From a459a25302a31f6e2aba3c4e15b1472b83b596fc Mon Sep 17 00:00:00 2001 From: Viktor Szakats Date: Fri, 21 Apr 2023 20:06:30 +0000 Subject: [PATCH] tests: improve running tests TL;DR: Sync test builds between autotools and CMake. Sync sshd configuration between Docker and non-Docker fixtures. Bump up sshd_config for recent OpenSSH releases. This also opens up the path to have non-Docker tests that use a local sshd process. Though sshd is practically unusable on Windows CI machines out of the box, so this will need further efforts. Details: - cmake: run sshd fixture test just like autotool did already. - sync tests and their order between autotools and CMake. It makes `test_aa_warmup` the first test with both. - cmake: load test lists from `Makefile.am`. Needed to update the loader to throw away certain lines to keep the converted output conform CMake syntax. Using regexp might be an alternative way of doing this, but couldn't make it work. - cmake: use the official way to configure test environment variables. Switch to syntax that's extendable. - cmake: allow to run the same test both under Docker and sshd fixture. Useful for testing the sshd fixture runner, or how the same test behaves in each fixture. - update test fixture to read the username from `USER` envvar instead of using the Dockfile-specific hardwired one, when running outside Docker. - rework `ssh2.sh` into `sshd_fixture.sh`, to: - allow running any tests (not just `test_ssh2`). - configure Docker tests for running outside Docker. - fixup `SSHD` path when running on Windows (e.g. in AppVeyor CI). Fixes: `sshd re-exec requires execution with an absolute path` - allow overriding `PUBKEY` and `PRIVKEY` envvars. - allow overriding `ssh_config` via `SSHD_FIXTURE_CONFIG`. - prepare support for running multiple tests via sshd_fixture. Add a TAP runner for autotools and extend CMake logic. The TAP runner loads the test list from `Makefile.am`. Notice however that on Windows, `sshd_fixture.sh` is very flaky with GitHub Actions. And consistently broken for subsequent tests in AppVeyor CI: 'libssh2_session_handshake failed (-43): Failed getting banner' Another way to try is a single sshd instance serving all tests. For CMake this would probably mean using an external script. - ed25519 test keys were identical for auth and host. Regenerate the auth keypair to make them distinct. - sync the sshd environment between Docker and sshd_fixture. - use common via `openssh_server/sshd_config`. - accept same auth keys. - offer the same host keys. - sync TrustedUserCAKeys. - delete now unused keypairs: `etc/host*`, `etc/user*`. - bump up startup delay for Windows (randomly, to 5 secs, from 3). - delete `UsePrivilegeSeparation no` to avoid deprecation warnings. `command-line line 0: Deprecated option UsePrivilegeSeparation` - delete `Protocol 2` to avoid deprecation warnings. It has been the default since OpenSSH 3.0 (2001-11-06). - delete `StrictModes no` (CI tests work without it, Docker tests never used it). - bump `Dockerfile` base image to `testing-slim` (from `bullseye-slim`). It needed `sshd_config` updates to keep things working with OpenSSH 9.2 (compared to bullseye's 8.4). - replace `ChallengeResponseAuthentication` alias with `KbdInteractiveAuthentication`. The former is no longer present in default `sshd_config` since OpenSSH 8.7 (2021-08-20). This broke the `Dockerfile` script. The new name is documented since OpenSSH 4.9 (2008-03-31) - add `PubkeyAcceptedKeyTypes +ssh-rsa,ssh-dss,ssh-rsa-cert-v01@openssh.com` and `HostKeyAlgorithms +ssh-rsa`. Original-patch-by: Eric van Gyzen (@vangyzen on github) Fixes #691 There is a new name for `PubkeyAcceptedKeyTypes`: `PubkeyAcceptedAlgorithms`. It requires OpenSSH 8.5 (2021-03-03) and breaks some envs so we're not using it just yet. - drop `rijndael-cbc@lysator.liu.se` tests and references from config. This is a draft alias for `aes256-cbc`. No need to test it twice. Also this alias is no longer recognized by OpenSSH 8.5 (2021-03-03). - update `mansyntax.sh` and `sshd_fixture.sh` to not rely on `srcdir`. Hopefully this works with out-of-tree builds. - fix `test_read_algos.test` to honor CRLF EOLs in their inputs (necessary when running on Windows.) - fix `test_read_algos.test` to honor `EXEEXT`. Might be useful when running tests under cross-builds? - `test_ssh2.c`: - use libssh2 API to set blocking mode. This makes it support all platforms. - adapt socket open timeout logic from `openssh_fixture.c`. Sadly this did not help fix flakiness on GHA Windows. - tests: delete unused C headers and variable initialization. - delete unused test files: `sshd_fixture.sh.in`, `sshdwrap`, `etc/sshd_config`. Ref: cf80f2f4b5255cc85a04ee43b27a29c678c1edb1 - autotools: delete stray `.c` test sources from `EXTRA_DIST` in tests. - `tests/.gitignore`: drop two stray tests. - autotools: fix passing `SSHD` containing space (Windows needs this). - autotools: sort `EXTRA_DIST` in tests. - cmake: fix to add `test_ssh2` to `TEST_TARGETS`. - fix `authorized_key` order in `tests/gen_keys.sh`. - silence shellcheck warning in `ci/checksrc.sh`. - set `SSHD` for autotools on GitHub Actions Windows. [skipped] Auto-detection doesn't work (maybe because sshd is installed via Git for Windows and we're using MSYS2's shell.) It enables running sshd fixture (non-Docker) tests in these jobs. I did not include this in the final patch due to flakiness: ``` Connection to 127.0.0.1:4711 attempt #0 failed: retrying... Connection to 127.0.0.1:4711 attempt #1 failed: retrying... Connection to 127.0.0.1:4711 attempt #2 failed: retrying... Failure establishing SSH session: -43 ``` Can be enabled with: `export SSHD='C:/Program Files/Git/usr/bin/sshd.exe'` Closes #996 --- CMakeLists.txt | 10 ++- ci/checksrc.sh | 1 + tests/.gitignore | 3 +- tests/CMakeLists.txt | 101 +++++++++++------------- tests/Makefile.am | 77 ++++++++++-------- tests/etc/host | 27 ------- tests/etc/host.pub | 1 - tests/etc/sshd_config | 3 - tests/etc/user | 27 ------- tests/etc/user.pub | 1 - tests/gen_keys.sh | 9 +-- tests/key_ed25519 | 8 +- tests/key_ed25519.pub | 2 +- tests/mansyntax.sh | 3 +- tests/openssh_fixture.c | 12 ++- tests/openssh_fixture.h | 1 + tests/openssh_server/Dockerfile | 9 +-- tests/openssh_server/authorized_keys | 2 +- tests/openssh_server/sshd_config | 4 + tests/session_fixture.c | 16 ++-- tests/ssh2.sh | 47 ----------- tests/sshd_fixture.sh | 73 +++++++++++++++++ tests/sshd_fixture.sh.in | 51 ------------ tests/sshdwrap | 28 ------- tests/test_auth_keyboard_info_request.c | 2 +- tests/test_read_algos.test | 5 +- tests/test_read_algos.txt | 1 - tests/test_ssh2.c | 51 +++++++++--- tests/test_sshd.test | 35 ++++++++ 29 files changed, 288 insertions(+), 322 deletions(-) delete mode 100644 tests/etc/host delete mode 100644 tests/etc/host.pub delete mode 100644 tests/etc/sshd_config delete mode 100644 tests/etc/user delete mode 100644 tests/etc/user.pub create mode 100644 tests/openssh_server/sshd_config delete mode 100755 tests/ssh2.sh create mode 100755 tests/sshd_fixture.sh delete mode 100644 tests/sshd_fixture.sh.in delete mode 100755 tests/sshdwrap create mode 100755 tests/test_sshd.test diff --git a/CMakeLists.txt b/CMakeLists.txt index 47870cd5..c211382c 100644 --- a/CMakeLists.txt +++ b/CMakeLists.txt @@ -375,7 +375,15 @@ endif() # Convert GNU Make assignments into CMake ones. function(transform_makefile_inc INPUT_FILE OUTPUT_FILE) - file(READ ${INPUT_FILE} MAKEFILE_INC_CMAKE) + file(STRINGS ${INPUT_FILE} LINES) + + unset(MAKEFILE_INC_CMAKE) + foreach(LINE IN LISTS LINES) + if(NOT LINE MATCHES " \\+= " AND + NOT LINE MATCHES "^(if|endif)") + set(MAKEFILE_INC_CMAKE "${MAKEFILE_INC_CMAKE}\n${LINE}") + endif() + endforeach() string(REGEX REPLACE "\\\\\n" "" MAKEFILE_INC_CMAKE ${MAKEFILE_INC_CMAKE}) string(REGEX REPLACE "([A-Za-z_]+) *= *([^\n]*)" "set(\\1 \\2)" MAKEFILE_INC_CMAKE ${MAKEFILE_INC_CMAKE}) diff --git a/ci/checksrc.sh b/ci/checksrc.sh index 13a57ffe..3de54115 100755 --- a/ci/checksrc.sh +++ b/ci/checksrc.sh @@ -5,6 +5,7 @@ set -e FILES="src/*.[ch] include/*.h example/*.c tests/*.[ch]" WHITELIST="-Wsrc/libssh2_config.h" +# shellcheck disable=SC2086 perl ./ci/checksrc.pl -i4 -m79 \ -ASNPRINTF \ -ACOPYRIGHT \ diff --git a/tests/.gitignore b/tests/.gitignore index b0ebd8f3..966f4ea9 100644 --- a/tests/.gitignore +++ b/tests/.gitignore @@ -4,5 +4,4 @@ *.gcda Makefile Makefile.in -simple -ssh2 +Makefile.am.cmake diff --git a/tests/CMakeLists.txt b/tests/CMakeLists.txt index 8c7c396e..51f3a4d9 100644 --- a/tests/CMakeLists.txt +++ b/tests/CMakeLists.txt @@ -37,6 +37,10 @@ include(CopyRuntimeDependencies) list(APPEND LIBRARIES ${SOCKET_LIBRARIES}) +transform_makefile_inc("Makefile.am" "${CMAKE_CURRENT_BINARY_DIR}/Makefile.am.cmake") +# Get 'DOCKER_TESTS', 'STANDALONE_TESTS', 'SSHD_TESTS' variables +include(${CMAKE_CURRENT_BINARY_DIR}/Makefile.am.cmake) + if(CMAKE_COMPILER_IS_GNUCC) find_program(GCOV_PATH gcov) if(GCOV_PATH) @@ -47,32 +51,14 @@ if(CMAKE_COMPILER_IS_GNUCC) endif() endif() -set(TESTS - test_aa_warmup # keep this first - test_agent_forward_ok - test_auth_keyboard_fail - test_auth_keyboard_info_request - test_auth_keyboard_ok - test_auth_password_fail_password - test_auth_password_fail_username - test_auth_password_ok - test_auth_pubkey_fail - test_auth_pubkey_ok_dsa - test_auth_pubkey_ok_ecdsa - test_auth_pubkey_ok_ecdsa_signed - test_auth_pubkey_ok_ed25519 - test_auth_pubkey_ok_ed25519_encrypted - test_auth_pubkey_ok_ed25519_mem - test_auth_pubkey_ok_rsa - test_auth_pubkey_ok_rsa_encrypted - test_auth_pubkey_ok_rsa_openssh - test_auth_pubkey_ok_rsa_signed - test_hostkey - test_hostkey_hash - test_read - test_simple - test_ssh2 -) +find_program(SH_EXECUTABLE sh) +mark_as_advanced(SH_EXECUTABLE) +if(SH_EXECUTABLE) + find_program(SSHD_EXECUTABLE sshd) + mark_as_advanced(SSHD_EXECUTABLE) + + add_test(NAME mansyntax COMMAND ${SH_EXECUTABLE} -c "${CMAKE_CURRENT_SOURCE_DIR}/mansyntax.sh") +endif() add_library(runner STATIC runner.h runner.c openssh_fixture.h openssh_fixture.c