mirrors/openssh
0
0
Fork 0
mirror of git://anongit.mindrot.org/openssh.git synced 2024-11-28 07:14:31 +08:00
Code Issues Packages Projects Releases Wiki Activity

make unittests pass for no-openssl case

Browse Source
This commit is contained in:
Damien Miller 2019-09-07 19:25:00 +10:00
parent 105e1c9218
commit f61f29afda
14 changed files with 120 additions and 31 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
regress/unittests/bitmap/tests.c
View File

@ -16,7 +16,9 @@
#include <stdlib.h>
#include <string.h>
#ifdef WITH_OPENSSL
#include <openssl/bn.h>
#endif
#include "../test_helper/test_helper.h"
@ -27,6 +29,7 @@
void
tests(void)
{
#ifdef WITH_OPENSSL
struct bitmap *b;
BIGNUM *bn;
size_t len;
@ -131,5 +134,6 @@ tests(void)
bitmap_free(b);
BN_free(bn);
TEST_DONE();
#endif
}

28
regress/unittests/hostkeys/test_iterate.c
View File

@ -57,7 +57,7 @@ check(struct hostkey_foreach_line *l, void *_ctx)
int parse_key = (ctx->flags & HKF_WANT_PARSE_KEY) != 0;
const int matching = (ctx->flags & HKF_WANT_MATCH) != 0;
u_int expected_status, expected_match;
int expected_keytype;
int expected_keytype, skip = 0;
test_subtest_info("entry %zu/%zu, file line %ld",
ctx->i + 1, ctx->nexpected, l->linenum);
@ -92,13 +92,23 @@ check(struct hostkey_foreach_line *l, void *_ctx)
#ifndef OPENSSL_HAS_ECC
if (expected->l.keytype == KEY_ECDSA ||
expected->no_parse_keytype == KEY_ECDSA) {
expected->no_parse_keytype == KEY_ECDSA)
skip = 1;
#endif /* OPENSSL_HAS_ECC */
#ifndef WITH_OPENSSL
if (expected->l.keytype == KEY_DSA ||
expected->no_parse_keytype == KEY_DSA ||
expected->l.keytype == KEY_RSA ||
expected->no_parse_keytype == KEY_RSA ||
expected->l.keytype == KEY_ECDSA ||
expected->no_parse_keytype == KEY_ECDSA)
skip = 1;
#endif /* WITH_OPENSSL */
if (skip) {
expected_status = HKF_STATUS_INVALID;
expected_keytype = KEY_UNSPEC;
parse_key = 0;
}
#endif
UPDATE_MATCH_STATUS(match_host_p);
UPDATE_MATCH_STATUS(match_host_s);
UPDATE_MATCH_STATUS(match_ipv4);
@ -145,7 +155,15 @@ prepare_expected(struct expected *expected, size_t n)
#ifndef OPENSSL_HAS_ECC
if (expected[i].l.keytype == KEY_ECDSA)
continue;
#endif
#endif /* OPENSSL_HAS_ECC */
#ifndef WITH_OPENSSL
switch (expected[i].l.keytype) {
case KEY_RSA:
case KEY_DSA:
case KEY_ECDSA:
continue;
}
#endif /* WITH_OPENSSL */
ASSERT_INT_EQ(sshkey_load_public(
test_data_file(expected[i].key_file), &expected[i].l.key,
NULL), 0);

