPhVONfReZonCP+jwvin44IMaqtdaSy4k71Qq7RuRbMYeTzpNaxv2CbxubvY5E7wlDrT47e25Dn/XeoV2VEX9T87ZAMnwmeyDbKW2Dv48l4Zze3Y8veUojfH3NlA/F9+1PwdTlqKsf45E/VVLyTTtn1KJy2hLyuav8Qt6Wgew41G2F9alDJab11urcogRiHyI/oPo0c6Km1vieF7IfW72yE5TFTZtbzSNS+W0GCo1xh4TUx8bBNXHO4+mDFt2gNCgX+Hf64FlPqM0kaZSUtBVKrWSupgTbMSXfHbRV5NJvSdGpPUWeFD1ifxYcPhxwJlznTXVQumEglDueIMsnE8yKEYjREtuao8/r9+ORtqf9OPZsT9j+bwROevLFnKZkzfD9xYQyU2aMrRDuo8R6SD7SiI6tXRwlohdflXA6ng9RTNyqVROQDOJ94bGPD5b4Bbnm31s2GhhWjoByQGlkNW4BRDEJmgG9sE8ztAxl7d8CV2V93BOisaPkwAAAAAAAAABAAAAAQAAAAhpZGVudGl0eQAAAAsAAAAHbGlic3NoMgAAAAAAAAAA//////////8AAAAAAAAAggAAABVwZXJtaXQtWDExLWZvcndhcmRpbmcAAAAAAAAAF3Blcm1pdC1hZ2VudC1mb3J3YXJkaW5nAAAAAAAAABZwZXJtaXQtcG9ydC1mb3J3YXJkaW5nAAAAAAAAAApwZXJtaXQtcHR5AAAAAAAAAA5wZXJtaXQtdXNlci1yYwAAAAAAAAAAAAABlwAAAAdzc2gtcnNhAAAAAwEAAQAAAYEAxIgbEZbIoQoNJyRjalEYbMwmcNRcGZg6ZA+uC+hxX9lPxhVxYAwbWCWfM3YLmvkQPRf0DYateDlHpiV9/R4IAKMfwHMINbyj5ulj2AG9wzMs10+MLN9kmxXeZXf7EK6iVHjMWhS7tX9NnmNFLbUHuPpzI6DODHvfEIaO084KQyIJ/Z5bONko7eijPZrqkwSFb+FEsIvSLBZ/ueHtAhI34IhclPP/Gx+r6da7TDwOpuL7oncrdqT+zxxZ1J4pEBrGhuJXTvw/xtBRbTKj13gtcEFyOUR50Z7PU4iOhKd694euGSOYgWGXhtehZPp7hr7afli1hOZtNb3xB3OaPqdPY/jYtZkOaZlKtwDjPzGTIfngpE7LZwsp4P2xxGUyCkItZ57uveDHKvFtb9+MIDMgTd27xOuTYYyHS7m5x7w4M1Z9du8IzxHXlQ/UobQAsTUuGusSQloOpZR1cs3s6p4+vLpl63tNjLFy2xYpFf3xL1Dl1Kf6w3qPiyYs5NmxwJcpAAABlAAAAAxyc2Etc2hhMi01MTIAAAGAK6d2jj8qv89wqRuE2bUFKKJDH4aIs7PGzKclTjZFomlkGvjRF/bsdDeUgwWdJ98j2TPdUvsAMlQrDS1e0OrDicen6eHrFhirpQxVLsAxj/c56nLedvzpbA/BLh8cFcq1vUZ1QHb2WOgOqWRcRbH/3TZhlA+gJ46kKs3QEw9uYy6m906xGwCWRiBUetfll5hS1sWCbAP2LLnA/OJUbIK9vKynombePRApY3LuZ8Hr0JCGgeBnfsesFbWLN6Gb+jT0KR4ah7O39lqecmvdUOR5XcMaSp+sgPpdBr7CzA5lkZnoI/M2J7AV1P5SX/q7/khJMKHuKwAsYf5kNAQdnEnwrqNTp//+qIWe5KjAtc0N5UOF5aK0e1iNaBxSHZA08psRLCCUf3PW3zMIlphUF7qIrRfV+s5fUMW0iIS2iUqI8dTrD0OH0wU10ERKQPixNCqtxBSbJzOyhDWPkTNfBshS8zA2/OVfug0zuxaINpAnZaiCcMnyCjATuWtvWpad6yF9 signed_key_rsa
+ssh-rsa-cert-v01@openssh.com AAAAHHNzaC1yc2EtY2VydC12MDFAb3BlbnNzaC5jb20AAAAgqdnJWdHT2qMpEe6kVJ81q9c0U3ODMvcuWfJJkV8UVBoAAAADAQABAAACAQCwMtW6rz83hgCKqV1Xf2KPgtWA5pkVA3jY4CosgWsV8rjwSpq+AMmB1wzVdTT/zrEEyy2iLoIwiAXQ7wlpo1QQWklnChIdlbaxg+F0UullsYIYoExrL+9YMwRGwmd00yIe/POHlBCa10qeBWfdMmjt5ZDlakPVYwFjvK5lZ0UW1FM1ucqX5HoIPhVONfReZonCP+jwvin44IMaqtdaSy4k71Qq7RuRbMYeTzpNaxv2CbxubvY5E7wlDrT47e25Dn/XeoV2VEX9T87ZAMnwmeyDbKW2Dv48l4Zze3Y8veUojfH3NlA/F9+1PwdTlqKsf45E/VVLyTTtn1KJy2hLyuav8Qt6Wgew41G2F9alDJab11urcogRiHyI/oPo0c6Km1vieF7IfW72yE5TFTZtbzSNS+W0GCo1xh4TUx8bBNXHO4+mDFt2gNCgX+Hf64FlPqM0kaZSUtBVKrWSupgTbMSXfHbRV5NJvSdGpPUWeFD1ifxYcPhxwJlznTXVQumEglDueIMsnE8yKEYjREtuao8/r9+ORtqf9OPZsT9j+bwROevLFnKZkzfD9xYQyU2aMrRDuo8R6SD7SiI6tXRwlohdflXA6ng9RTNyqVROQDOJ94bGPD5b4Bbnm31s2GhhWjoByQGlkNW4BRDEJmgG9sE8ztAxl7d8CV2V93BOisaPkwAAAAAAAAABAAAAAQAAAAhpZGVudGl0eQAAAAsAAAAHbGlic3NoMgAAAAAAAAAA//////////8AAAAAAAAAggAAABVwZXJtaXQtWDExLWZvcndhcmRpbmcAAAAAAAAAF3Blcm1pdC1hZ2VudC1mb3J3YXJkaW5nAAAAAAAAABZwZXJtaXQtcG9ydC1mb3J3YXJkaW5nAAAAAAAAAApwZXJtaXQtcHR5AAAAAAAAAA5wZXJtaXQtdXNlci1yYwAAAAAAAAAAAAABlwAAAAdzc2gtcnNhAAAAAwEAAQAAAYEAxIgbEZbIoQoNJyRjalEYbMwmcNRcGZg6ZA+uC+hxX9lPxhVxYAwbWCWfM3YLmvkQPRf0DYateDlHpiV9/R4IAKMfwHMINbyj5ulj2AG9wzMs10+MLN9kmxXeZXf7EK6iVHjMWhS7tX9NnmNFLbUHuPpzI6DODHvfEIaO084KQyIJ/Z5bONko7eijPZrqkwSFb+FEsIvSLBZ/ueHtAhI34IhclPP/Gx+r6da7TDwOpuL7oncrdqT+zxxZ1J4pEBrGhuJXTvw/xtBRbTKj13gtcEFyOUR50Z7PU4iOhKd694euGSOYgWGXhtehZPp7hr7afli1hOZtNb3xB3OaPqdPY/jYtZkOaZlKtwDjPzGTIfngpE7LZwsp4P2xxGUyCkItZ57uveDHKvFtb9+MIDMgTd27xOuTYYyHS7m5x7w4M1Z9du8IzxHXlQ/UobQAsTUuGusSQloOpZR1cs3s6p4+vLpl63tNjLFy2xYpFf3xL1Dl1Kf6w3qPiyYs5NmxwJcpAAABlAAAAAxyc2Etc2hhMi01MTIAAAGAK6d2jj8qv89wqRuE2bUFKKJDH4aIs7PGzKclTjZFomlkGvjRF/bsdDeUgwWdJ98j2TPdUvsAMlQrDS1e0OrDicen6eHrFhirpQxVLsAxj/c56nLedvzpbA/BLh8cFcq1vUZ1QHb2WOgOqWRcRbH/3TZhlA+gJ46kKs3QEw9uYy6m906xGwCWRiBUetfll5hS1sWCbAP2LLnA/OJUbIK9vKynombePRApY3LuZ8Hr0JCGgeBnfsesFbWLN6Gb+jT0KR4ah7O39lqecmvdUOR5XcMaSp+sgPpdBr7CzA5lkZnoI/M2J7AV1P5SX/q7/khJMKHuKwAsYf5kNAQdnEnwrqNTp//+qIWe5KjAtc0N5UOF5aK0e1iNaBxSHZA08psRLCCUf3PW3zMIlphUF7qIrRfV+s5fUMW0iIS2iUqI8dTrD0OH0wU10ERKQPixNCqtxBSbJzOyhDWPkTNfBshS8zA2/OVfug0zuxaINpAnZaiCcMnyCjATuWtvWpad6yF9 key_rsa_signed