session_fixture.h session_fixture.c) target_compile_definitions(runner PRIVATE "${CRYPTO_BACKEND_DEFINE}") @@ -88,37 +74,53 @@ if(BUILD_SHARED_LIBS) endforeach() endif() -foreach(test ${TESTS}) - add_executable(${test} ${test}.c) - target_compile_definitions(${test} PRIVATE "${CRYPTO_BACKEND_DEFINE}") - target_include_directories(${test} PRIVATE "${CMAKE_CURRENT_BINARY_DIR}/../src" ../src "${CRYPTO_BACKEND_INCLUDE_DIR}") +foreach(test ${DOCKER_TESTS} ${STANDALONE_TESTS} ${SSHD_TESTS}) + # We support the same target as both Docker and SSHD test. Build those just once. + if(NOT TARGET ${test}) + add_executable(${test} ${test}.c) + target_compile_definitions(${test} PRIVATE "${CRYPTO_BACKEND_DEFINE}") + target_include_directories(${test} PRIVATE "${CMAKE_CURRENT_BINARY_DIR}/../src" ../src "${CRYPTO_BACKEND_INCLUDE_DIR}") - # build a single test with gcov - if(GCOV_PATH AND test STREQUAL test_auth_keyboard_info_request) - target_compile_options(${test} BEFORE PRIVATE ${GCOV_OPTIONS}) - target_link_libraries(${test} runner ${LIB_STATIC} ${LIBRARIES} gcov) - else() - target_link_libraries(${test} runner ${LIB_STATIC} ${LIBRARIES}) - endif() + # build a single test with gcov + if(GCOV_PATH AND test STREQUAL test_auth_keyboard_info_request) + target_compile_options(${test} BEFORE PRIVATE ${GCOV_OPTIONS}) + target_link_libraries(${test} runner ${LIB_STATIC} ${LIBRARIES} gcov) + else() + target_link_libraries(${test} runner ${LIB_STATIC} ${LIBRARIES}) + endif() - if(NOT test STREQUAL "test_ssh2") # skip test that needs ssh2.sh to run list(APPEND TEST_TARGETS ${test}) - add_test( - NAME ${test} COMMAND $ - WORKING_DIRECTORY "${CMAKE_CURRENT_SOURCE_DIR}") endif() endforeach() +foreach(test ${DOCKER_TESTS} ${STANDALONE_TESTS}) + add_test(NAME ${test} COMMAND $ + WORKING_DIRECTORY "${CMAKE_CURRENT_SOURCE_DIR}") +endforeach() + +if(SSHD_EXECUTABLE) + # On Windows / AppVeyor CI, subsequent tests are broken: + # 'libssh2_session_handshake failed (-43): Failed getting banner' + if(WIN32) + list(GET SSHD_TESTS 0 SSHD_TESTS) + endif() + foreach(test ${SSHD_TESTS}) + set(testname sshd-${test}) + add_test(NAME ${testname} COMMAND ${SH_EXECUTABLE} -c "${CMAKE_CURRENT_SOURCE_DIR}/sshd_fixture.sh $") + set_property(TEST ${testname} APPEND PROPERTY ENVIRONMENT "SSHD=${SSHD_EXECUTABLE}") + endforeach() +endif() + # CRYPT/MAC algo tests -file(READ "test_read_algos.txt" TESTS) -string(REGEX REPLACE "\\\n" ";" TESTS ${TESTS}) -foreach(test ${TESTS}) +file(READ "test_read_algos.txt" ALGO_TESTS) +string(REGEX REPLACE "\\\n" ";" ALGO_TESTS ${ALGO_TESTS}) +foreach(test ${ALGO_TESTS}) set(testname test_read-${test}) add_test(NAME ${testname} COMMAND "$") if(test MATCHES "mac-") - set_tests_properties(${testname} PROPERTIES ENVIRONMENT "FIXTURE_TEST_MAC=${test}") + set_property(TEST ${testname} APPEND PROPERTY ENVIRONMENT "FIXTURE_TEST_MAC=${test}") else() - set_tests_properties(${testname} PROPERTIES ENVIRONMENT "FIXTURE_TEST_CRYPT=${test}") + set_property(TEST ${testname} APPEND PROPERTY ENVIRONMENT "FIXTURE_TEST_CRYPT=${test}") endif() endforeach() @@ -134,10 +136,3 @@ add_target_to_copy_dependencies( TARGET copy_test_dependencies DEPENDENCIES ${RUNTIME_DEPENDENCIES} BEFORE_TARGETS ${TEST_TARGETS}) - -find_program(SH_EXECUTABLE sh) -mark_as_advanced(SH_EXECUTABLE) -if(SH_EXECUTABLE) - add_test(mansyntax ${SH_EXECUTABLE} -c - "srcdir=${CMAKE_CURRENT_SOURCE_DIR} ${CMAKE_CURRENT_SOURCE_DIR}/mansyntax.sh") -endif() diff --git a/tests/Makefile.am b/tests/Makefile.am index 0eef9a22..3803c076 100644 --- a/tests/Makefile.am +++ b/tests/Makefile.am @@ -2,21 +2,12 @@ SUBDIRS = ossfuzz AM_CPPFLAGS = -I$(top_builddir)/src -I$(top_srcdir)/src -I$(top_srcdir)/include -ctests = test_simple$(EXEEXT) -TESTS = $(ctests) mansyntax.sh -check_PROGRAMS = $(ctests) - -TEST_EXTENSIONS = .test -# 'TEST' in 'TEST_LOG_DRIVER' is the test extension in uppercase. -TEST_LOG_DRIVER = $(SHELL) $(top_srcdir)/tap-driver.sh -TESTS += test_read_algos.test - -if SSHD -TESTS += ssh2.sh -check_PROGRAMS += test_ssh2 -endif - -INTEGRATION_TESTS = \ +# Keep this list sorted +# +# NOTE: test_auth_keyboard_info_request does not use the network, but when +# run as Windows standalone test, it intermittently fails on GHA with: +# `Terminate batch job (Y/N)?` +DOCKER_TESTS = \ test_aa_warmup \ test_agent_forward_ok \ test_auth_keyboard_fail \ @@ -40,11 +31,41 @@ INTEGRATION_TESTS = \ test_hostkey_hash \ test_read -# Integration tests using Docker +STANDALONE_TESTS = \ + test_simple + +SSHD_TESTS = \ + test_ssh2 \ + test_auth_pubkey_ok_ed25519 + +# FIXME: Exported by autotools with the same value by default anyway? +TESTS_ENVIRONMENT = srcdir=$(top_srcdir)/tests builddir=$(top_builddir)/tests + +# Tests to run +TESTS = mansyntax.sh + if ! HOST_WINDOWS -TESTS += $(INTEGRATION_TESTS) +TESTS += $(DOCKER_TESTS) endif -check_PROGRAMS += $(INTEGRATION_TESTS) + +TESTS += $(STANDALONE_TESTS) + +# TAP tests +TEST_EXTENSIONS = .test +# 'TEST' in 'TEST_LOG_DRIVER' is the test extension in uppercase. +TEST_LOG_DRIVER = $(SHELL) $(top_srcdir)/tap-driver.sh + +TESTS_ENVIRONMENT += EXEEXT=$(EXEEXT) +if SSHD +TESTS += test_sshd.test +TESTS_ENVIRONMENT += SSHD="$(SSHD)" +endif +TESTS += test_read_algos.test + +# Tests to build +check_PROGRAMS = $(DOCKER_TESTS) $(STANDALONE_TESTS) $(SSHD_TESTS) + +# Internal library used by tests librunner_la_SOURCES = \ runner.c runner.h \ session_fixture.c session_fixture.h \ @@ -61,16 +82,8 @@ test_simple_LDFLAGS = -static # This must be last in the list so it resolves symbols in previous libraries LDADD += ../src/libssh2.la -TESTS_ENVIRONMENT = SSHD=$(SSHD) EXEEXT=$(EXEEXT) -TESTS_ENVIRONMENT += srcdir=$(top_srcdir)/tests builddir=$(top_builddir)/tests - EXTRA_DIST = \ CMakeLists.txt \ - etc/host \ - etc/host.pub \ - etc/sshd_config \ - etc/user \ - etc/user.pub \ key_dsa \ key_dsa.pub \ key_dsa_wrong \ @@ -96,17 +109,15 @@ EXTRA_DIST = \ mansyntax.sh \ openssh_server/Dockerfile \ openssh_server/authorized_keys \ - openssh_server/ca_rsa \ - openssh_server/ca_rsa.pub \ openssh_server/ca_ecdsa \ openssh_server/ca_ecdsa.pub \ + openssh_server/ca_rsa \ + openssh_server/ca_rsa.pub \ openssh_server/ssh_host_ecdsa_key \ openssh_server/ssh_host_ed25519_key \ openssh_server/ssh_host_rsa_key \ + openssh_server/sshd_config \ test_read_algos.test \ test_read_algos.txt \ - test_simple.c \ - test_ssh2.c \ - ssh2.sh \ - sshd_fixture.sh.in \ - sshdwrap + test_sshd.test \ + sshd_fixture.sh diff --git a/tests/etc/host b/tests/etc/host deleted file mode 100644 index c4ead711..00000000 --- a/tests/etc/host +++ /dev/null @@ -1,27 +0,0 @@ ------BEGIN RSA PRIVATE KEY----- -MIIEogIBAAKCAQEAwJaOo3i1X3N401hMd92lRec0tPMBgaF6ZDanovBiQP+PNo6g -VNtuF15AspbyxrViqtAyjLWQQlKGWgEFb2ga3ukzJll4dKPtNff3mO++W19ia0WQ -ZFWTAGcYqet4fvSALIpG+t/3u5MZXMNZPyCU8u1l+QXX14f6dEjzgRw7s3fSy/uv -Qawkgn8TQFvtSBOfvUTJPTAhhZqxZAt3nGH8d6vqD1hBNvdOpsohy6EgFh8V+kxn -UdQntrYe9WSz0djt0RRrdAvRkM0hq1UY8C9FTQQWni1n168c7FVrf65+GdJOn7NQ -Du0Whmh/R3flXR0kIBG+F7e8+e9W9OhlionkPwIBIwKCAQEAqpP6rgvT2DMTPtkt -yUCoU9tpMo4XRu4b8lxLVc2Y2nvz391pb7sJvO0Uu2/BFmYkMORKB5l/xbbOxL8T -cU2UJIVn0YJyAOj2rCTFW5KEB8mDDo4SLPtWUNBXrHF5WoDJTAVyEWdJInr5NOeJ -j68k1yoJ3JAlkwNozWUvclrVytZNohPhiYdKkj2DPlWKL//0INGIo9TU31AGJx2R -ymy105EFCXWDv1GAIWwqBjNNxzlyxDauuGTwWr2iYDyectBYApCkjyJzMpFn4Yiu -Mq5XomwkQhefK3y32bRasm+HSrQsGswSvSyS8I5YosjSKMmiWdYj4WxrSciT6gG/ -KHanEwKBgQDucA7E/s9aKs6rECypXPaCORxvbLqdqAiwzJ0edufE+g0aQU/Zm3xj -m6LGovdEcaBog4rfKCSB9NRKi35m4HV9PO4YBw6/lQ0NeO6jrb8OnZp/P97FbomT -AXBibzUjQ8fhbPCaJF/2TUEoyhNbzJkpl+M0zu2aQ3MUYVd4dZ4y4wKBgQDOxfeA -RH3ZPvdYI50jxW+/kKcio+APZZJ9xhtqOKzmEuJOPzlngWk5WQgS8B1aicHyFRhw -UT2vKeJvqqoeLbIE9Fm6qlpN22594S88+LOiMda4wRswxG9wBZ2J4+rrYKpcb1gt -JXvVKY7h5qLWGCR0x+ovOcNXABWsF8CAnOnb9QKBgA2gANgOj4F+yfslfuUbQUlF -F5FWq5P6+S6sm0ORxBniZyYSXFWT2zjkUnHAK2L/LbzUURQQ7CSu5487K8tdSIrQ -SB6hUUzGsEnppzyNleOT+jMoOJ2RSbCg/xuRU35bpQWRMlHzczKlVC43btILsPsP -/lrJ/vLfSGeQiKfMNOz3AoGAC9DMUHjxP50ytJRSH00cVBbk+qpHUVZC4p2bKqQn -IxcFnhI9y2Z7CpdfjA24iNSr/zRny+dinEuJSDWjUi5/M3utWx+tY4jhvgzeIL3B -HzYMRRJZUz5sxJKbSbVAn7xhgZ/2aPrT4EuEge/sDDvk03kjUyffRszOCdV4tuRl -IoMCgYEAnrexTd5GuxEEBg3qJgN4IMwoBzZlJ1voaI6I/AMuvQ5kVklYvHTPTZOI -kSIrvaG8xaOdf0f76XNdT7U/dkx0C0vcesy5++hqakmeRCHjfsE1wN7m+hGo5WcR -Jq8Ph9ZnH5RKjqDsHh7Y4BCewQNrMBqNQEzDebZCDBUTnK9OgOg= ------END RSA PRIVATE KEY----- diff --git a/tests/etc/host.pub b/tests/etc/host.pub deleted file mode 100644 index e1ad7f98..00000000 --- a/tests/etc/host.pub +++ /dev/null @@ -1 +0,0 @@ -ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAwJaOo3i1X3N401hMd92lRec0tPMBgaF6ZDanovBiQP+PNo6gVNtuF15AspbyxrViqtAyjLWQQlKGWgEFb2ga3ukzJll4dKPtNff3mO++W19ia0WQZFWTAGcYqet4fvSALIpG+t/3u5MZXMNZPyCU8u1l+QXX14f6dEjzgRw7s3fSy/uvQawkgn8TQFvtSBOfvUTJPTAhhZqxZAt3nGH8d6vqD1hBNvdOpsohy6EgFh8V+kxnUdQntrYe9WSz0djt0RRrdAvRkM0hq1UY8C9FTQQWni1n168c7FVrf65+GdJOn7NQDu0Whmh/R3flXR0kIBG+F7e8+e9W9OhlionkPw== jas@mocca diff --git a/tests/etc/sshd_config b/tests/etc/sshd_config deleted file mode 100644 index 331dcc90..00000000 --- a/tests/etc/sshd_config +++ /dev/null @@ -1,3 +0,0 @@ -Port 4711 -Protocol 2 -AuthorizedKeysFile /home/jas/src/libssh2/tests/etc/user.pub diff --git a/tests/etc/user b/tests/etc/user deleted file mode 100644 index 01bf6ac9..00000000 --- a/tests/etc/user +++ /dev/null @@ -1,27 +0,0 @@ ------BEGIN RSA PRIVATE KEY----- -MIIEoQIBAAKCAQEAxIgBuZS39D4bFnWminE7svGQLdVKx1aWKnEYEa+XtNU4DKZ/ -pxUHg0zbEBya+IkX1yqQYWALoiOwI8XhdemLp8g03BX7o+DLSWisfiHpCDVGAuNq -RDF7qnFyL/ZBH6e0XKMtsoB51TDuBc4Rxh6p1V2QL/fg8BoHcCrnKkoqN8PSoKUX -2lPKJ3JIF/P8cDLbKYCvbSTFOdf56eqg0GJe7jFtSwweE9yz3IWZ3kSS1E/9E6sX -aNCu/hUt1bvQthICQyBNoTtQP/igEUJ7n0GMetsnq9wiUSomLzWqIWNqmvOv62aC -XRi5sYgpSAR4Zvnm3Cx/Wl0BEPz2rrFkG+G0SQIBIwKCAQEAgSYtBOyzZfztOqUV -q277WFWZQrC8HJf8R8aparU3zpq+braOZnuImByP9KUVYX6pRECKw6WD/NWfonq4 -uzMSoXTviVBGRx6xeWIK880kG1Y1UlruD447Ur+ULiV7QLAIzylnLCiKk2lL9S+l -R63AD95mEOS4Y0ROB+Gt2fY5ABHRMqhGLvRKK8qwn35C1Z9qnTGhgiRbeoc373A5 -ZAYyegyLnbvyV47UfPYS/TVzxZ9RCx3D3I/9fI7ZAFafkkIufQX3QPaVxf0zFUwW -de/f+gTbySTL4RDF185Evunx+tYvzCyIimB0cTE5dfsCWcHDtO6DwehKiOgJsbeW -IrpeTwKBgQDnEMfv7ORR35Ouj91iNCSfLU/v0TSzAJBfqYovByhXRsopgWAKXUmH -mWpBBP5vcGu3NvKfiZcMMbBPfllvlxkafQwvCqrdn5mg01MdAHMWP/O9yfvuxMDE -KycU2G2CT8j85mIPn19WeIgXC/kws+P0RAVNCBNeq89Gvp4IdLN67wKBgQDZvTYh -TPCYG32jBK+CcWmOna2SLvBloDcNevhzfu3RGjLIXzUHGxLdx7slsP/tpndmXIAL -CgV6GfrLxix5bO08203S2qnnwP8VrjjNIv1CyZIbbQFAFIeC3QxZMZHnXieLrO0z -qF5CuUXcL3cMeGmF/0HN/rB+4sF0qfv8wD8kRwKBgFXTCG8O2HYueK6NNPiXBknA -X4T17wCocCOIHWHstzZcHzP82oeBvDmuAuTzOe7gnQmJcA9e/ZbQoJKOA/Y/b7lh -pXCO7wHcMb9kb1PqOWAJIASqG78V4TLrdOp8Re6Sqb0FHRu+2kSwbQ/f4DapN2lb -F+lpZke8KGq71ExImm99AoGAN/10UbSy5UjlytVRs9QFM00eAQTBeTfTpGFzFmJ3 -qsw48bIU8zLY9zNcAmC21rXG7m+Oo8C/lG0UmsyPF+jPSinDjf22qU7iger4qccr -Lm5YxTlJduC1IaaOJZBnWMBwkaF+0sTlCdfew5ctPbiQKcVLb3wBf7amxjpWvVYB -m50CgYAT6t2/Suav21J5zpzyrrt+oMZQ3MMzBnPHFRUQ1FdqZnE4eW5a10g0P+E+ -YeTol+fYxL34+cI5PREK3dcnW1E8g8KOsOQqMgWdTfZEDHYRLqEyGIhu20aqfJCY -qu9tBburQoSlym9aQp41CMxIyHrL4GnwRlJkTTEVhDuab1HmKw== ------END RSA PRIVATE KEY----- diff --git a/tests/etc/user.pub b/tests/etc/user.pub deleted file mode 100644 index c60e90d1..00000000 --- a/tests/etc/user.pub +++ /dev/null @@ -1 +0,0 @@ -ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAxIgBuZS39D4bFnWminE7svGQLdVKx1aWKnEYEa+XtNU4DKZ/pxUHg0zbEBya+IkX1yqQYWALoiOwI8XhdemLp8g03BX7o+DLSWisfiHpCDVGAuNqRDF7qnFyL/ZBH6e0XKMtsoB51TDuBc4Rxh6p1V2QL/fg8BoHcCrnKkoqN8PSoKUX2lPKJ3JIF/P8cDLbKYCvbSTFOdf56eqg0GJe7jFtSwweE9yz3IWZ3kSS1E/9E6sXaNCu/hUt1bvQthICQyBNoTtQP/igEUJ7n0GMetsnq9wiUSomLzWqIWNqmvOv62aCXRi5sYgpSAR4Zvnm3Cx/Wl0BEPz2rrFkG+G0SQ== jas@mocca diff --git a/tests/gen_keys.sh b/tests/gen_keys.sh index 3f8c0f60..23c5e634 100755 --- a/tests/gen_keys.sh +++ b/tests/gen_keys.sh @@ -44,18 +44,11 @@ cat \ 'key_rsa.pub' \ 'key_rsa_encrypted.pub' \ 'key_rsa_openssh.pub' \ - 'key_ecdsa.pub' \ 'key_ed25519.pub' \ 'key_ed25519_encrypted.pub' \ + 'key_ecdsa.pub' \ > openssh_server/authorized_keys -# tests/etc - -rm etc/host* etc/user* || true - -ssh-keygen -t rsa -b 2048 -N '' -m PEM -C 'etc_host_rsa' -f 'etc/host' -ssh-keygen -t rsa -b 2048 -N '' -m PEM -C 'etc_user_rsa' -f 'etc/user' - # tests/test_*.c echo 'Add these public keys and hashes to:' diff --git a/tests/key_ed25519 b/tests/key_ed25519 index bfb1ad56..bdf07a8e 100644 --- a/tests/key_ed25519 +++ b/tests/key_ed25519 @@ -1,7 +1,7 @@ -----BEGIN OPENSSH PRIVATE KEY----- b3BlbnNzaC1rZXktdjEAAAAABG5vbmUAAAAEbm9uZQAAAAAAAAABAAAAMwAAAAtzc2gtZW -QyNTUxOQAAACCMbXcoNmUVxO9FMMj1VB91MnwwVfBl+XDxet+j+oY6JgAAAJg8nvUxPJ71 -MQAAAAtzc2gtZWQyNTUxOQAAACCMbXcoNmUVxO9FMMj1VB91MnwwVfBl+XDxet+j+oY6Jg -AAAECnhCuTDYdz3kUn48BXkaCXXdbKdH7wSIQ/CUx1cbnR0Ixtdyg2ZRXE70UwyPVUH3Uy -fDBV8GX5cPF636P6hjomAAAAEHdpbGxAaUN1YmUubG9jYWwBAgMEBQ== +QyNTUxOQAAACBRINCCN823NclhoUcyHOSsE0ZZsddEUD9LEut/taDD4gAAAJDgVkFO4FZB +TgAAAAtzc2gtZWQyNTUxOQAAACBRINCCN823NclhoUcyHOSsE0ZZsddEUD9LEut/taDD4g +AAAECD4khMmQkiGtn/wwcwqKNRo3oCetwMOOlhli8S8So8OVEg0II3zbc1yWGhRzIc5KwT +Rlmx10RQP0sS63+1oMPiAAAAC2tleV9lZDI1NTE5AQI= -----END OPENSSH PRIVATE KEY----- diff --git a/tests/key_ed25519.pub b/tests/key_ed25519.pub index cd592194..ccc3b90f 100644 --- a/tests/key_ed25519.pub +++ b/tests/key_ed25519.pub @@ -1 +1 @@ -ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIIxtdyg2ZRXE70UwyPVUH3UyfDBV8GX5cPF636P6hjom +ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIFEg0II3zbc1yWGhRzIc5KwTRlmx10RQP0sS63+1oMPi key_ed25519 diff --git a/tests/mansyntax.sh b/tests/mansyntax.sh index 3b9a73d1..9c95ad44 100755 --- a/tests/mansyntax.sh +++ b/tests/mansyntax.sh @@ -10,9 +10,8 @@ set -e command -v gman >/dev/null 2>&1 && man() { gman "$@"; } -srcdir="${srcdir:-$PWD}" dstdir="${builddir:-$PWD}" -mandir="${srcdir}/../docs" +mandir="$(dirname "$0")/../docs" ec=0 diff --git a/tests/openssh_fixture.c b/tests/openssh_fixture.c index c05f501f..407cdcbf 100644 --- a/tests/openssh_fixture.c +++ b/tests/openssh_fixture.c @@ -53,7 +53,6 @@ #include #include #include -#include #include #if defined(WIN32) && defined(_WIN64) @@ -64,6 +63,11 @@ static int have_docker = 0; +int openssh_fixture_have_docker(void) +{ + return have_docker; +} + static int run_command_varg(char **output, const char *command, va_list args) { static const char redirect_stderr[] = "%s 2>&1"; @@ -229,10 +233,10 @@ static int is_running_inside_a_container(void) return 0; #else const char *cgroup_filename = "/proc/self/cgroup"; - FILE *f = NULL; + FILE *f; char *line = NULL; size_t len = 0; - ssize_t read = 0; + ssize_t read; int found = 0; f = fopen(cgroup_filename, "r"); if(!f) { @@ -331,7 +335,7 @@ static libssh2_socket_t open_socket_to_container(char *container_id) uint32_t hostaddr; libssh2_socket_t sock; struct sockaddr_in sin; - int counter = 0; + int counter; libssh2_socket_t ret = LIBSSH2_INVALID_SOCKET; if(have_docker) { diff --git a/tests/openssh_fixture.h b/tests/openssh_fixture.h index 055ee4ef..745e6c1f 100644 --- a/tests/openssh_fixture.h +++ b/tests/openssh_fixture.h @@ -41,5 +41,6 @@ int start_openssh_fixture(void); void stop_openssh_fixture(void); libssh2_socket_t open_socket_to_openssh_server(void); +int openssh_fixture_have_docker(void); #endif