12
regress/unittests/kex/test_kex.c
View File

@ -142,13 +142,15 @@ do_kex_with_key(char *kex, int keytype, int bits)
sshbuf_free(state);
ASSERT_PTR_NE(server2->kex, NULL);
/* XXX we need to set the callbacks */
#ifdef WITH_OPENSSL
server2->kex->kex[KEX_DH_GRP1_SHA1] = kex_gen_server;
server2->kex->kex[KEX_DH_GRP14_SHA1] = kex_gen_server;
server2->kex->kex[KEX_DH_GEX_SHA1] = kexgex_server;
server2->kex->kex[KEX_DH_GEX_SHA256] = kexgex_server;
#ifdef OPENSSL_HAS_ECC
server2->kex->kex[KEX_ECDH_SHA2] = kex_gen_server;
#endif
#endif /* OPENSSL_HAS_ECC */
#endif /* WITH_OPENSSL */
server2->kex->kex[KEX_C25519_SHA256] = kex_gen_server;
server2->kex->load_host_public_key = server->kex->load_host_public_key;
server2->kex->load_host_private_key = server->kex->load_host_private_key;
@ -175,11 +177,13 @@ do_kex_with_key(char *kex, int keytype, int bits)
static void
do_kex(char *kex)
{
#ifdef WITH_OPENSSL
do_kex_with_key(kex, KEY_RSA, 2048);
do_kex_with_key(kex, KEY_DSA, 1024);
#ifdef OPENSSL_HAS_ECC
do_kex_with_key(kex, KEY_ECDSA, 256);
#endif
#endif /* OPENSSL_HAS_ECC */
#endif /* WITH_OPENSSL */
do_kex_with_key(kex, KEY_ED25519, 256);
}
@ -187,13 +191,15 @@ void
kex_tests(void)
{
do_kex("curve25519-sha256@libssh.org");
#ifdef WITH_OPENSSL
#ifdef OPENSSL_HAS_ECC
do_kex("ecdh-sha2-nistp256");
do_kex("ecdh-sha2-nistp384");
do_kex("ecdh-sha2-nistp521");
#endif
#endif /* OPENSSL_HAS_ECC */
do_kex("diffie-hellman-group-exchange-sha256");
do_kex("diffie-hellman-group-exchange-sha1");
do_kex("diffie-hellman-group14-sha1");
do_kex("diffie-hellman-group1-sha1");
#endif /* WITH_OPENSSL */
}

3
regress/unittests/sshbuf/test_sshbuf_getput_crypto.c
View File

@ -7,6 +7,8 @@
#include "includes.h"
#ifdef WITH_OPENSSL
#include <sys/types.h>
#include <sys/param.h>
#include <stdio.h>
@ -276,3 +278,4 @@ sshbuf_getput_crypto_tests(void)
#endif
}
#endif /* WITH_OPENSSL */

8
regress/unittests/sshbuf/test_sshbuf_getput_fuzz.c
View File

@ -32,10 +32,12 @@ static void
attempt_parse_blob(u_char *blob, size_t len)
{
struct sshbuf *p1;
#ifdef WITH_OPENSSL
BIGNUM *bn;
#if defined(OPENSSL_HAS_ECC) && defined(OPENSSL_HAS_NISTP256)
EC_KEY *eck;
#endif
#endif /* defined(OPENSSL_HAS_ECC) && defined(OPENSSL_HAS_NISTP256) */
#endif /* WITH_OPENSSL */
u_char *s;
size_t l;
u_int8_t u8;
@ -54,6 +56,7 @@ attempt_parse_blob(u_char *blob, size_t len)
bzero(s, l);
free(s);
}
#ifdef WITH_OPENSSL
bn = NULL;
sshbuf_get_bignum2(p1, &bn);
BN_clear_free(bn);
@ -62,7 +65,8 @@ attempt_parse_blob(u_char *blob, size_t len)
ASSERT_PTR_NE(eck, NULL);
sshbuf_get_eckey(p1, eck);
EC_KEY_free(eck);
#endif
#endif /* defined(OPENSSL_HAS_ECC) && defined(OPENSSL_HAS_NISTP256) */
#endif /* WITH_OPENSSL */
sshbuf_free(p1);
}

2
regress/unittests/sshbuf/tests.c
View File

@ -20,7 +20,9 @@ tests(void)
{
sshbuf_tests();
sshbuf_getput_basic_tests();
#ifdef WITH_OPENSSL
sshbuf_getput_crypto_tests();
#endif
sshbuf_misc_tests();
sshbuf_fuzz_tests();
sshbuf_getput_fuzz_tests();