tests/key_rsa_signed.pub

@@ -1 +1 @@
-ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQCwMtW6rz83hgCKqV1Xf2KPgtWA5pkVA3jY4CosgWsV8rjwSpq+AMmB1wzVdTT/zrEEyy2iLoIwiAXQ7wlpo1QQWklnChIdlbaxg+F0UullsYIYoExrL+9YMwRGwmd00yIe/POHlBCa10qeBWfdMmjt5ZDlakPVYwFjvK5lZ0UW1FM1ucqX5HoIPhVONfReZonCP+jwvin44IMaqtdaSy4k71Qq7RuRbMYeTzpNaxv2CbxubvY5E7wlDrT47e25Dn/XeoV2VEX9T87ZAMnwmeyDbKW2Dv48l4Zze3Y8veUojfH3NlA/F9+1PwdTlqKsf45E/VVLyTTtn1KJy2hLyuav8Qt6Wgew41G2F9alDJab11urcogRiHyI/oPo0c6Km1vieF7IfW72yE5TFTZtbzSNS+W0GCo1xh4TUx8bBNXHO4+mDFt2gNCgX+Hf64FlPqM0kaZSUtBVKrWSupgTbMSXfHbRV5NJvSdGpPUWeFD1ifxYcPhxwJlznTXVQumEglDueIMsnE8yKEYjREtuao8/r9+ORtqf9OPZsT9j+bwROevLFnKZkzfD9xYQyU2aMrRDuo8R6SD7SiI6tXRwlohdflXA6ng9RTNyqVROQDOJ94bGPD5b4Bbnm31s2GhhWjoByQGlkNW4BRDEJmgG9sE8ztAxl7d8CV2V93BOisaPkw== signed_key_rsa
+ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQCwMtW6rz83hgCKqV1Xf2KPgtWA5pkVA3jY4CosgWsV8rjwSpq+AMmB1wzVdTT/zrEEyy2iLoIwiAXQ7wlpo1QQWklnChIdlbaxg+F0UullsYIYoExrL+9YMwRGwmd00yIe/POHlBCa10qeBWfdMmjt5ZDlakPVYwFjvK5lZ0UW1FM1ucqX5HoIPhVONfReZonCP+jwvin44IMaqtdaSy4k71Qq7RuRbMYeTzpNaxv2CbxubvY5E7wlDrT47e25Dn/XeoV2VEX9T87ZAMnwmeyDbKW2Dv48l4Zze3Y8veUojfH3NlA/F9+1PwdTlqKsf45E/VVLyTTtn1KJy2hLyuav8Qt6Wgew41G2F9alDJab11urcogRiHyI/oPo0c6Km1vieF7IfW72yE5TFTZtbzSNS+W0GCo1xh4TUx8bBNXHO4+mDFt2gNCgX+Hf64FlPqM0kaZSUtBVKrWSupgTbMSXfHbRV5NJvSdGpPUWeFD1ifxYcPhxwJlznTXVQumEglDueIMsnE8yKEYjREtuao8/r9+ORtqf9OPZsT9j+bwROevLFnKZkzfD9xYQyU2aMrRDuo8R6SD7SiI6tXRwlohdflXA6ng9RTNyqVROQDOJ94bGPD5b4Bbnm31s2GhhWjoByQGlkNW4BRDEJmgG9sE8ztAxl7d8CV2V93BOisaPkw== key_rsa_signed

tests/runner.c

@@ -40,10 +40,15 @@
 int main(void)
 {
     int exit_code = 1;
-    LIBSSH2_SESSION *session = start_session_fixture();
+    int skipped;
+    LIBSSH2_SESSION *session = start_session_fixture(&skipped);
     if(session) {
         exit_code = (test(session) == 0) ? 0 : 1;
     }
+    else if(skipped) {
+        fprintf(stderr, "Test skipped.\n");
+        exit_code = 0;
+    }
     stop_session_fixture();
     return exit_code;
 }

tests/session_fixture.c

@@ -99,10 +99,34 @@ static void setup_fixture_workdir(void)
     chdir(wd);
 }
 
-LIBSSH2_SESSION *start_session_fixture(void)
+LIBSSH2_SESSION *start_session_fixture(int *skipped)
 {
     int rc;
-    const char *env;
+
+    const char *crypt = getenv("FIXTURE_TEST_CRYPT");
+    const char *mac = getenv("FIXTURE_TEST_MAC");
+
+    *skipped = 0;
+
+    if(crypt) {
+#ifdef LIBSSH2_MBEDTLS
+        /* Due to a bug with mbedTLS support, these crypt methods fail.
+           Until that bug is fixed, don't run them there to avoid this
+           known issue causing red tests.
+           See: https://github.com/libssh2/libssh2/issues/793
+         */
+        if(strcmp(crypt, "3des-cbc") == 0 ||
+           strcmp(crypt, "aes128-cbc") == 0 ||
+           strcmp(crypt, "aes192-cbc") == 0 ||
+           strcmp(crypt, "aes256-cbc") == 0 ||
+           strcmp(crypt, "rijndael-cbc@lysator.liu.se") == 0) {
+            fprintf(stderr, "crypt algorithm (%s) skipped "
+                            "for this crypto backend.\n", crypt);
+            *skipped = 1;
+            return NULL;
+        }
+#endif
+    }
 
     setup_fixture_workdir();
 
@@ -126,26 +150,25 @@ LIBSSH2_SESSION *start_session_fixture(void)
     }
 
     /* Override crypt algorithm for the test */
-    env = getenv("FIXTURE_TEST_CRYPT");
-    if(env) {
+    if(crypt) {
         if(libssh2_session_method_pref(connected_session,
-                                       LIBSSH2_METHOD_CRYPT_CS, env) ||
+                                       LIBSSH2_METHOD_CRYPT_CS, crypt) ||
            libssh2_session_method_pref(connected_session,
-                                       LIBSSH2_METHOD_CRYPT_SC, env)) {
+                                       LIBSSH2_METHOD_CRYPT_SC, crypt)) {
             fprintf(stderr, "libssh2_session_method_pref CRYPT failed "
-                    "(probably disabled in the build): '%s'\n", env);
+                            "(probably disabled in the build): '%s'\n", crypt);
             return NULL;
         }
     }
+
     /* Override mac algorithm for the test */
-    env = getenv("FIXTURE_TEST_MAC");
-    if(env) {
+    if(mac) {
         if(libssh2_session_method_pref(connected_session,
-                                       LIBSSH2_METHOD_MAC_CS, env) ||
+                                       LIBSSH2_METHOD_MAC_CS, mac) ||
            libssh2_session_method_pref(connected_session,
-                                       LIBSSH2_METHOD_MAC_SC, env)) {
+                                       LIBSSH2_METHOD_MAC_SC, mac)) {
             fprintf(stderr, "libssh2_session_method_pref MAC failed "
-                    "(probably disabled in the build): '%s'\n", env);
+                            "(probably disabled in the build): '%s'\n", mac);
             return NULL;
         }
     }
@@ -169,7 +192,7 @@ void print_last_session_error(const char *function)
         fprintf(stderr, "%s failed (%d): %s\n", function, rc, message);
     }
     else {
-        fprintf(stderr, "No session");
+        fprintf(stderr, "No session\n");
     }
 }
 
