1
/* Copyright (C) Alexander Lamaison
4
* Redistribution and use in source and binary forms,
5
* with or without modification, are permitted provided
6
* that the following conditions are met:
8
* Redistributions of source code must retain the above
9
* copyright notice, this list of conditions and the
10
* following disclaimer.
12
* Redistributions in binary form must reproduce the above
13
* copyright notice, this list of conditions and the following
14
* disclaimer in the documentation and/or other materials
15
* provided with the distribution.
17
* Neither the name of the copyright holder nor the names
18
* of any other contributors may be used to endorse or
19
* promote products derived from this software without
20
* specific prior written permission.
22
* THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND
23
* CONTRIBUTORS "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES,
24
* INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
25
* OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
26
* ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR
27
* CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
28
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING,
29
* BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
30
* SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
31
* INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,
32
* WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
33
* NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE
34
* USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY
37
* SPDX-License-Identifier: BSD-3-Clause
40
#include "session_fixture.h"
41
#include "openssh_fixture.h"
43
#ifdef HAVE_SYS_SOCKET_H
44
#include <sys/socket.h>
49
#ifdef HAVE_SYS_PARAM_H
57
static LIBSSH2_SESSION *connected_session = NULL;
58
static libssh2_socket_t connected_socket = LIBSSH2_INVALID_SOCKET;
60
static int connect_to_server(void)
63
connected_socket = open_socket_to_openssh_server();
64
if(connected_socket == LIBSSH2_INVALID_SOCKET) {
65
return LIBSSH2_ERROR_SOCKET_NONE;
68
rc = libssh2_session_handshake(connected_session, connected_socket);
70
print_last_session_error("libssh2_session_handshake");
71
return libssh2_session_last_errno(connected_session);
74
return LIBSSH2_ERROR_NONE;
77
/* List of crypto protocols for which tests are skipped */
78
static char const *skip_crypt[] = {
80
/* Due to a bug with mbedTLS support, these crypt methods fail.
81
Until that bug is fixed, don't run them there to avoid this
82
known issue causing red tests.
83
See: https://github.com/libssh2/libssh2/issues/793
89
"aes128-gcm@openssh.com",
90
"aes256-gcm@openssh.com",
91
"rijndael-cbc@lysator.liu.se",
98
#if defined(LIBSSH2_LIBGCRYPT) || defined(LIBSSH2_OS400QC3) || \
99
defined(LIBSSH2_WINCNG)
100
/* Support for AES-GCM hasn't been added to these back-ends yet */
101
"aes128-gcm@openssh.com",
102
"aes256-gcm@openssh.com",
108
/* List of MAC protocols for which tests are skipped */
109
static char const *skip_mac[] = {
117
LIBSSH2_SESSION *start_session_fixture(int *skipped, int *err)
121
const char *crypt = getenv("FIXTURE_TEST_CRYPT");
122
const char *mac = getenv("FIXTURE_TEST_MAC");
125
*err = LIBSSH2_ERROR_NONE;
128
char const * const *sk;
129
for(sk = skip_crypt; *sk; ++sk) {
130
if(strcmp(*sk, crypt) == 0) {
131
fprintf(stderr, "unsupported crypt algorithm (%s) skipped.\n",
140
char const * const *sk;
141
for(sk = skip_mac; *sk; ++sk) {
142
if(strcmp(*sk, mac) == 0) {
143
fprintf(stderr, "unsupported MAC algorithm (%s) skipped.\n",
151