6
regress/unittests/sshkey/common.c
View File

@ -19,13 +19,15 @@
#include <string.h>
#include <unistd.h>
#ifdef WITH_OPENSSL
#include <openssl/bn.h>
#include <openssl/rsa.h>
#include <openssl/dsa.h>
#include <openssl/objects.h>
#ifdef OPENSSL_HAS_NISTP256
# include <openssl/ec.h>
#endif
#endif /* OPENSSL_HAS_NISTP256 */
#endif /* WITH_OPENSSL */
#include "openbsd-compat/openssl-compat.h"
@ -72,6 +74,7 @@ load_text_file(const char *name)
return ret;
}
#ifdef WITH_OPENSSL
BIGNUM *
load_bignum(const char *name)
{
@ -160,4 +163,5 @@ dsa_priv_key(struct sshkey *k)
DSA_get0_key(k->dsa, NULL, &priv_key);
return priv_key;
}
#endif /* WITH_OPENSSL */

8
regress/unittests/sshkey/test_file.c
View File

@ -19,13 +19,15 @@
#include <string.h>
#include <unistd.h>
#ifdef WITH_OPENSSL
#include <openssl/bn.h>
#include <openssl/rsa.h>
#include <openssl/dsa.h>
#include <openssl/objects.h>
#ifdef OPENSSL_HAS_NISTP256
# include <openssl/ec.h>
#endif
#endif /* OPENSSL_HAS_NISTP256 */
#endif /* WITH_OPENSSL */
#include "../test_helper/test_helper.h"
@ -44,7 +46,9 @@ sshkey_file_tests(void)
{
struct sshkey *k1, *k2;
struct sshbuf *buf, *pw;
#ifdef WITH_OPENSSL
BIGNUM *a, *b, *c;
#endif
char *cp;
TEST_START("load passphrase");
@ -52,6 +56,7 @@ sshkey_file_tests(void)
TEST_DONE();
#ifdef WITH_OPENSSL
TEST_START("parse RSA from private");
buf = load_file("rsa_1");
ASSERT_INT_EQ(sshkey_parse_private_fileblob(buf, "", &k1, NULL), 0);
@ -350,6 +355,7 @@ sshkey_file_tests(void)
sshkey_free(k1);
#endif /* OPENSSL_HAS_ECC */
#endif /* WITH_OPENSSL */
TEST_START("parse Ed25519 from private");
buf = load_file("ed25519_1");

14
regress/unittests/sshkey/test_fuzz.c
View File

@ -113,7 +113,7 @@ sshkey_fuzz_tests(void)
struct fuzz *fuzz;
int r, i;
#ifdef WITH_OPENSSL
TEST_START("fuzz RSA private");
buf = load_file("rsa_1");
fuzz = fuzz_begin(FUZZ_BASE64, sshbuf_mutable_ptr(buf),
@ -246,7 +246,8 @@ sshkey_fuzz_tests(void)
sshbuf_free(fuzzed);
fuzz_cleanup(fuzz);
TEST_DONE();
#endif
#endif /* OPENSSL_HAS_ECC */
#endif /* WITH_OPENSSL */
TEST_START("fuzz Ed25519 private");
buf = load_file("ed25519_1");
@ -270,6 +271,7 @@ sshkey_fuzz_tests(void)
fuzz_cleanup(fuzz);
TEST_DONE();
#ifdef WITH_OPENSSL
TEST_START("fuzz RSA public");
buf = load_file("rsa_1");
ASSERT_INT_EQ(sshkey_parse_private_fileblob(buf, "", &k1, NULL), 0);
@ -312,7 +314,8 @@ sshkey_fuzz_tests(void)
public_fuzz(k1);
sshkey_free(k1);
TEST_DONE();
#endif
#endif /* OPENSSL_HAS_ECC */
#endif /* WITH_OPENSSL */
TEST_START("fuzz Ed25519 public");
buf = load_file("ed25519_1");
@ -328,6 +331,7 @@ sshkey_fuzz_tests(void)
sshkey_free(k1);
TEST_DONE();
#ifdef WITH_OPENSSL
TEST_START("fuzz RSA sig");
buf = load_file("rsa_1");
ASSERT_INT_EQ(sshkey_parse_private_fileblob(buf, "", &k1, NULL), 0);
@ -368,7 +372,8 @@ sshkey_fuzz_tests(void)
sig_fuzz(k1, NULL);
sshkey_free(k1);
TEST_DONE();
#endif
#endif /* OPENSSL_HAS_ECC */
#endif /* WITH_OPENSSL */
TEST_START("fuzz Ed25519 sig");
buf = load_file("ed25519_1");
@ -379,5 +384,6 @@ sshkey_fuzz_tests(void)
TEST_DONE();
/* XXX fuzz decoded new-format blobs too */
/* XXX fuzz XMSS too */
}