@@ -182,7 +205,7 @@ void stop_session_fixture(void)
         connected_session = NULL;
     }
     else {
-        fprintf(stderr, "Cannot stop session - none started");
+        fprintf(stderr, "Cannot stop session - none started\n");
     }
 
     stop_openssh_fixture();
@@ -206,16 +229,244 @@ const char *srcdir_path(const char *file)
     assert(curpath < NUMPATHS);
     if(p) {
         /* Ensure the final string is nul-terminated on Windows */
-        filepath[curpath][sizeof(filepath[0])-1] = 0;
-        snprintf(filepath[curpath], sizeof(filepath[0])-1, "%s/%s",
+        filepath[curpath][sizeof(filepath[0]) - 1] = 0;
+        snprintf(filepath[curpath], sizeof(filepath[0]) - 1, "%s/%s",
                  p, file);
     }
     else {
         /* Ensure the final string is nul-terminated on Windows */
-        filepath[curpath][sizeof(filepath[0])-1] = 0;
-        snprintf(filepath[curpath], sizeof(filepath[0])-1, "%s",
+        filepath[curpath][sizeof(filepath[0]) - 1] = 0;
+        snprintf(filepath[curpath], sizeof(filepath[0]) - 1, "%s",
                  file);
     }
 
     return filepath[curpath++];
 }
+
+static const char *kbd_password;
+
+static void kbd_callback(const char *name, int name_len,
+                         const char *instruct, int instruct_len,
+                         int num_prompts,
+                         const LIBSSH2_USERAUTH_KBDINT_PROMPT *prompts,
+                         LIBSSH2_USERAUTH_KBDINT_RESPONSE *responses,
+                         void **abstract)
+{
+    int i;
+    (void)abstract;
+
+    fprintf(stdout, "Kb-int name: %.*s\n", name_len, name);
+    fprintf(stdout, "Kb-int instruction: %.*s\n", instruct_len, instruct);
+    for(i = 0; i < num_prompts; ++i) {
+        fprintf(stdout, "Kb-int prompt %d: %.*s\n", i,
+                (int)prompts[i].length, prompts[i].text);
+    }
+
+    if(num_prompts == 1) {
+        responses[0].text = strdup(kbd_password);
+        responses[0].length = (unsigned int)strlen(kbd_password);
+    }
+}
+
+int test_auth_keyboard(LIBSSH2_SESSION *session, int flags,
+                       const char *username,
+                       const char *password)
+{
+    int rc;
+
+    const char *userauth_list =
+        libssh2_userauth_list(session, username,
+                              (unsigned int)strlen(username));
+    if(!userauth_list) {
+        print_last_session_error("libssh2_userauth_list");
+        return 1;
+    }
+
+    if(!strstr(userauth_list, "keyboard-interactive")) {
+        fprintf(stderr,
+                "'keyboard-interactive' was expected in userauth list: %s\n",
+                userauth_list);
+        return 1;
+    }
+
+    kbd_password = password;
+
+    rc = libssh2_userauth_keyboard_interactive_ex(session, username,
+                                                (unsigned int)strlen(username),
+                                                  kbd_callback);
+
+    if((flags & TEST_AUTH_SHOULDFAIL) != 0) {
+        if(rc == 0) {
+            fprintf(stderr, "Keyboard-interactive auth succeeded "
+                            "with wrong response\n");
+            return 1;
+        }
+    }
+    else {
+        if(rc) {
+            print_last_session_error(
+                "libssh2_userauth_keyboard_interactive_ex");
+            return 1;
+        }
+    }
+
+    return 0;
+}
+
+int test_auth_password(LIBSSH2_SESSION *session, int flags,
+                       const char *username,
+                       const char *password)
+{
+    int rc;
+
+    const char *userauth_list =
+        libssh2_userauth_list(session, username,
+                              (unsigned int)strlen(username));
+    if(!userauth_list) {
+        print_last_session_error("libssh2_userauth_list");
+        return 1;
+    }
+
+    if(!strstr(userauth_list, "password")) {
+        fprintf(stderr, "'password' was expected in userauth list: %s\n",
+                userauth_list);
+        return 1;
+    }
+
+    rc = libssh2_userauth_password_ex(session, username,
+                                      (unsigned int)strlen(username),
+                                      password,
+                                      (unsigned int)strlen(password),
+                                      NULL);
+
+    if((flags & TEST_AUTH_SHOULDFAIL) != 0) {
+        if(rc == 0) {
+            fprintf(stderr, "Password auth succeeded with wrong password\n");
+            return 1;
+        }
+    }
+    else {
+        if(rc) {
+            print_last_session_error("libssh2_userauth_password_ex");
+            return 1;
+        }
+
+        if(libssh2_userauth_authenticated(session) == 0) {
+            fprintf(stderr, "Password auth appeared to succeed but "
+                            "libssh2_userauth_authenticated returned 0\n");
+            return 1;
+        }
+    }
+
+    return 0;
+}
+
+static int read_file(const char *path, char **out_buffer, size_t *out_len)
+{
+    FILE *fp = NULL;
+    char *buffer = NULL;
+    size_t len = 0;
+
+    if(!out_buffer || !out_len || !path) {
+        fprintf(stderr, "invalid params.\n");
+        return 1;
+    }
+
+    *out_buffer = NULL;
+    *out_len = 0;
+
+    fp = fopen(path, "r");
+
+    if(!fp) {
+        fprintf(stderr, "File could not be read: %s\n", path);
+        return 1;
+    }
+
+    fseek(fp, 0L, SEEK_END);
+    len = ftell(fp);
+    rewind(fp);
+
+    buffer = calloc(1, len + 1);
+    if(!buffer) {
+        fclose(fp);
+        fprintf(stderr, "Could not alloc memory.\n");
+        return 1;
+    }
+
+    if(1 != fread(buffer, len, 1, fp)) {
+        fclose(fp);
+        free(buffer);
+        fprintf(stderr, "Could not read file into memory.\n");
+        return 1;
+    }
+
+    fclose(fp);
+
+    *out_buffer = buffer;
+    *out_len = len;
+
+    return 0;
+}
+
+int test_auth_pubkey(LIBSSH2_SESSION *session, int flags,
+                     const char *username,
+                     const char *password,
+                     const char *fn_pub,
+                     const char *fn_priv)
+{
+    int rc;
+
+    const char *userauth_list =
+        libssh2_userauth_list(session, username,
+                              (unsigned int)strlen(username));
+    if(!userauth_list) {
+        print_last_session_error("libssh2_userauth_list");
+        return 1;
+    }
+
+    if(!strstr(userauth_list, "publickey")) {
+        fprintf(stderr, "'publickey' was expected in userauth list: %s\n",
+                userauth_list);
+        return 1;
+    }
+
+    if((flags & TEST_AUTH_FROMMEM) != 0) {
+        char *buffer = NULL;
+        size_t len = 0;
+
+        if(read_file(srcdir_path(fn_priv), &buffer, &len)) {
+            fprintf(stderr, "Reading key file failed.\n");
+            return 1;
+        }
+
+        rc = libssh2_userauth_publickey_frommemory(session,
+                                                   username, strlen(username),
+                                                   NULL, 0,
+                                                   buffer, len,
+                                                   NULL);
+
+        free(buffer);
+    }
+    else {
+        rc = libssh2_userauth_publickey_fromfile_ex(session, username,
+                                                (unsigned int)strlen(username),
+                                                    srcdir_path(fn_pub),
+                                                    srcdir_path(fn_priv),
+                                                    password);
+    }
+
+    if((flags & TEST_AUTH_SHOULDFAIL) != 0) {
+        if(rc == 0) {
+            fprintf(stderr, "Public-key auth succeeded with wrong key\n");
+            return 1;
+        }
+    }
+    else {
+        if(rc) {
+            print_last_session_error("libssh2_userauth_publickey_fromfile_ex");
+            return 1;
+        }
+    }
+
+    return 0;
+}

tests/session_fixture.h

@@ -38,16 +38,31 @@
 #ifndef LIBSSH2_TESTS_SESSION_FIXTURE_H
 #define LIBSSH2_TESTS_SESSION_FIXTURE_H
 
-#include "libssh2_setup.h"
+#define LIBSSH2_TESTS
+
+#include "libssh2_priv.h"
 #include <libssh2.h>
 