diff --git a/tests/openssh_server/Dockerfile b/tests/openssh_server/Dockerfile index a2712c16..4283ace9 100644 --- a/tests/openssh_server/Dockerfile +++ b/tests/openssh_server/Dockerfile @@ -33,7 +33,7 @@ # USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY # OF SUCH DAMAGE. -FROM debian:bullseye-slim +FROM debian:testing-slim RUN apt-get update \ && apt-get install -y openssh-server \ @@ -78,11 +78,10 @@ RUN chmod 600 /etc/ssh/ca_rsa RUN adduser --disabled-password --gecos 'Test user for libssh2 integration tests' libssh2 RUN echo 'libssh2:my test password' | chpasswd -RUN sed -i 's/ChallengeResponseAuthentication no/ChallengeResponseAuthentication yes/' /etc/ssh/sshd_config +RUN sed -i 's/KbdInteractiveAuthentication no/KbdInteractiveAuthentication yes/' /etc/ssh/sshd_config +COPY sshd_config /tmp/etc/ssh/sshd_config +RUN cat /tmp/etc/ssh/sshd_config >> /etc/ssh/sshd_config RUN echo "TrustedUserCAKeys /etc/ssh/ca_main.pub" >> /etc/ssh/sshd_config -RUN echo "PubkeyAcceptedKeyTypes=+ssh-dss" >> /etc/ssh/sshd_config -RUN echo "MACs +hmac-sha1,hmac-sha1-96,hmac-sha2-256,hmac-sha2-512,hmac-md5,hmac-md5-96,umac-64@openssh.com,umac-128@openssh.com,hmac-sha1-etm@openssh.com,hmac-sha1-96-etm@openssh.com,hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com,hmac-md5-etm@openssh.com,hmac-md5-96-etm@openssh.com,umac-64-etm@openssh.com,umac-128-etm@openssh.com" >> /etc/ssh/sshd_config -RUN echo "Ciphers +3des-cbc,aes128-cbc,aes192-cbc,aes256-cbc,rijndael-cbc@lysator.liu.se,aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm@openssh.com,aes256-gcm@openssh.com,chacha20-poly1305@openssh.com" >> /etc/ssh/sshd_config # SSH login fix. Otherwise user is kicked off after login diff --git a/tests/openssh_server/authorized_keys b/tests/openssh_server/authorized_keys index cdd6eef5..7679a46b 100644 --- a/tests/openssh_server/authorized_keys +++ b/tests/openssh_server/authorized_keys @@ -2,6 +2,6 @@ ssh-dss AAAAB3NzaC1kc3MAAACBAK2Jh2Ck+8W1+LsFrjgOIH7XHySiONPSdG+faFTZprinh9cjyR3o ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAnak1T7zHJ+hVRFBDQ9pf1KVzmd5gaNc7y7NPmL13aOG3sYeJevi1x1WM/R3tb8XnUnzZUX9GJN0MYovvZsw9bknG1mDP72LFbGp/gzPddGIKHBBpvceDaJ85sM/ME3XOtD7uuXQuNAuEHwEzSMMiSIEMcQS+lXIcMLr5xPLEkyNvqsO5RqSjMTLHKHgY8gLWx7oQ1avokhwuDxF7P3Pqtj+rW2Te6vR0i1H6EyFPsBkzkgNXb33cus8M1CnTmYTSgJgmHO2LLcGpjQ5sL8T/PWIWHaSqTnkrFXEMysgoteXnAYILjzyBaqq2WV4KA3TluGdAP2p8gC32QtKmIuis3Q== awl03@bounty ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC92YlGoc4PJy6DzX916JJZhxkvmkWBLGJdWOL7R9B6iaYEKebBxzTE3P1RcnxnuI06kklVq/KcDP9sLlgawTZcDg7ifM7HncPOi18OON8vvVVzodikHzuupjhpI5YTT9wwV2fDVi2URsBjvX4AFiZ5WM3/NwqdKpYABzWieBikXGJ58Tsnw+zQw2qMmKKESBuzSN538loTAj5iEH/GAKYDbbH9t2a17qhNCNEw4vrtURT9JqwO1cOg7N1OKpmqCPEbK0wuSTljNC230VJ06X/8UqahWWSH6MreGy6gwpPi6i9wFiFLur301R0dTPiKVhz6bguhcC1EAlhSgjfelFJt awl03@bounty ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDTe1lN2L/yet0Ma1JzXkQf3t1f+pauALec2FsGZy87KRJW1AOxcTTiePjlFwP1yfSK1lWXQ+uf0b61gkKqqR52FDky24HJWuYlfXlEQMn2d/PNDNVDDbO4TXKyNxxUHFJ6qYMNd4kWjOH+6rmYoWKsWV+3mDRbHagbVPEYL8wep8OTqKOqruVLVPzZyYZkBtn4XOFi6UE8WKiSVdK1Am1O5UxvlD95t32eYch6wQ9azgMqja6spe/L5UJgP83QZFknVC3wPZWkjqomVFql0FpaQclENwyY/OZMxr0cT/f7bCL6s4A/1XpbsGmC0xak4/THHbOn+0LdIej2nGV8JFoR -ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIIxtdyg2ZRXE70UwyPVUH3UyfDBV8GX5cPF636P6hjom +ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIFEg0II3zbc1yWGhRzIc5KwTRlmx10RQP0sS63+1oMPi ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAICHxEyUTOVHXvdMFARedFQ+H9DW/n8Zy3daKKRqnTDMq ecdsa-sha2-nistp384 AAAAE2VjZHNhLXNoYTItbmlzdHAzODQAAAAIbmlzdHAzODQAAABhBOiyJJwf+hFJrOkik9IQVxjhhVnI1vKl4BGLj03erLvw4TXXwoZzlPx6J936fU9JvvPw+d8PA4viMEfFbmdbHREKhwi3u1vZrfj0mB8SXw96AcZwX8PAL556wgom+/Qx+Q== diff --git a/tests/openssh_server/sshd_config b/tests/openssh_server/sshd_config new file mode 100644 index 00000000..1069566f --- /dev/null +++ b/tests/openssh_server/sshd_config @@ -0,0 +1,4 @@ +HostKeyAlgorithms +ssh-rsa +PubkeyAcceptedKeyTypes +ssh-rsa,ssh-dss,ssh-rsa-cert-v01@openssh.com +MACs +hmac-sha1,hmac-sha1-96,hmac-sha2-256,hmac-sha2-512,hmac-md5,hmac-md5-96,umac-64@openssh.com,umac-128@openssh.com,hmac-sha1-etm@openssh.com,hmac-sha1-96-etm@openssh.com,hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com,hmac-md5-etm@openssh.com,hmac-md5-96-etm@openssh.com,umac-64-etm@openssh.com,umac-128-etm@openssh.com +Ciphers +3des-cbc,aes128-cbc,aes192-cbc,aes256-cbc,aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm@openssh.com,aes256-gcm@openssh.com,chacha20-poly1305@openssh.com diff --git a/tests/session_fixture.c b/tests/session_fixture.c index 3485b644..e23a5fcf 100644 --- a/tests/session_fixture.c +++ b/tests/session_fixture.c @@ -392,9 +392,9 @@ int test_auth_password(LIBSSH2_SESSION *session, int flags, static int read_file(const char *path, char **out_buffer, size_t *out_len) { - FILE *fp = NULL; - char *buffer = NULL; - size_t len = 0; + FILE *fp; + char *buffer; + size_t len; if(!out_buffer || !out_len || !path) { fprintf(stderr, "invalid params.