36
regress/unittests/sshkey/test_sshkey.c
View File

@ -50,6 +50,7 @@ put_opt(struct sshbuf *b, const char *name, const char *value)
sshbuf_free(sect);
}
#ifdef WITH_OPENSSL
static void
build_cert(struct sshbuf *b, struct sshkey *k, const char *type,
struct sshkey *sign_key, struct sshkey *ca_key,
@ -110,6 +111,7 @@ build_cert(struct sshbuf *b, struct sshkey *k, const char *type,
sshbuf_free(principals);
sshbuf_free(pk);
}
#endif /* WITH_OPENSSL */
static void
signature_test(struct sshkey *k, struct sshkey *bad, const char *sig_alg,
@ -176,10 +178,13 @@ get_private(const char *n)
void
sshkey_tests(void)
{
struct sshkey *k1, *k2, *k3, *k4, *kr, *kd, *kf;
struct sshkey *k1, *k2, *k3, *kf;
#ifdef WITH_OPENSSL
struct sshkey *k4, *kr, *kd;
#ifdef OPENSSL_HAS_ECC
struct sshkey *ke;
#endif
#endif /* OPENSSL_HAS_ECC */
#endif /* WITH_OPENSSL */
struct sshbuf *b;
TEST_START("new invalid");
@ -193,6 +198,7 @@ sshkey_tests(void)
sshkey_free(k1);
TEST_DONE();
#ifdef WITH_OPENSSL
TEST_START("new/free KEY_RSA");
k1 = sshkey_new(KEY_RSA);
ASSERT_PTR_NE(k1, NULL);
@ -281,7 +287,8 @@ sshkey_tests(void)
ASSERT_PTR_NE(EC_KEY_get0_public_key(ke->ecdsa), NULL);
ASSERT_PTR_NE(EC_KEY_get0_private_key(ke->ecdsa), NULL);
TEST_DONE();
#endif
#endif /* OPENSSL_HAS_ECC */
#endif /* WITH_OPENSSL */
TEST_START("generate KEY_ED25519");
ASSERT_INT_EQ(sshkey_generate(KEY_ED25519, 256, &kf), 0);
@ -291,6 +298,7 @@ sshkey_tests(void)
ASSERT_PTR_NE(kf->ed25519_sk, NULL);
TEST_DONE();
#ifdef WITH_OPENSSL
TEST_START("demote KEY_RSA");
ASSERT_INT_EQ(sshkey_from_private(kr, &k1), 0);
ASSERT_PTR_NE(k1, NULL);
@ -338,7 +346,8 @@ sshkey_tests(void)
ASSERT_INT_EQ(sshkey_equal(ke, k1), 1);
sshkey_free(k1);
TEST_DONE();
#endif
#endif /* OPENSSL_HAS_ECC */
#endif /* WITH_OPENSSL */
TEST_START("demote KEY_ED25519");
ASSERT_INT_EQ(sshkey_from_private(kf, &k1), 0);
@ -354,17 +363,20 @@ sshkey_tests(void)
sshkey_free(k1);
TEST_DONE();
#ifdef WITH_OPENSSL
TEST_START("equal mismatched key types");
ASSERT_INT_EQ(sshkey_equal(kd, kr), 0);
#ifdef OPENSSL_HAS_ECC
ASSERT_INT_EQ(sshkey_equal(kd, ke), 0);
ASSERT_INT_EQ(sshkey_equal(kr, ke), 0);
ASSERT_INT_EQ(sshkey_equal(ke, kf), 0);
#endif
#endif /* OPENSSL_HAS_ECC */
ASSERT_INT_EQ(sshkey_equal(kd, kf), 0);
TEST_DONE();
#endif /* WITH_OPENSSL */
TEST_START("equal different keys");
#ifdef WITH_OPENSSL
ASSERT_INT_EQ(sshkey_generate(KEY_RSA, 1024, &k1), 0);
ASSERT_INT_EQ(sshkey_equal(kr, k1), 0);
sshkey_free(k1);
@ -375,17 +387,20 @@ sshkey_tests(void)
ASSERT_INT_EQ(sshkey_generate(KEY_ECDSA, 256, &k1), 0);
ASSERT_INT_EQ(sshkey_equal(ke, k1), 0);
sshkey_free(k1);
#endif
#endif /* OPENSSL_HAS_ECC */
#endif /* WITH_OPENSSL */
ASSERT_INT_EQ(sshkey_generate(KEY_ED25519, 256, &k1), 0);
ASSERT_INT_EQ(sshkey_equal(kf, k1), 0);
sshkey_free(k1);
TEST_DONE();
#ifdef WITH_OPENSSL
sshkey_free(kr);
sshkey_free(kd);
#ifdef OPENSSL_HAS_ECC
sshkey_free(ke);
#endif
#endif /* OPENSSL_HAS_ECC */
#endif /* WITH_OPENSSL */
sshkey_free(kf);
TEST_START("certify key");
@ -434,6 +449,7 @@ sshkey_tests(void)
sshbuf_reset(b);
TEST_DONE();
#ifdef WITH_OPENSSL
TEST_START("sign and verify RSA");
k1 = get_private("rsa_1");
ASSERT_INT_EQ(sshkey_load_public(test_data_file("rsa_2.pub"), &k2,
@ -479,7 +495,8 @@ sshkey_tests(void)
sshkey_free(k1);
sshkey_free(k2);
TEST_DONE();
#endif
#endif /* OPENSSL_HAS_ECC */
#endif /* WITH_OPENSSL */
TEST_START("sign and verify ED25519");
k1 = get_private("ed25519_1");
@ -490,6 +507,7 @@ sshkey_tests(void)
sshkey_free(k2);
TEST_DONE();
#ifdef WITH_OPENSSL
TEST_START("nested certificate");
ASSERT_INT_EQ(sshkey_load_cert(test_data_file("rsa_1"), &k1), 0);
ASSERT_INT_EQ(sshkey_load_public(test_data_file("rsa_1.pub"), &k2,
@ -504,5 +522,5 @@ sshkey_tests(void)
sshkey_free(k3);
sshbuf_free(b);
TEST_DONE();
#endif /* WITH_OPENSSL */
}