-#if defined(_MSC_VER) && _MSC_VER < 1900
-#define snprintf _snprintf
-#endif
-
-LIBSSH2_SESSION *start_session_fixture(void);
+LIBSSH2_SESSION *start_session_fixture(int *skipped);
 void stop_session_fixture(void);
 void print_last_session_error(const char *function);
 const char *srcdir_path(const char *file);
 
+#define TEST_AUTH_SHOULDFAIL  1
+#define TEST_AUTH_FROMMEM     2
+
+int test_auth_keyboard(LIBSSH2_SESSION *session, int flags,
+                       const char *username,
+                       const char *password);
+
+int test_auth_password(LIBSSH2_SESSION *session, int flags,
+                       const char *username,
+                       const char *password);
+
+int test_auth_pubkey(LIBSSH2_SESSION *session, int flags,
+                     const char *username,
+                     const char *password,
+                     const char *fn_pub,
+                     const char *fn_priv);
+
 #endif

tests/ssh2.sh

@@ -8,7 +8,7 @@
 srcdir="${srcdir:-$PWD}"
 SSHD="${SSHD:-/usr/sbin/sshd}"
 
-cmd="./ssh2${EXEEXT}"
+cmd="./test_ssh2${EXEEXT}"
 srcdir="$(cd "$srcdir" || exit; pwd)"
 
 export PRIVKEY="$srcdir/etc/user"

tests/test_agent_forward_ok.c

@@ -23,9 +23,10 @@ int test(LIBSSH2_SESSION *session)
         return 1;
     }
 
-    rc = libssh2_userauth_publickey_fromfile_ex(
-        session, USERNAME, (unsigned int)strlen(USERNAME),
-        srcdir_path(KEY_FILE_PUBLIC), srcdir_path(KEY_FILE_PRIVATE),
+    rc = libssh2_userauth_publickey_fromfile_ex(session, USERNAME,
+                                                (unsigned int)strlen(USERNAME),
+                                                srcdir_path(KEY_FILE_PUBLIC),
+                                                srcdir_path(KEY_FILE_PRIVATE),
                                                 NULL);
     if(rc) {
         print_last_session_error("libssh2_userauth_publickey_fromfile_ex");

tests/test_auth_keyboard_fail.c

@@ -0,0 +1,8 @@
+#include "runner.h"
+
+int test(LIBSSH2_SESSION *session)
+{
+    return test_auth_keyboard(session, TEST_AUTH_SHOULDFAIL,
+                              "libssh2", /* set in Dockerfile */
+                              "I'm the wrong password");
+}

tests/test_auth_keyboard_info_request.c

@@ -249,8 +249,10 @@ int test_case(int num,
     char *message;
     int error_code;
     LIBSSH2_SESSION *session = NULL;
+
     alloc_count = 0;
     free_count = 0;
+
     session = libssh2_session_init_ex(test_alloc, test_free, NULL, abstract);
     if(!session) {
         fprintf(stderr, "libssh2_session_init_ex failed\n");

tests/test_auth_keyboard_ok.c

@@ -0,0 +1,8 @@
+#include "runner.h"
+
+int test(LIBSSH2_SESSION *session)
+{
+    return test_auth_keyboard(session, 0,
+                              "libssh2", /* set in Dockerfile */
+                              "my test password"); /* set in Dockerfile */
+}

tests/test_auth_password_fail_password.c

@@ -0,0 +1,8 @@
+#include "runner.h"
+
+int test(LIBSSH2_SESSION *session)
+{
+    return test_auth_password(session, TEST_AUTH_SHOULDFAIL,
+                              "libssh2", /* set in Dockerfile */
+                              "I'm the wrong password");
+}

tests/test_auth_password_fail_username.c

@@ -0,0 +1,8 @@
+#include "runner.h"
+
+int test(LIBSSH2_SESSION *session)
+{
+    return test_auth_password(session, TEST_AUTH_SHOULDFAIL,
+                              "I'm the wrong username",
+                              "my test password"); /* set in Dockerfile */
+}

tests/test_auth_password_ok.c

@@ -0,0 +1,8 @@
+#include "runner.h"
+
+int test(LIBSSH2_SESSION *session)
+{
+    return test_auth_password(session, 0,
+                              "libssh2", /* set in Dockerfile */
+                              "my test password"); /* set in Dockerfile */
+}

tests/test_auth_pubkey_fail.c

@@ -0,0 +1,10 @@
+#include "runner.h"
+
+int test(LIBSSH2_SESSION *session)
+{
+    return test_auth_pubkey(session, TEST_AUTH_SHOULDFAIL,
+                            "libssh2", /* set in Dockerfile */
+                            NULL,
+                            "key_dsa_wrong.pub",
+                            "key_dsa_wrong");
+}

tests/test_auth_pubkey_ok_dsa.c

@@ -0,0 +1,16 @@
+#include "runner.h"
+
+int test(LIBSSH2_SESSION *session)
+{
+#if LIBSSH2_DSA
+    /* set in Dockerfile */
+    return test_auth_pubkey(session, 0,
+                            "libssh2",
+                            NULL,
+                            "key_dsa.pub",
+                            "key_dsa");
+#else
+    (void)session;
+    return 0;
+#endif
+}

tests/test_auth_pubkey_ok_ecdsa.c

@@ -0,0 +1,16 @@
+#include "runner.h"
+
+int test(LIBSSH2_SESSION *session)
+{
+#if LIBSSH2_ECDSA
+    /* set in Dockerfile */
+    return test_auth_pubkey(session, 0,
+                            "libssh2",
+                            NULL,
+                            "key_ecdsa.pub",
+                            "key_ecdsa");
+#else
+    (void)session;
+    return 0;
+#endif
+}

tests/test_auth_pubkey_ok_ecdsa_signed.c

@@ -0,0 +1,17 @@
+#include "runner.h"
+
+int test(LIBSSH2_SESSION *session)
+{
+#if LIBSSH2_ECDSA && \
+    (defined(LIBSSH2_OPENSSL) || defined(LIBSSH2_WOLFSSL))
+    /* set in Dockerfile */
+    return test_auth_pubkey(session, 0,
+                            "libssh2",
+                            NULL,
+                            "key_ecdsa_signed-cert.pub",
+                            "key_ecdsa_signed");
+#else
+    (void)session;
+    return 0;
+#endif
+}

tests/test_auth_pubkey_ok_ed25519.c

@@ -0,0 +1,16 @@
+#include "runner.h"
+
+int test(LIBSSH2_SESSION *session)
+{
+#if LIBSSH2_ED25519
+    /* set in Dockerfile */
+    return test_auth_pubkey(session, 0,
+                            "libssh2",
+                            NULL,
+                            "key_ed25519.pub",
+                            "key_ed25519");
+#else
+    (void)session;
+    return 0;
+#endif
+}

tests/test_auth_pubkey_ok_ed25519_encrypted.c

@@ -0,0 +1,16 @@
+#include "runner.h"
+
+int test(LIBSSH2_SESSION *session)
+{
+#if LIBSSH2_ED25519
+    /* set in Dockerfile */
+    return test_auth_pubkey(session, 0,
+                            "libssh2",
+                            "libssh2",
+                            "key_ed25519_encrypted.pub",
+                            "key_ed25519_encrypted");
+#else
+    (void)session;
+    return 0;
+#endif
+}

tests/test_auth_pubkey_ok_ed25519_mem.c

@@ -0,0 +1,16 @@
+#include "runner.h"
+
+int test(LIBSSH2_SESSION *session)
+{
+#if LIBSSH2_ED25519
+    /* set in Dockerfile */
+    return test_auth_pubkey(session, TEST_AUTH_FROMMEM,
+                            "libssh2",
+                            NULL,
+                            NULL,
+                            "key_ed25519");
+#else
+    (void)session;
+    return 0;
+#endif
+}

