diff options
author | Renato Botelho <renato@netgate.com> | 2016-03-17 09:59:28 -0300 |
---|---|---|
committer | Renato Botelho <renato@netgate.com> | 2016-03-17 09:59:28 -0300 |
commit | 89ba6d490219156dc7e7779431d9de445220df9d (patch) | |
tree | 714514bba8b7b4581df0f7be45c61b01049b6b4f /crypto/openssh/regress | |
parent | 56930d706911fdcf5e574a23ce39a1757907ee67 (diff) | |
parent | 3ea5fe04508eac3ddd7ebff9a4049f219d3037a6 (diff) | |
download | FreeBSD-src-89ba6d490219156dc7e7779431d9de445220df9d.zip FreeBSD-src-89ba6d490219156dc7e7779431d9de445220df9d.tar.gz |
Merge remote-tracking branch 'origin/releng/10.3' into RELENG_2_3
Diffstat (limited to 'crypto/openssh/regress')
-rw-r--r-- | crypto/openssh/regress/Makefile | 5 | ||||
-rw-r--r-- | crypto/openssh/regress/agent-ptrace.sh | 5 | ||||
-rwxr-xr-x | crypto/openssh/regress/cert-file.sh | 138 | ||||
-rw-r--r-- | crypto/openssh/regress/check-perm.c | 205 | ||||
-rwxr-xr-x | crypto/openssh/regress/dhgex.sh | 6 | ||||
-rwxr-xr-x | crypto/openssh/regress/hostkey-rotate.sh | 20 | ||||
-rwxr-xr-x | crypto/openssh/regress/keys-command.sh | 6 | ||||
-rw-r--r-- | crypto/openssh/regress/keyscan.sh | 4 | ||||
-rwxr-xr-x | crypto/openssh/regress/limit-keytype.sh | 37 | ||||
-rwxr-xr-x | crypto/openssh/regress/principals-command.sh | 7 | ||||
-rw-r--r-- | crypto/openssh/regress/proxy-connect.sh | 5 | ||||
-rw-r--r-- | crypto/openssh/regress/rekey.sh | 6 | ||||
-rw-r--r-- | crypto/openssh/regress/setuid-allowed.c | 2 | ||||
-rwxr-xr-x | crypto/openssh/regress/sftp-chroot.sh | 5 | ||||
-rw-r--r-- | crypto/openssh/regress/unittests/sshkey/test_file.c | 42 | ||||
-rw-r--r-- | crypto/openssh/regress/unittests/sshkey/test_fuzz.c | 102 | ||||
-rw-r--r-- | crypto/openssh/regress/unittests/sshkey/test_sshkey.c | 46 |
17 files changed, 508 insertions, 133 deletions
diff --git a/crypto/openssh/regress/Makefile b/crypto/openssh/regress/Makefile index cba83f4..451909c 100644 --- a/crypto/openssh/regress/Makefile +++ b/crypto/openssh/regress/Makefile @@ -1,4 +1,4 @@ -# $OpenBSD: Makefile,v 1.81 2015/05/21 06:44:25 djm Exp $ +# $OpenBSD: Makefile,v 1.82 2015/09/24 06:16:53 djm Exp $ REGRESS_TARGETS= unit t1 t2 t3 t4 t5 t6 t7 t8 t9 t10 t11 t12 t-exec tests: prep $(REGRESS_TARGETS) @@ -74,7 +74,8 @@ LTESTS= connect \ hostkey-agent \ keygen-knownhosts \ hostkey-rotate \ - principals-command + principals-command \ + cert-file # dhgex \ diff --git a/crypto/openssh/regress/agent-ptrace.sh b/crypto/openssh/regress/agent-ptrace.sh index 1912ca8..bb676d6 100644 --- a/crypto/openssh/regress/agent-ptrace.sh +++ b/crypto/openssh/regress/agent-ptrace.sh @@ -12,6 +12,11 @@ if have_prog uname ; then esac fi +if [ "x$USER" = "xroot" ]; then + echo "Skipped: running as root" + exit 0 +fi + if have_prog gdb ; then : ok else diff --git a/crypto/openssh/regress/cert-file.sh b/crypto/openssh/regress/cert-file.sh new file mode 100755 index 0000000..bad923a --- /dev/null +++ b/crypto/openssh/regress/cert-file.sh @@ -0,0 +1,138 @@ +# $OpenBSD: cert-file.sh,v 1.2 2015/09/24 07:15:39 djm Exp $ +# Placed in the Public Domain. + +tid="ssh with certificates" + +rm -f $OBJ/user_ca_key* $OBJ/user_key* +rm -f $OBJ/cert_user_key* + +# Create a CA key +${SSHKEYGEN} -q -N '' -t ed25519 -f $OBJ/user_ca_key1 ||\ + fatal "ssh-keygen failed" +${SSHKEYGEN} -q -N '' -t ed25519 -f $OBJ/user_ca_key2 ||\ + fatal "ssh-keygen failed" + +# Make some keys and certificates. +${SSHKEYGEN} -q -N '' -t ed25519 -f $OBJ/user_key1 || \ + fatal "ssh-keygen failed" +${SSHKEYGEN} -q -N '' -t ed25519 -f $OBJ/user_key2 || \ + fatal "ssh-keygen failed" +# Move the certificate to a different address to better control +# when it is offered. +${SSHKEYGEN} -q -s $OBJ/user_ca_key1 -I "regress user key for $USER" \ + -z $$ -n ${USER} $OBJ/user_key1 || + fail "couldn't sign user_key1 with user_ca_key1" +mv $OBJ/user_key1-cert.pub $OBJ/cert_user_key1_1.pub +${SSHKEYGEN} -q -s $OBJ/user_ca_key2 -I "regress user key for $USER" \ + -z $$ -n ${USER} $OBJ/user_key1 || + fail "couldn't sign user_key1 with user_ca_key2" +mv $OBJ/user_key1-cert.pub $OBJ/cert_user_key1_2.pub + +trace 'try with identity files' +opts="-F $OBJ/ssh_proxy -oIdentitiesOnly=yes" +opts2="$opts -i $OBJ/user_key1 -i $OBJ/user_key2" +echo "cert-authority $(cat $OBJ/user_ca_key1.pub)" > $OBJ/authorized_keys_$USER + +for p in ${SSH_PROTOCOLS}; do + # Just keys should fail + ${SSH} $opts2 somehost exit 5$p + r=$? + if [ $r -eq 5$p ]; then + fail "ssh succeeded with no certs in protocol $p" + fi + + # Keys with untrusted cert should fail. + opts3="$opts2 -oCertificateFile=$OBJ/cert_user_key1_2.pub" + ${SSH} $opts3 somehost exit 5$p + r=$? + if [ $r -eq 5$p ]; then + fail "ssh succeeded with bad cert in protocol $p" + fi + + # Good cert with bad key should fail. + opts3="$opts -i $OBJ/user_key2" + opts3="$opts3 -oCertificateFile=$OBJ/cert_user_key1_1.pub" + ${SSH} $opts3 somehost exit 5$p + r=$? + if [ $r -eq 5$p ]; then + fail "ssh succeeded with no matching key in protocol $p" + fi + + # Keys with one trusted cert, should succeed. + opts3="$opts2 -oCertificateFile=$OBJ/cert_user_key1_1.pub" + ${SSH} $opts3 somehost exit 5$p + r=$? + if [ $r -ne 5$p ]; then + fail "ssh failed with trusted cert and key in protocol $p" + fi + + # Multiple certs and keys, with one trusted cert, should succeed. + opts3="$opts2 -oCertificateFile=$OBJ/cert_user_key1_2.pub" + opts3="$opts3 -oCertificateFile=$OBJ/cert_user_key1_1.pub" + ${SSH} $opts3 somehost exit 5$p + r=$? + if [ $r -ne 5$p ]; then + fail "ssh failed with multiple certs in protocol $p" + fi + + #Keys with trusted certificate specified in config options, should succeed. + opts3="$opts2 -oCertificateFile=$OBJ/cert_user_key1_1.pub" + ${SSH} $opts3 somehost exit 5$p + r=$? + if [ $r -ne 5$p ]; then + fail "ssh failed with trusted cert in config in protocol $p" + fi +done + +#next, using an agent in combination with the keys +SSH_AUTH_SOCK=/nonexistent ${SSHADD} -l > /dev/null 2>&1 +if [ $? -ne 2 ]; then + fatal "ssh-add -l did not fail with exit code 2" +fi + +trace "start agent" +eval `${SSHAGENT} -s` > /dev/null +r=$? +if [ $r -ne 0 ]; then + fatal "could not start ssh-agent: exit code $r" +fi + +# add private keys to agent +${SSHADD} -k $OBJ/user_key2 > /dev/null 2>&1 +if [ $? -ne 0 ]; then + fatal "ssh-add did not succeed with exit code 0" +fi +${SSHADD} -k $OBJ/user_key1 > /dev/null 2>&1 +if [ $? -ne 0 ]; then + fatal "ssh-add did not succeed with exit code 0" +fi + +# try ssh with the agent and certificates +# note: ssh agent only uses certificates in protocol 2 +opts="-F $OBJ/ssh_proxy" +# with no certificates, shoud fail +${SSH} -2 $opts somehost exit 52 +if [ $? -eq 52 ]; then + fail "ssh connect