12
regress/unittests/sshkey/testdata/ed25519_1_pw vendored
View File

@ -1,8 +1,8 @@
-----BEGIN OPENSSH PRIVATE KEY-----
b3BlbnNzaC1rZXktdjEAAAAACmFlczI1Ni1jYmMAAAAGYmNyeXB0AAAAGAAAABCus+kaow
AUjHphacvRp98dAAAAEAAAAAEAAAAzAAAAC3NzaC1lZDI1NTE5AAAAIFOG6kY7Rf4UtCFv
PwKgo/BztXck2xC4a2WyA34XtIwZAAAAoJaqqgiYQuElraJAmYOm7Tb4nJ3eI4oj9mQ52M
/Yd+ION2Ur1v8BDewpDX+LHEYgKHo3Mlmcn2UyF+QJ+7xUCW7QCtk/4szrJzw74DlEl6mH
T8PT/f/av7PpECBD/YD3NoDlB9OWm/Q4sHcxfBEKfTGD7s2Onn71HgrdEOPqd4Sj/IQigR
drfjtXEMlD32k9n3dd2eS9x7AHWYaGFEMkOcY=
b3BlbnNzaC1rZXktdjEAAAAACmFlczI1Ni1jdHIAAAAGYmNyeXB0AAAAGAAAABDKT56mBA
tXIMsWqmuuA2gdAAAAEAAAAAEAAAAzAAAAC3NzaC1lZDI1NTE5AAAAIFOG6kY7Rf4UtCFv
PwKgo/BztXck2xC4a2WyA34XtIwZAAAAoC13U47yfUOSZJePNUAwWXuFOk3aOKwPM5PMvK
0zwRnMZZjgn+tsMAYPwhsT3Mx3h5QzvVGFyFEqsiK7j4vAotD+LVQeBN5TwWbUBx4lnoGs
3iAfYVDakO/gNvVBDDGOqv5kdCc4cgn5HacjHQLKOAx6KzHe7JFn7uCywMdVVQjlpI6LHb
mHkaKiVX/C2oiRnsoe17HZ8Fxyt3vd1qNM8BE=
-----END OPENSSH PRIVATE KEY-----