tests/test_auth_pubkey_ok_rsa.c

@@ -0,0 +1,11 @@
+#include "runner.h"
+
+int test(LIBSSH2_SESSION *session)
+{
+    /* set in Dockerfile */
+    return test_auth_pubkey(session, 0,
+                            "libssh2",
+                            NULL,
+                            "key_rsa.pub",
+                            "key_rsa");
+}

tests/test_auth_pubkey_ok_rsa_encrypted.c

@@ -0,0 +1,11 @@
+#include "runner.h"
+
+int test(LIBSSH2_SESSION *session)
+{
+    /* set in Dockerfile */
+    return test_auth_pubkey(session, 0,
+                            "libssh2",
+                            "libssh2",
+                            "key_rsa_encrypted.pub",
+                            "key_rsa_encrypted");
+}

tests/test_auth_pubkey_ok_rsa_openssh.c

@@ -0,0 +1,16 @@
+#include "runner.h"
+
+int test(LIBSSH2_SESSION *session)
+{
+#if defined(LIBSSH2_OPENSSL) || defined(LIBSSH2_WOLFSSL)
+    /* set in Dockerfile */
+    return test_auth_pubkey(session, 0,
+                            "libssh2",
+                            NULL,
+                            "key_rsa_openssh.pub",
+                            "key_rsa_openssh");
+#else
+    (void)session;
+    return 0;
+#endif
+}

tests/test_auth_pubkey_ok_rsa_signed.c

@@ -0,0 +1,16 @@
+#include "runner.h"
+
+int test(LIBSSH2_SESSION *session)
+{
+#if defined(LIBSSH2_OPENSSL) || defined(LIBSSH2_WOLFSSL)
+    /* set in Dockerfile */
+    return test_auth_pubkey(session, 0,
+                            "libssh2",
+                            NULL,
+                            "key_rsa_signed-cert.pub",
+                            "key_rsa_signed");
+#else
+    (void)session;
+    return 0;
+#endif
+}

tests/test_hostkey.c

@@ -12,6 +12,9 @@ static const char *EXPECTED_ECDSA_HOSTKEY =
     "AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBC+/syyeKJD9dC2ZH"
     "9Q7iJGReR4YM3rUCMsSynkyXojdfSClGCMY7JvWlt30ESjYvxoTfSRGx6WvaqYK/vPoYQ4=";
 
+static const char *EXPECTED_ED25519_HOSTKEY =
+    "AAAAC3NzaC1lZDI1NTE5AAAAIIxtdyg2ZRXE70UwyPVUH3UyfDBV8GX5cPF636P6hjom";
+
 int test(LIBSSH2_SESSION *session)
 {
     int rc;
@@ -26,7 +29,12 @@ int test(LIBSSH2_SESSION *session)
         return 1;
     }
 
-    if(type == LIBSSH2_HOSTKEY_TYPE_ECDSA_256) {
+    if(type == LIBSSH2_HOSTKEY_TYPE_ED25519) {
+        rc = libssh2_base64_decode(session, &expected_hostkey, &expected_len,
+                 EXPECTED_ED25519_HOSTKEY,
+                 (unsigned int)strlen(EXPECTED_ED25519_HOSTKEY));
+    }
+    else if(type == LIBSSH2_HOSTKEY_TYPE_ECDSA_256) {
         rc = libssh2_base64_decode(session, &expected_hostkey, &expected_len,
                  EXPECTED_ECDSA_HOSTKEY,
                  (unsigned int)strlen(EXPECTED_ECDSA_HOSTKEY));

tests/test_hostkey_hash.c

@@ -12,6 +12,9 @@ static const char *EXPECTED_ECDSA_HOSTKEY =
     "AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBC+/syyeKJD9dC2ZH"
     "9Q7iJGReR4YM3rUCMsSynkyXojdfSClGCMY7JvWlt30ESjYvxoTfSRGx6WvaqYK/vPoYQ4=";
 
+static const char *EXPECTED_ED25519_HOSTKEY =
+    "AAAAC3NzaC1lZDI1NTE5AAAAIIxtdyg2ZRXE70UwyPVUH3UyfDBV8GX5cPF636P6hjom";
+
 static const char *EXPECTED_RSA_MD5_HASH_DIGEST =
     "0C0ED1A5BB10275F76924CE187CE5C5E";
 
@@ -30,6 +33,9 @@ static const char *EXPECTED_ECDSA_SHA1_HASH_DIGEST =
 static const char *EXPECTED_ECDSA_SHA256_HASH_DIGEST =
     "56FCD975B166C3F0342D0036E44C311A86C0EAE40713B53FC776369BAE7F5264";
 
+static const char *EXPECTED_ED25519_SHA256_HASH_DIGEST =
+    "2638B020F6121FA750A7F4754B718419F621814C6E779D68ADF26AA68814ADDF";
+
 static const int MD5_HASH_SIZE = 16;
 static const int SHA1_HASH_SIZE = 20;
 static const int SHA256_HASH_SIZE = 32;
@@ -60,6 +66,7 @@ int test(LIBSSH2_SESSION *session)
     /* these are the host keys under test, they are currently unused */
     (void)EXPECTED_RSA_HOSTKEY;
     (void)EXPECTED_ECDSA_HOSTKEY;
+    (void)EXPECTED_ED25519_HOSTKEY;
 
     hostkey = libssh2_session_hostkey(session, &len, &type);
     if(!hostkey) {
@@ -67,7 +74,26 @@ int test(LIBSSH2_SESSION *session)
         return 1;
     }
 
-    if(type == LIBSSH2_HOSTKEY_TYPE_ECDSA_256) {
+    if(type == LIBSSH2_HOSTKEY_TYPE_ED25519) {
+
+        sha256_hash = libssh2_hostkey_hash(session,
+                                           LIBSSH2_HOSTKEY_HASH_SHA256);
+        if(!sha256_hash) {
+            print_last_session_error(
+                "libssh2_hostkey_hash(LIBSSH2_HOSTKEY_HASH_SHA256)");
+            return 1;
+        }
+
+        calculate_digest(sha256_hash, SHA256_HASH_SIZE, buf, BUFSIZ);
+
+        if(strcmp(buf, EXPECTED_ED25519_SHA256_HASH_DIGEST) != 0) {
+            fprintf(stderr,
+                    "ED25519 SHA256 hash not as expected - digest %s != %s\n",
+                    buf, EXPECTED_ED25519_SHA256_HASH_DIGEST);
+            return 1;
+        }
+    }
+    else if(type == LIBSSH2_HOSTKEY_TYPE_ECDSA_256) {
 
         md5_hash = libssh2_hostkey_hash(session, LIBSSH2_HOSTKEY_HASH_MD5);
         if(!md5_hash) {
@@ -117,7 +143,6 @@ int test(LIBSSH2_SESSION *session)
                     buf, EXPECTED_ECDSA_SHA256_HASH_DIGEST);
             return 1;
         }
-
     }
     else if(type == LIBSSH2_HOSTKEY_TYPE_RSA) {
 

tests/test_keyboard_interactive_auth_fails_with_wrong_response.c

@@ -1,56 +0,0 @@
-#include "runner.h"
-
-static const char *USERNAME = "libssh2"; /* set in Dockerfile */
-static const char *WRONG_PASSWORD = "i'm not the password";
-
-static void kbd_callback(const char *name, int name_len,
-                         const char *instruct, int instruct_len,
-                         int num_prompts,
-                         const LIBSSH2_USERAUTH_KBDINT_PROMPT *prompts,
-                         LIBSSH2_USERAUTH_KBDINT_RESPONSE *responses,
-                         void **abstract)
-{
-    int i;
-    (void)abstract;
-    fprintf(stdout, "Kb-int name: %.*s\n", name_len, name);
-    fprintf(stdout, "Kb-int instruction: %.*s\n", instruct_len, instruct);
-    for(i = 0; i < num_prompts; ++i) {
-        fprintf(stdout, "Kb-int prompt %d: %.*s\n", i,
-                (int)prompts[i].length, prompts[i].text);
-    }
-
-    if(num_prompts == 1) {
-        responses[0].text = strdup(WRONG_PASSWORD);
-        responses[0].length = (unsigned int)strlen(WRONG_PASSWORD);
-    }
-}
-
-int test(LIBSSH2_SESSION *session)
-{
-    int rc;
-
-    const char *userauth_list =
-        libssh2_userauth_list(session, USERNAME,
-                              (unsigned int)strlen(USERNAME));
-    if(!userauth_list) {
-        print_last_session_error("libssh2_userauth_list");
-        return 1;
-    }
-
-    if(!strstr(userauth_list, "keyboard-interactive")) {
-        fprintf(stderr,
-                "'keyboard-interactive' was expected in userauth list: %s\n",
-                userauth_list);
-        return 1;
-    }
-
-    rc = libssh2_userauth_keyboard_interactive_ex(
-        session, USERNAME, (unsigned int)strlen(USERNAME), kbd_callback);
-    if(rc == 0) {
-        fprintf(stderr,
-                "Keyboard-interactive auth succeeded with wrong response\n");
-        return 1;
-    }
-
-    return 0;
-}