\n"); @@ -444,10 +444,14 @@ int test_auth_pubkey(LIBSSH2_SESSION *session, int flags, const char *fn_priv) { int rc; + const char *userauth_list; - const char *userauth_list = - libssh2_userauth_list(session, username, - (unsigned int)strlen(username)); + /* Ignore our hard-wired Dockerfile user when not running under Docker */ + if(!openssh_fixture_have_docker() && strcmp(username, "libssh2") == 0) + username = getenv("USER"); + + userauth_list = libssh2_userauth_list(session, username, + (unsigned int)strlen(username)); if(!userauth_list) { print_last_session_error("libssh2_userauth_list"); return 1; diff --git a/tests/ssh2.sh b/tests/ssh2.sh deleted file mode 100755 index fa604cb2..00000000 --- a/tests/ssh2.sh +++ /dev/null @@ -1,47 +0,0 @@ -#!/bin/sh - -# Written by Simon Josefsson. - -# Start sshd, invoke parameters, saving exit code, kill sshd, and -# return exit code. - -srcdir="${srcdir:-$PWD}" -SSHD="${SSHD:-/usr/sbin/sshd}" - -cmd="./test_ssh2${EXEEXT}" -srcdir="$(cd "$srcdir" || exit; pwd)" - -export PRIVKEY="$srcdir/etc/user" -export PUBKEY="$srcdir/etc/user.pub" - -if test -n "$DEBUG"; then - libssh2_sshd_params="-d -d" -fi - -chmod go-rwx "$srcdir"/etc/host* -# shellcheck disable=SC2086 -"$SSHD" -f /dev/null -h "$srcdir/etc/host" \ - -o 'Port 4711' \ - -o 'Protocol 2' \ - -o "AuthorizedKeysFile $srcdir/etc/user.pub" \ - -o 'UsePrivilegeSeparation no' \ - -o 'StrictModes no' \ - -D \ - $libssh2_sshd_params & -sshdpid=$! - -trap 'kill "${sshdpid}"; echo signal killing sshd; exit 1;' EXIT - -: "started sshd (${sshdpid})" - -sleep 3 - -: "Invoking $cmd..." -eval "$cmd" -ec=$? -: "Self-test exit code $ec" - -: "killing sshd (${sshdpid})" -kill "${sshdpid}" > /dev/null 2>&1 -trap "" EXIT -exit "$ec" diff --git a/tests/sshd_fixture.sh b/tests/sshd_fixture.sh new file mode 100755 index 00000000..5d8969db --- /dev/null +++ b/tests/sshd_fixture.sh @@ -0,0 +1,73 @@ +#!/usr/bin/env bash + +# Written by Simon Josefsson + +# Start sshd, invoke parameters, saving exit code, kill sshd, and +# return exit code. + +if [ -n "$1" ]; then + cmd="$*" +else + cmd="${cmd:-./test_ssh2}" +fi + +d="$(dirname "$0")" +d="$(cd "${d}" || exit; pwd)" # sshd needs absolute paths + +SSHD="${SSHD:-/usr/sbin/sshd}" +[[ "$(uname)" = *'_NT'* ]] && SSHD="$(cygpath -u "${SSHD}")" + +# for our test clients: +[ -z "${PRIVKEY}" ] && export PRIVKEY="${d}/key_rsa" +[ -z "${PUBKEY}" ] && export PUBKEY="${d}/key_rsa.pub" +cakeys="${d}/ca_main.pub" + +if [ -n "${DEBUG}" ]; then + libssh2_sshd_params="-d -d" +fi + +cat \ + "${d}/openssh_server/ca_ecdsa.pub" \ + "${d}/openssh_server/ca_rsa.pub" \ + > "${cakeys}" + +chmod go-rwx \ + "${d}"/openssh_server/ssh_host_* \ + "${cakeys}" + +export OPENSSH_NO_DOCKER=1 + +# shellcheck disable=SC2086 +"${SSHD}" \ + -f "${SSHD_FIXTURE_CONFIG:-${d}/openssh_server/sshd_config}" \ + -o 'Port 4711' \ + -h "${d}/openssh_server/ssh_host_rsa_key" \ + -h "${d}/openssh_server/ssh_host_ecdsa_key" \ + -h "${d}/openssh_server/ssh_host_ed25519_key" \ + -o "AuthorizedKeysFile ${PUBKEY} ${d}/key_dsa.pub ${d}/key_rsa.pub ${d}/key_rsa_encrypted.pub ${d}/key_rsa_openssh.pub ${d}/key_ed25519.pub ${d}/key_ed25519_encrypted.pub ${d}/key_ecdsa.pub" \ + -o "TrustedUserCAKeys ${cakeys}" \ + -D \ + ${libssh2_sshd_params} & +sshdpid=$! + +trap 'kill "${sshdpid}"; echo signal killing sshd; exit 1;' EXIT + +: "started sshd (${sshdpid})" + +if [[ "$(uname)" = *'_NT'* ]]; then + sleep 5 +else + sleep 3 +fi + +: "Invoking '${cmd}'..." +eval "${cmd}" +ec=$? +: "Self-test exit code ${ec}" + +rm -f "${cakeys}" + +: "killing sshd (${sshdpid})" +kill "${sshdpid}" > /dev/null 2>&1 +trap '' EXIT +exit "${ec}" diff --git a/tests/sshd_fixture.sh.in b/tests/sshd_fixture.sh.in deleted file mode 100644 index 086cdb26..00000000 --- a/tests/sshd_fixture.sh.in +++ /dev/null @@ -1,51 +0,0 @@ -#!/bin/sh - -# Written by Simon Josefsson. - -# Start sshd, invoke parameters, saving exit code, kill sshd, and -# return exit code. - -srcdir="@SSHD_TEST_CONFIG_DIR@" -SSHD="@SSHD_EXECUTABLE@" - -cmd="\"$1\"" - -export PRIVKEY="$srcdir/etc/user" -export PUBKEY="$srcdir/etc/user.pub" - -if test -n "$DEBUG"; then - libssh2_sshd_params="-d -d" -fi - -chmod go-rwx "$srcdir"/etc/host* -# shellcheck disable=SC2086 -"$SSHD" -f /dev/null -h "$srcdir/etc/host" \ - -o 'Port 4711' \ - -o 'Protocol 2' \ - -o "AuthorizedKeysFile \"$srcdir/etc/user.pub\"" \ - -o 'UsePrivilegeSeparation no' \ - -o 'StrictModes no' \ - -D \ - $libssh2_sshd_params & -sshdpid=$! - -trap 'kill "${sshdpid}"; echo signal killing sshd; exit 1;' EXIT - -: "started sshd (${sshdpid})" - -sleep 3 - -if ! kill -0 "${sshdpid}"; then - echo "SSHD exited before test started" - exit 1 -fi - -: "Invoking $cmd..." -eval "$cmd" -ec=$? -: "Self-test exit code $ec" - -: "killing sshd (${sshdpid})" -kill "${sshdpid}" > /dev/null 2>&1 -trap "" EXIT -exit "$ec" diff --git a/tests/sshdwrap b/tests/sshdwrap deleted file mode 100755 index 496056dd..00000000 --- a/tests/sshdwrap +++ /dev/null @@ -1,28 +0,0 @@ -#!