rc = start_openssh_fixture();
155
rc = libssh2_init(0);
157
fprintf(stderr, "libssh2_init failed (%d)\n", rc);
161
connected_session = libssh2_session_init_ex(NULL, NULL, NULL, NULL);
162
if(!connected_session) {
163
fprintf(stderr, "libssh2_session_init_ex failed\n");
167
if(getenv("FIXTURE_TRACE_ALL_CONNECT")) {
168
libssh2_trace(connected_session, ~0);
169
fprintf(stdout, "Trace all enabled for connect_to_server.\n");
171
else if(getenv("FIXTURE_TRACE_ALL")) {
172
libssh2_trace(connected_session, ~0);
173
fprintf(stdout, "Trace all enabled.\n");
176
/* Override crypt algorithm for the test */
178
if(libssh2_session_method_pref(connected_session,
179
LIBSSH2_METHOD_CRYPT_CS, crypt) ||
180
libssh2_session_method_pref(connected_session,
181
LIBSSH2_METHOD_CRYPT_SC, crypt)) {
182
fprintf(stderr, "libssh2_session_method_pref CRYPT failed "
183
"(probably disabled in the build): '%s'\n", crypt);
188
/* Override mac algorithm for the test */
190
if(libssh2_session_method_pref(connected_session,
191
LIBSSH2_METHOD_MAC_CS, mac) ||
192
libssh2_session_method_pref(connected_session,
193
LIBSSH2_METHOD_MAC_SC, mac)) {
194
fprintf(stderr, "libssh2_session_method_pref MAC failed "
195
"(probably disabled in the build): '%s'\n", mac);
200
libssh2_session_set_blocking(connected_session, 1);
202
rc = connect_to_server();
203
if(rc != LIBSSH2_ERROR_NONE) {
208
if(getenv("FIXTURE_TRACE_ALL_CONNECT")) {
209
libssh2_trace(connected_session, 0);
212
return connected_session;
215
void print_last_session_error(const char *function)
217
if(connected_session) {
220
libssh2_session_last_error(connected_session, &message, NULL, 0);
221
fprintf(stderr, "%s failed (%d): %s\n", function, rc, message);
224
fprintf(stderr, "No session\n");
228
void stop_session_fixture(void)
230
if(connected_session) {
231
libssh2_session_disconnect(connected_session, "test ended");
232
libssh2_session_free(connected_session);
233
connected_session = NULL;
236
fprintf(stderr, "Cannot stop session - none started\n");
239
close_socket_to_openssh_server(connected_socket);
240
connected_socket = LIBSSH2_INVALID_SOCKET;
244
stop_openssh_fixture();
248
/* Return a static string that contains a file path relative to the srcdir
249
* variable, if found. It does so in a way that avoids leaking memory by using
250
* a fixed number of static buffers.
253
const char *srcdir_path(const char *file)
256
static char filepath[NUMPATHS][_MAX_PATH];
258
static char filepath[NUMPATHS][MAXPATHLEN];
261
char *p = getenv("srcdir");
262
if(curpath >= NUMPATHS) {
263
fprintf(stderr, "srcdir_path ran out of filepath slots.\n");
265
assert(curpath < NUMPATHS);
267
/* Ensure the final string is nul-terminated on Windows */
268
filepath[curpath][sizeof(filepath[0]) - 1] = 0;
269
snprintf(filepath[curpath], sizeof(filepath[0]) - 1, "%s/%s",
273
/* Ensure the final string is nul-terminated on Windows */
274
filepath[curpath][sizeof(filepath[0]) - 1] = 0;
275
snprintf(filepath[curpath], sizeof(filepath[0]) - 1, "%s",
279
return filepath[curpath++];
282
static const char *kbd_password;
284
static void kbd_callback(const char *name, int name_len,
285
const char *instruct, int instruct_len,
287
const LIBSSH2_USERAUTH_KBDINT_PROMPT *prompts,
288
LIBSSH2_USERAUTH_KBDINT_RESPONSE *responses,
294
fprintf(stdout, "Kb-int name: %.*s\n", name_len, name);
295
fprintf(stdout, "Kb-int instruction: %.*s\n", instruct_len, instruct);
296
for(i = 0; i < num_prompts; ++i) {
297
fprintf(stdout, "Kb-int prompt %d: %.*s\n", i,
298
(int)prompts[i].length, prompts[i].text);
301
if(num_prompts == 1) {