tests/test_keyboard_interactive_auth_succeeds_with_correct_response.c

@@ -1,57 +0,0 @@
-#include "runner.h"
-
-/* configured in Dockerfile */
-static const char *USERNAME = "libssh2";
-static const char *PASSWORD = "my test password";
-
-static void kbd_callback(const char *name, int name_len,
-                         const char *instruct, int instruct_len,
-                         int num_prompts,
-                         const LIBSSH2_USERAUTH_KBDINT_PROMPT *prompts,
-                         LIBSSH2_USERAUTH_KBDINT_RESPONSE *responses,
-                         void **abstract)
-{
-    int i;
-    (void)abstract;
-
-    fprintf(stdout, "Kb-int name: %.*s\n", name_len, name);
-    fprintf(stdout, "Kb-int instruction: %.*s\n", instruct_len, instruct);
-    for(i = 0; i < num_prompts; ++i) {
-        fprintf(stdout, "Kb-int prompt %d: %.*s\n", i,
-                (int)prompts[i].length, prompts[i].text);
-    }
-
-    if(num_prompts == 1) {
-        responses[0].text = strdup(PASSWORD);
-        responses[0].length = (unsigned int)strlen(PASSWORD);
-    }
-}
-
-int test(LIBSSH2_SESSION *session)
-{
-    int rc;
-
-    const char *userauth_list =
-        libssh2_userauth_list(session, USERNAME,
-                              (unsigned int)strlen(USERNAME));
-    if(!userauth_list) {
-        print_last_session_error("libssh2_userauth_list");
-        return 1;
-    }
-
-    if(!strstr(userauth_list, "keyboard-interactive")) {
-        fprintf(stderr,
-                "'keyboard-interactive' was expected in userauth list: %s\n",
-                userauth_list);
-        return 1;
-    }
-
-    rc = libssh2_userauth_keyboard_interactive_ex(
-        session, USERNAME, (unsigned int)strlen(USERNAME), kbd_callback);
-    if(rc) {
-        print_last_session_error("libssh2_userauth_keyboard_interactive_ex");
-        return 1;
-    }
-
-    return 0;
-}

tests/test_password_auth_fails_with_wrong_password.c

@@ -1,35 +0,0 @@
-#include "runner.h"
-
-static const char *USERNAME = "libssh2"; /* set in Dockerfile */
-static const char *WRONG_PASSWORD = "i'm not the password";
-
-int test(LIBSSH2_SESSION *session)
-{
-    int rc;
-
-    const char *userauth_list =
-        libssh2_userauth_list(session, USERNAME,
-                              (unsigned int)strlen(USERNAME));
-    if(!userauth_list) {
-        print_last_session_error("libssh2_userauth_list");
-        return 1;
-    }
-
-    if(!strstr(userauth_list, "password")) {
-        fprintf(stderr, "'password' was expected in userauth list: %s\n",
-                userauth_list);
-        return 1;
-    }
-
-    rc = libssh2_userauth_password_ex(session, USERNAME,
-                                      (unsigned int)strlen(USERNAME),
-                                      WRONG_PASSWORD,
-                                      (unsigned int)strlen(WRONG_PASSWORD),
-                                      NULL);
-    if(rc == 0) {
-        fprintf(stderr, "Password auth succeeded with wrong password\n");
-        return 1;
-    }
-
-    return 0;
-}

tests/test_password_auth_fails_with_wrong_username.c

@@ -1,35 +0,0 @@
-#include "runner.h"
-
-/* configured in Dockerfile */
-static const char *PASSWORD = "my test password";
-static const char *WRONG_USERNAME = "i dont exist";
-
-int test(LIBSSH2_SESSION *session)
-{
-    int rc;
-
-    const char *userauth_list =
-        libssh2_userauth_list(session, WRONG_USERNAME,
-                              (unsigned int)strlen(WRONG_USERNAME));
-    if(!userauth_list) {
-        print_last_session_error("libssh2_userauth_list");
-        return 1;
-    }
-
-    if(!strstr(userauth_list, "password")) {
-        fprintf(stderr, "'password' was expected in userauth list: %s\n",
-                userauth_list);
-        return 1;
-    }
-
-    rc = libssh2_userauth_password_ex(session, WRONG_USERNAME,
-                                      (unsigned int)strlen(WRONG_USERNAME),
-                                      PASSWORD,
-                                      (unsigned int)strlen(PASSWORD), NULL);
-    if(rc == 0) {
-        fprintf(stderr, "Password auth succeeded with wrong username\n");
-        return 1;
-    }
-
-    return 0;
-}

tests/test_password_auth_succeeds_with_correct_credentials.c

@@ -1,41 +0,0 @@
-#include "runner.h"
-
-/* configured in Dockerfile */
-static const char *USERNAME = "libssh2";
-static const char *PASSWORD = "my test password";
-
-int test(LIBSSH2_SESSION *session)
-{
-    int rc;
-
-    const char *userauth_list =
-        libssh2_userauth_list(session, USERNAME,
-                              (unsigned int)strlen(USERNAME));
-    if(!userauth_list) {
-        print_last_session_error("libssh2_userauth_list");
-        return 1;
-    }
-
-    if(!strstr(userauth_list, "password")) {
-        fprintf(stderr, "'password' was expected in userauth list: %s\n",
-                userauth_list);
-        return 1;
-    }
-
-    rc = libssh2_userauth_password_ex(session, USERNAME,
-                                      (unsigned int)strlen(USERNAME),
-                                      PASSWORD,
-                                      (unsigned int)strlen(PASSWORD), NULL);
-    if(rc) {
-        print_last_session_error("libssh2_userauth_password_ex");
-        return 1;
-    }
-
-    if(libssh2_userauth_authenticated(session) == 0) {
-        fprintf(stderr, "Password auth appeared to succeed but "
-                        "libssh2_userauth_authenticated returned 0\n");
-        return 1;
-    }
-
-    return 0;
-}

tests/test_public_key_auth_fails_with_wrong_key.c

@@ -1,35 +0,0 @@
-#include "runner.h"
-
-static const char *USERNAME = "libssh2"; /* set in Dockerfile */
-static const char *KEY_FILE_PRIVATE = "key_dsa_wrong";
-static const char *KEY_FILE_PUBLIC = "key_dsa_wrong.pub";
-
-int test(LIBSSH2_SESSION *session)
-{
-    int rc;
-
-    const char *userauth_list =
-        libssh2_userauth_list(session, USERNAME,
-                              (unsigned int)strlen(USERNAME));
-    if(!userauth_list) {
-        print_last_session_error("libssh2_userauth_list");
-        return 1;
-    }
-
-    if(!strstr(userauth_list, "publickey")) {
-        fprintf(stderr, "'publickey' was expected in userauth list: %s\n",
-                userauth_list);
-        return 1;
-    }
-
-    rc = libssh2_userauth_publickey_fromfile_ex(
-        session, USERNAME, (unsigned int)strlen(USERNAME),
-        srcdir_path(KEY_FILE_PUBLIC), srcdir_path(KEY_FILE_PRIVATE),
-        NULL);
-    if(rc == 0) {
-        fprintf(stderr, "Public-key auth succeeded with wrong key\n");
-        return 1;
-    }
-
-    return 0;
-}