/bin/sh -x - -# Written by Simon Josefsson - -# Start sshd, invoke parameters, saving exit code, kill sshd, and -# return exit code. - -cmd="$*" -SSHD="${SSHD:-/usr/sbin/sshd}" - -"$SSHD" -f etc/sshd_config -h "$PWD/etc/host" -D & -sshdpid=$! - -trap 'kill "${sshdpid}"; echo signal killing sshd; exit 1;' EXIT - -: "started sshd (${sshdpid})" - -sleep 1 - -: "Invoking $cmd..." -eval "$cmd" -ec=$? -: "Self-test exit code $ec" - -: "killing sshd (${sshdpid})" -kill "${sshdpid}" > /dev/null 2>&1 -trap "" EXIT -exit "$ec" diff --git a/tests/test_auth_keyboard_info_request.c b/tests/test_auth_keyboard_info_request.c index 83860ffc..a127c723 100644 --- a/tests/test_auth_keyboard_info_request.c +++ b/tests/test_auth_keyboard_info_request.c @@ -248,7 +248,7 @@ int test_case(int num, int rc; char *message; int error_code; - LIBSSH2_SESSION *session = NULL; + LIBSSH2_SESSION *session; alloc_count = 0; free_count = 0; diff --git a/tests/test_read_algos.test b/tests/test_read_algos.test index 1b0556ad..b5c5a9c7 100755 --- a/tests/test_read_algos.test +++ b/tests/test_read_algos.test @@ -3,14 +3,15 @@ # https://testanything.org/tap-specification.html if [[ "$(uname)" = *'_NT'* ]]; then + # 'no matching manifest for windows/amd64 in the manifest list entries' echo "1..0 # skip test_read tests due to docker issues" exit 0 fi -testbin='./test_read' +testbin="./test_read${EXEEXT}" d="$(dirname "$0")" -algos="$(cat "${d}/test_read_algos.txt")" +algos="$(tr -d $"\r" < "${d}/test_read_algos.txt")" count=1 total="$(echo "${algos}" | wc -l | tr -d ' ')" diff --git a/tests/test_read_algos.txt b/tests/test_read_algos.txt index 35ce3cdd..a6f61738 100644 --- a/tests/test_read_algos.txt +++ b/tests/test_read_algos.txt @@ -7,7 +7,6 @@ aes192-ctr aes256-cbc aes256-ctr aes256-gcm@openssh.com -rijndael-cbc@lysator.liu.se hmac-md5 hmac-md5-96 hmac-sha1 diff --git a/tests/test_ssh2.c b/tests/test_ssh2.c index 479a1190..a1374b8a 100644 --- a/tests/test_ssh2.c +++ b/tests/test_ssh2.c @@ -16,18 +16,25 @@ #include #endif -#include -#include -#include #include #include -#include -static const char *pubkey = "etc/user.pub"; -static const char *privkey = "etc/user"; +static const char *hostname = "127.0.0.1"; +static const unsigned short port_number = 4711; +static const char *pubkey = "key_rsa.pub"; +static const char *privkey = "key_rsa"; static const char *username = "username"; static const char *password = "password"; +static void portable_sleep(unsigned int seconds) +{ +#ifdef WIN32 + Sleep(seconds); +#else + sleep(seconds); +#endif +} + int main(int argc, char *argv[]) { uint32_t hostaddr; @@ -39,6 +46,7 @@ int main(int argc, char *argv[]) int rc; LIBSSH2_SESSION *session = NULL; LIBSSH2_CHANNEL *channel; + int counter; #ifdef WIN32 WSADATA wsadata; @@ -62,7 +70,11 @@ int main(int argc, char *argv[]) if(getenv("PUBKEY")) pubkey = getenv("PUBKEY"); - hostaddr = htonl(0x7F000001); + hostaddr = inet_addr(hostname); + if(hostaddr == (uint32_t)(-1)) { + fprintf(stderr, "Failed to convert %s host address\n", hostname); + return 1; + } rc = libssh2_init(0); if(rc) { @@ -78,14 +90,25 @@ int main(int argc, char *argv[]) goto shutdown; } -#ifndef WIN32 - fcntl(sock, F_SETFL, 0); -#endif sin.sin_family = AF_INET; - sin.sin_port = htons(4711); + sin.sin_port = htons(port_number); sin.sin_addr.s_addr = hostaddr; - if(connect(sock, (struct sockaddr*)(&sin), sizeof(struct sockaddr_in))) { - fprintf(stderr, "failed to connect!\n"); + + for(counter = 0; counter < 3; ++counter) { + if(connect(sock, (struct sockaddr*)(&sin), + sizeof(struct sockaddr_in))) { + fprintf(stderr, + "Connection to %s:%d attempt #%d failed: retrying...\n", + hostname, port_number, counter); + portable_sleep(1 + 2*counter); + } + else { + break; + } + } + if(sock == LIBSSH2_INVALID_SOCKET) { + fprintf(stderr, "Failed to connect to %s:%d\n", + hostname, port_number); goto shutdown; } @@ -98,6 +121,8 @@ int main(int argc, char *argv[]) goto shutdown; } + libssh2_session_set_blocking(session, 1); + rc = libssh2_session_handshake(session, sock); if(rc) { fprintf(stderr, "Failure establishing SSH session: %d\n", rc); diff --git a/tests/test_sshd.test b/tests/test_sshd.test new file mode 100755 index 00000000..03ca3d75 --- /dev/null +++ b/tests/test_sshd.test @@ -0,0 +1,35 @@ +#!/usr/bin/env bash + +# https://testanything.org/tap-specification.html + +d="$(dirname "$0")" +uname="$(uname)" + +# Load list of SSHD tests from Makefile.am +tests='' +load=0 +while read -r l; do + if [[ "${l}" = 'SSHD_TESTS ='* ]]; then + load=1 + elif [ "${load}" = '1' ]; then + tests="${tests} ${l/\\}" + [[ ! "${l}" = *"\\" ]] && break + # On Windows, subsequent tests may be flaky + [[ "${uname}" = *'_NT'* ]] && break + fi +done <<< "$(tr -d $"\r" < "${d}/Makefile.am")" + +count=1 +total="$(echo "${tests}" | wc -w | tr -d ' ')" + +echo "${count}..${total}" + +for test in ${tests}; do + if "${d}/sshd_fixture.sh" "./${test}${EXEEXT}"; then + res='ok' + else + res='not ok' + fi + echo "${res} ${count} - sshd-${test}" + ((count++)) +done