12
regress/unittests/test_helper/test_helper.c
View File

@ -23,6 +23,7 @@
#include <sys/param.h>
#include <sys/uio.h>
#include <stdarg.h>
#include <fcntl.h>
#include <stdio.h>
#ifdef HAVE_STDINT_H
@ -34,8 +35,10 @@
#include <unistd.h>
#include <signal.h>
#ifdef WITH_OPENSSL
#include <openssl/bn.h>
#include <openssl/err.h>
#endif
#if defined(HAVE_STRNVIS) && defined(HAVE_VIS_H) && !defined(BROKEN_STRNVIS)
# include <vis.h>
@ -126,7 +129,9 @@ main(int argc, char **argv)
int ch;
seed_rng();
#ifdef WITH_OPENSSL
ERR_load_CRYPTO_strings();
#endif
/* Handle systems without __progname */
if (__progname == NULL) {
@ -287,6 +292,7 @@ test_subtest_info(const char *fmt, ...)
void
ssl_err_check(const char *file, int line)
{
#ifdef WITH_OPENSSL
long openssl_error = ERR_get_error();
if (openssl_error == 0)
@ -294,6 +300,10 @@ ssl_err_check(const char *file, int line)
fprintf(stderr, "\n%s:%d: uncaught OpenSSL error: %s",
file, line, ERR_error_string(openssl_error, NULL));
#else /* WITH_OPENSSL */
fprintf(stderr, "\n%s:%d: uncaught OpenSSL error ",
file, line);
#endif /* WITH_OPENSSL */
abort();
}
@ -338,6 +348,7 @@ test_header(const char *file, int line, const char *a1, const char *a2,
a2 != NULL ? ", " : "", a2 != NULL ? a2 : "");
}
#ifdef WITH_OPENSSL
void
assert_bignum(const char *file, int line, const char *a1, const char *a2,
const BIGNUM *aa1, const BIGNUM *aa2, enum test_predicate pred)
@ -350,6 +361,7 @@ assert_bignum(const char *file, int line, const char *a1, const char *a2,
fprintf(stderr, "%12s = 0x%s\n", a2, BN_bn2hex(aa2));
test_die();
}
#endif
void
assert_string(const char *file, int line, const char *a1, const char *a2,

4
regress/unittests/test_helper/test_helper.h
View File

@ -27,8 +27,10 @@
# include <stdint.h>
#endif
#ifdef WITH_OPENSSL
#include <openssl/bn.h>
#include <openssl/err.h>
#endif
enum test_predicate {
TEST_EQ, TEST_NE, TEST_LT, TEST_LE, TEST_GT, TEST_GE
@ -50,9 +52,11 @@ int test_is_slow(void);
void test_subtest_info(const char *fmt, ...)
__attribute__((format(printf, 1, 2)));
void ssl_err_check(const char *file, int line);
#ifdef WITH_OPENSSL
void assert_bignum(const char *file, int line,
const char *a1, const char *a2,
const BIGNUM *aa1, const BIGNUM *aa2, enum test_predicate pred);
#endif
void assert_string(const char *file, int line,
const char *a1, const char *a2,
const char *aa1, const char *aa2, enum test_predicate pred);

2
regress/unittests/utf8/tests.c
View File

@ -9,7 +9,9 @@
#include "includes.h"
#include <locale.h>
#include <stdarg.h>
#include <string.h>
#include <stdio.h>
#include "../test_helper/test_helper.h"