302
responses[0].text = strdup(kbd_password);
303
responses[0].length = (unsigned int)strlen(kbd_password);
307
int test_auth_keyboard(LIBSSH2_SESSION *session, int flags,
308
const char *username,
309
const char *password)
313
const char *userauth_list =
314
libssh2_userauth_list(session, username,
315
(unsigned int)strlen(username));
317
print_last_session_error("libssh2_userauth_list");
321
if(!strstr(userauth_list, "keyboard-interactive")) {
323
"'keyboard-interactive' was expected in userauth list: %s\n",
328
kbd_password = password;
330
rc = libssh2_userauth_keyboard_interactive_ex(session, username,
331
(unsigned int)strlen(username),
336
if((flags & TEST_AUTH_SHOULDFAIL) != 0) {
338
fprintf(stderr, "Keyboard-interactive auth succeeded "
339
"with wrong response\n");
345
print_last_session_error(
346
"libssh2_userauth_keyboard_interactive_ex");
354
int test_auth_password(LIBSSH2_SESSION *session, int flags,
355
const char *username,
356
const char *password)
360
const char *userauth_list =
361
libssh2_userauth_list(session, username,
362
(unsigned int)strlen(username));
364
print_last_session_error("libssh2_userauth_list");
368
if(!strstr(userauth_list, "password")) {
369
fprintf(stderr, "'password' was expected in userauth list: %s\n",
374
rc = libssh2_userauth_password_ex(session, username,
375
(unsigned int)strlen(username),
377
(unsigned int)strlen(password),
380
if((flags & TEST_AUTH_SHOULDFAIL) != 0) {
382
fprintf(stderr, "Password auth succeeded with wrong password\n");
388
print_last_session_error("libssh2_userauth_password_ex");
392
if(libssh2_userauth_authenticated(session) == 0) {
393
fprintf(stderr, "Password auth appeared to succeed but "
394
"libssh2_userauth_authenticated returned 0\n");
402
static int read_file(const char *path, char **out_buffer, size_t *out_len)
408
if(!out_buffer || !out_len || !path) {
409
fprintf(stderr, "invalid params.\n");
416
fp = fopen(path, "r");
419
fprintf(stderr, "File could not be read: %s\n", path);
423
fseek(fp, 0L, SEEK_END);
427
fprintf(stderr, "Could not determine input size of: %s\n", path);
432
buffer = calloc(1, (size_t)len + 1);
435
fprintf(stderr, "Could not alloc memory.\n");
439
if(1 != fread(buffer, (size_t)len, 1, fp)) {
442
fprintf(stderr, "Could not read file into memory.\n");
448
*out_buffer = buffer;
449
*out_len = (size_t)len;
454
int test_auth_pubkey(LIBSSH2_SESSION *session, int flags,
455
const char *username,
456
const char *password,
461
const char *userauth_list;
463
/* Ignore our hard-wired Dockerfile user when not running under Docker */
464
if(!openssh_fixture_have_docker() && strcmp(username, "libssh2") == 0) {
465
username = getenv("USER");
468
username = getenv("USERNAME");
470
username = getenv("LOGNAME");
475
userauth_list = libssh2_userauth_list(session, username,
476
(unsigned int)strlen(username));
478
print_last_session_error("libssh2_userauth_list");
482
if(!strstr(userauth_list, "publickey")) {
483
fprintf(stderr, "'publickey' was expected in userauth list: %s\n",
488
if((flags & TEST_AUTH_FROMMEM) != 0) {
492
if(read_file(srcdir_path(fn_priv), &buffer, &len)) {
493
fprintf(stderr, "Reading key file failed.\n");
497
rc = libssh2_userauth_publickey_frommemory(session,
498
username, strlen(username),
506
rc = libssh2_userauth_publickey_fromfile_ex(session, username,
507
(unsigned int)strlen(username),
509
srcdir_path(fn_priv),
513
if((flags & TEST_AUTH_SHOULDFAIL) != 0) {
515
fprintf(stderr, "Public-key auth succeeded with wrong key\n");
521
print_last_session_error("libssh2_userauth_publickey_fromfile_ex");