tests/test_public_key_auth_succeeds_with_correct_dsa_key.c

@@ -1,35 +0,0 @@
-#include "runner.h"
-
-/* configured in Dockerfile */
-static const char *USERNAME = "libssh2";
-static const char *KEY_FILE_PRIVATE = "key_dsa";
-static const char *KEY_FILE_PUBLIC = "key_dsa.pub";
-
-int test(LIBSSH2_SESSION *session)
-{
-    int rc;
-
-    const char *userauth_list =
-        libssh2_userauth_list(session, USERNAME,
-                              (unsigned int)strlen(USERNAME));
-    if(!userauth_list) {
-        print_last_session_error("libssh2_userauth_list");
-        return 1;
-    }
-
-    if(!strstr(userauth_list, "publickey")) {
-        fprintf(stderr, "'publickey' was expected in userauth list: %s\n",
-                userauth_list);
-        return 1;
-    }
-
-    rc = libssh2_userauth_publickey_fromfile_ex(
-        session, USERNAME, (unsigned int)strlen(USERNAME),
-        srcdir_path(KEY_FILE_PUBLIC), srcdir_path(KEY_FILE_PRIVATE), NULL);
-    if(rc) {
-        print_last_session_error("libssh2_userauth_publickey_fromfile_ex");
-        return 1;
-    }
-
-    return 0;
-}

tests/test_public_key_auth_succeeds_with_correct_ecdsa_key.c

@@ -1,36 +0,0 @@
-#include "runner.h"
-
-/* configured in Dockerfile */
-static const char *USERNAME = "libssh2";
-static const char *KEY_FILE_PRIVATE = "key_ecdsa";
-static const char *KEY_FILE_PUBLIC = "key_ecdsa.pub";
-
-int test(LIBSSH2_SESSION *session)
-{
-    int rc;
-    const char *userauth_list = NULL;
-
-    userauth_list = libssh2_userauth_list(session, USERNAME,
-                                          (unsigned int)strlen(USERNAME));
-    if(!userauth_list) {
-        print_last_session_error("libssh2_userauth_list");
-        return 1;
-    }
-
-    if(!strstr(userauth_list, "publickey")) {
-        fprintf(stderr, "'publickey' was expected in userauth list: %s\n",
-                userauth_list);
-        return 1;
-    }
-
-    rc = libssh2_userauth_publickey_fromfile_ex(
-        session, USERNAME, (unsigned int)strlen(USERNAME),
-        srcdir_path(KEY_FILE_PUBLIC), srcdir_path(KEY_FILE_PRIVATE),
-        NULL);
-    if(rc) {
-        print_last_session_error("libssh2_userauth_publickey_fromfile_ex");
-        return 1;
-    }
-
-    return 0;
-}

tests/test_public_key_auth_succeeds_with_correct_ed25519_key.c

@@ -1,36 +0,0 @@
-#include "runner.h"
-
-/* configured in Dockerfile */
-static const char *USERNAME = "libssh2";
-static const char *KEY_FILE_PRIVATE = "key_ed25519";
-static const char *KEY_FILE_PUBLIC = "key_ed25519.pub";
-
-int test(LIBSSH2_SESSION *session)
-{
-    int rc;
-    const char *userauth_list = NULL;
-
-    userauth_list = libssh2_userauth_list(session, USERNAME,
-                                          (unsigned int)strlen(USERNAME));
-    if(!userauth_list) {
-        print_last_session_error("libssh2_userauth_list");
-        return 1;
-    }
-
-    if(!strstr(userauth_list, "publickey")) {
-        fprintf(stderr, "'publickey' was expected in userauth list: %s\n",
-                userauth_list);
-        return 1;
-    }
-
-    rc = libssh2_userauth_publickey_fromfile_ex(
-        session, USERNAME, (unsigned int)strlen(USERNAME),
-        srcdir_path(KEY_FILE_PUBLIC), srcdir_path(KEY_FILE_PRIVATE),
-        NULL);
-    if(rc) {
-        print_last_session_error("libssh2_userauth_publickey_fromfile_ex");
-        return 1;
-    }
-
-    return 0;
-}

tests/test_public_key_auth_succeeds_with_correct_ed25519_key_from_mem.c

@@ -1,96 +0,0 @@
-#include "runner.h"
-
-#include <stdlib.h>
-
-static const char *USERNAME = "libssh2"; /* set in Dockerfile */
-static const char *KEY_FILE_ED25519_PRIVATE = "key_ed25519";
-
-static int read_file(const char *path, char **buf, size_t *len);
-
-int test(LIBSSH2_SESSION *session)
-{
-    int rc;
-    char *buffer = NULL;
-    size_t len = 0;
-    const char *userauth_list = NULL;
-
-    userauth_list = libssh2_userauth_list(session, USERNAME,
-                                          (unsigned int)strlen(USERNAME));
-    if(!userauth_list) {
-        print_last_session_error("libssh2_userauth_list");
-        return 1;
-    }
-
-    if(!strstr(userauth_list, "publickey")) {
-        fprintf(stderr, "'publickey' was expected in userauth list: %s\n",
-                userauth_list);
-        return 1;
-    }
-
-    if(read_file(srcdir_path(KEY_FILE_ED25519_PRIVATE), &buffer, &len)) {
-        fprintf(stderr, "Reading key file failed.");
-        return 1;
-    }
-
-    rc = libssh2_userauth_publickey_frommemory(session,
-                                               USERNAME, strlen(USERNAME),
-                                               NULL, 0,
-                                               buffer, len,
-                                               NULL);
-
-    free(buffer);
-
-    if(rc) {
-        print_last_session_error("libssh2_userauth_publickey_fromfile_ex");
-        return 1;
-    }
-
-    return 0;
-}
-
-static int read_file(const char *path, char **out_buffer, size_t *out_len)
-{
-    FILE *fp = NULL;
-    char *buffer = NULL;
-    size_t len = 0;
-
-    if(!out_buffer || !out_len || !path) {
-        fprintf(stderr, "invalid params.");
-        return 1;
-    }
-
-    *out_buffer = NULL;
-    *out_len = 0;
-
-    fp = fopen(path, "r");
-
-    if(!fp) {
-        fprintf(stderr, "File could not be read.");
-        return 1;
-    }
-
-    fseek(fp, 0L, SEEK_END);
-    len = ftell(fp);
-    rewind(fp);
-
-    buffer = calloc(1, len + 1);
-    if(!buffer) {
-        fclose(fp);
-        fprintf(stderr, "Could not alloc memory.");
-        return 1;
-    }
-
-    if(1 != fread(buffer, len, 1, fp)) {
-        fclose(fp);
-        free(buffer);
-        fprintf(stderr, "Could not read file into memory.");
-        return 1;
-    }
-
-    fclose(fp);
-
-    *out_buffer = buffer;
-    *out_len = len;
-
-    return 0;
-}

tests/test_public_key_auth_succeeds_with_correct_encrypted_ed25519_key.c

@@ -1,37 +0,0 @@
-#include "runner.h"
-
-/* configured in Dockerfile */
-static const char *USERNAME = "libssh2";
-static const char *PASSWORD = "libssh2";
-static const char *KEY_FILE_PRIVATE = "key_ed25519_encrypted";
-static const char *KEY_FILE_PUBLIC = "key_ed25519_encrypted.pub";
-
-int test(LIBSSH2_SESSION *session)
-{
-    int rc;
-    const char *userauth_list = NULL;
-
-    userauth_list = libssh2_userauth_list(session, USERNAME,
-                                          (unsigned int)strlen(USERNAME));
-    if(!userauth_list) {
-        print_last_session_error("libssh2_userauth_list");
-        return 1;
-    }
-
-    if(!strstr(userauth_list, "publickey")) {
-        fprintf(stderr, "'publickey' was expected in userauth list: %s\n",
-                userauth_list);
-        return 1;
-    }
-
-    rc = libssh2_userauth_publickey_fromfile_ex(
-        session, USERNAME, (unsigned int)strlen(USERNAME),
-        srcdir_path(KEY_FILE_PUBLIC), srcdir_path(KEY_FILE_PRIVATE),
-        PASSWORD);
-    if(rc) {
-        print_last_session_error("libssh2_userauth_publickey_fromfile_ex");
-        return 1;
-    }
-
-    return 0;
-}

tests/test_public_key_auth_succeeds_with_correct_encrypted_rsa_key.c

@@ -1,37 +0,0 @@
-#include "runner.h"
-
-/* configured in Dockerfile */
-static const char *USERNAME = "libssh2";
-static const char *PASSWORD = "libssh2";
-static const char *KEY_FILE_PRIVATE = "key_rsa_encrypted";
-static const char *KEY_FILE_PUBLIC = "key_rsa_encrypted.pub";
-
-int test(LIBSSH2_SESSION *session)
-{
-    int rc;
-
-    const char *userauth_list =
-        libssh2_userauth_list(session, USERNAME,
-                              (unsigned int)strlen(USERNAME));
-    if(!userauth_list) {
-        print_last_session_error("libssh2_userauth_list");
-        return 1;
-    }
-
-    if(!strstr(userauth_list, "publickey")) {
-        fprintf(stderr, "'publickey' was expected in userauth list: %s\n",
-                userauth_list);
-        return 1;
-    }
-
-    rc = libssh2_userauth_publickey_fromfile_ex(
-        session, USERNAME, (unsigned int)strlen(USERNAME),
-       srcdir_path(KEY_FILE_PUBLIC), srcdir_path(KEY_FILE_PRIVATE),
-        PASSWORD);
-    if(rc) {
-        print_last_session_error("libssh2_userauth_publickey_fromfile_ex");
-        return 1;
-    }
-
-    return 0;
-}

tests/test_public_key_auth_succeeds_with_correct_rsa_key.c

@@ -1,36 +0,0 @@
-#include "runner.h"
-
-/* configured in Dockerfile */
-static const char *USERNAME = "libssh2";
-static const char *KEY_FILE_PRIVATE = "key_rsa";
-static const char *KEY_FILE_PUBLIC = "key_rsa.pub";
-
-int test(LIBSSH2_SESSION *session)
-{
-    int rc;
-
-    const char *userauth_list =
-        libssh2_userauth_list(session, USERNAME,
-                              (unsigned int)strlen(USERNAME));
-    if(!userauth_list) {
-        print_last_session_error("libssh2_userauth_list");
-        return 1;
-    }
-
-    if(!strstr(userauth_list, "publickey")) {
-        fprintf(stderr, "'publickey' was expected in userauth list: %s\n",
-                userauth_list);
-        return 1;
-    }
-
-    rc = libssh2_userauth_publickey_fromfile_ex(
-        session, USERNAME, (unsigned int)strlen(USERNAME),
-        srcdir_path(KEY_FILE_PUBLIC), srcdir_path(KEY_FILE_PRIVATE),
-        NULL);
-    if(rc) {
-        print_last_session_error("libssh2_userauth_publickey_fromfile_ex");
-        return 1;
-    }
-
-    return 0;
-}

tests/test_public_key_auth_succeeds_with_correct_rsa_openssh_key.c

@@ -1,36 +0,0 @@
-#include "runner.h"
-
-/* configured in Dockerfile */
-static const char *USERNAME = "libssh2";
-static const char *KEY_FILE_PRIVATE = "key_rsa_openssh";
-static const char *KEY_FILE_PUBLIC = "key_rsa_openssh.pub";
-
-int test(LIBSSH2_SESSION *session)
-{
-    int rc;
-
-    const char *userauth_list =
-        libssh2_userauth_list(session, USERNAME,
-                              (unsigned int)strlen(USERNAME));
-    if(!userauth_list) {
-        print_last_session_error("libssh2_userauth_list");
-        return 1;
-    }
-
-    if(!strstr(userauth_list, "publickey")) {
-        fprintf(stderr, "'publickey' was expected in userauth list: %s\n",
-                userauth_list);
-        return 1;
-    }
-
-    rc = libssh2_userauth_publickey_fromfile_ex(
-        session, USERNAME, (unsigned int)strlen(USERNAME),
-        srcdir_path(KEY_FILE_PUBLIC), srcdir_path(KEY_FILE_PRIVATE),
-        NULL);
-    if(rc) {
-        print_last_session_error("libssh2_userauth_publickey_fromfile_ex");
-        return 1;
-    }
-
-    return 0;
-}

tests/test_public_key_auth_succeeds_with_correct_signed_ecdsa_key.c

@@ -1,36 +0,0 @@
-#include "runner.h"
-
-/* configured in Dockerfile */
-static const char *USERNAME = "libssh2";
-static const char *KEY_FILE_PRIVATE = "signed_key_ecdsa";
-static const char *KEY_FILE_PUBLIC = "signed_key_ecdsa-cert.pub";
-
-int test(LIBSSH2_SESSION *session)
-{
-    int rc;
-    const char *userauth_list = NULL;
-
-    userauth_list = libssh2_userauth_list(session, USERNAME,
-                                          (unsigned int)strlen(USERNAME));
-    if(!userauth_list) {
-        print_last_session_error("libssh2_userauth_list");
-        return 1;
-    }
-
-    if(!strstr(userauth_list, "publickey")) {
-        fprintf(stderr, "'publickey' was expected in userauth list: %s\n",
-                userauth_list);
-        return 1;
-    }
-
-    rc = libssh2_userauth_publickey_fromfile_ex(
-        session, USERNAME, (unsigned int)strlen(USERNAME),
-        srcdir_path(KEY_FILE_PUBLIC), srcdir_path(KEY_FILE_PRIVATE),
-        NULL);
-    if(rc) {
-        print_last_session_error("libssh2_userauth_publickey_fromfile_ex");
-        return 1;
-    }
-
-    return 0;
-}

tests/test_public_key_auth_succeeds_with_correct_signed_rsa_key.c

@@ -1,36 +0,0 @@
-#include "runner.h"
-
-/* configured in Dockerfile */
-static const char *USERNAME = "libssh2";
-static const char *KEY_FILE_PRIVATE = "signed_key_rsa";
-static const char *KEY_FILE_PUBLIC = "signed_key_rsa-cert.pub";
-
-int test(LIBSSH2_SESSION *session)
-{
-    int rc;
-
-    const char *userauth_list =
-        libssh2_userauth_list(session, USERNAME,
-                              (unsigned int)strlen(USERNAME));
-    if(!userauth_list) {
-        print_last_session_error("libssh2_userauth_list");
-        return 1;
-    }
-
-    if(!strstr(userauth_list, "publickey")) {
-        fprintf(stderr, "'publickey' was expected in userauth list: %s\n",
-                userauth_list);
-        return 1;
-    }
-
-    rc = libssh2_userauth_publickey_fromfile_ex(
-        session, USERNAME, (unsigned int)strlen(USERNAME),
-        srcdir_path(KEY_FILE_PUBLIC), srcdir_path(KEY_FILE_PRIVATE),
-        NULL);
-    if(rc) {
-        print_last_session_error("libssh2_userauth_publickey_fromfile_ex");
-        return 1;
-    }
-
-    return 0;
-}

tests/test_read.c

@@ -2,7 +2,7 @@
 
 #include "runner.h"
 
-/* configured in Dockerfile */
+/* set in Dockerfile */
 static const char *USERNAME = "libssh2";
 static const char *KEY_FILE_PRIVATE = "key_rsa";
 static const char *KEY_FILE_PUBLIC = "key_rsa.pub";
@@ -43,9 +43,11 @@ int test(LIBSSH2_SESSION *session)
         return 1;
     }
 
-    rc = libssh2_userauth_publickey_fromfile_ex(
-        session, USERNAME, (unsigned int)strlen(USERNAME),
-        srcdir_path(KEY_FILE_PUBLIC), srcdir_path(KEY_FILE_PRIVATE), NULL);
+    rc = libssh2_userauth_publickey_fromfile_ex(session, USERNAME,
+                                                (unsigned int)strlen(USERNAME),
+                                                srcdir_path(KEY_FILE_PUBLIC),
+                                                srcdir_path(KEY_FILE_PRIVATE),
+                                                NULL);
     if(rc) {
         print_last_session_error("libssh2_userauth_publickey_fromfile_ex");
         return 1;