with agent in protocol 2 succeeded with no cert" +fi + +#with an untrusted certificate, should fail +opts="$opts -oCertificateFile=$OBJ/cert_user_key1_2.pub" +${SSH} -2 $opts somehost exit 52 +if [ $? -eq 52 ]; then + fail "ssh connect with agent in protocol 2 succeeded with bad cert" +fi + +#with an additional trusted certificate, should succeed +opts="$opts -oCertificateFile=$OBJ/cert_user_key1_1.pub" +${SSH} -2 $opts somehost exit 52 +if [ $? -ne 52 ]; then + fail "ssh connect with agent in protocol 2 failed with good cert" +fi + +trace "kill agent" +${SSHAGENT} -k > /dev/null + +#cleanup +rm -f $OBJ/user_ca_key* $OBJ/user_key* +rm -f $OBJ/cert_user_key* diff --git a/crypto/openssh/regress/check-perm.c b/crypto/openssh/regress/check-perm.c new file mode 100644 index 0000000..dac307d --- /dev/null +++ b/crypto/openssh/regress/check-perm.c @@ -0,0 +1,205 @@ +/* + * Placed in the public domain + */ + +/* $OpenBSD: modpipe.c,v 1.6 2013/11/21 03:16:47 djm Exp $ */ + +#include "includes.h" + +#include <sys/types.h> +#include <sys/stat.h> +#include <unistd.h> +#include <stdio.h> +#include <string.h> +#include <stdarg.h> +#include <stdlib.h> +#include <errno.h> +#include <pwd.h> +#ifdef HAVE_LIBGEN_H +#include <libgen.h> +#endif + +static void +fatal(const char *fmt, ...) +{ + va_list args; + + va_start(args, fmt); + vfprintf(stderr, fmt, args); + fputc('\n', stderr); + va_end(args); + exit(1); +} +/* Based on session.c. NB. keep tests in sync */ +static void +safely_chroot(const char *path, uid_t uid) +{ + const char *cp; + char component[PATH_MAX]; + struct stat st; + + if (*path != '/') + fatal("chroot path does not begin at root"); + if (strlen(path) >= sizeof(component)) + fatal("chroot path too long"); + + /* + * Descend the path, checking that each component is a + * root-owned directory with strict permissions. + */ + for (cp = path; cp != NULL;) { + if ((cp = strchr(cp, '/')) == NULL) + strlcpy(component, path, sizeof(component)); + else { + cp++; + memcpy(component, path, cp - path); + component[cp - path] = '\0'; + } + + /* debug3("%s: checking '%s'", __func__, component); */ + + if (stat(component, &st) != 0) + fatal("%s: stat(\"%s\"): %s", __func__, + component, strerror(errno)); + if (st.st_uid != 0 || (st.st_mode & 022) != 0) + fatal("bad ownership or modes for chroot " + "directory %s\"%s\"", + cp == NULL ? "" : "component ", component); + if (!S_ISDIR(st.st_mode)) + fatal("chroot path %s\"%s\" is not a directory", + cp == NULL ? "" : "component ", component); + + } + + if (chdir(path) == -1) + fatal("Unable to chdir to chroot path \"%s\": " + "%s", path, strerror(errno)); +} + +/* from platform.c */ +int +platform_sys_dir_uid(uid_t uid) +{ + if (uid == 0) + return 1; +#ifdef PLATFORM_SYS_DIR_UID + if (uid == PLATFORM_SYS_DIR_UID) + return 1; +#endif + return 0; +} + +/* from auth.c */ +int +auth_secure_path(const char *name, struct stat *stp, const char *pw_dir, + uid_t uid, char *err, size_t errlen) +{ + char buf[PATH_MAX], homedir[PATH_MAX]; + char *cp; + int comparehome = 0; + struct stat st; + + if (realpath(name, buf) == NULL) { + snprintf(err, errlen, "realpath %s failed: %s", name, + strerror(errno)); + return -1; + } + if (pw_dir != NULL && realpath(pw_dir, homedir) != NULL) + comparehome = 1; + + if (!S_ISREG(stp->st_mode)) { + snprintf(err, errlen, "%s is not a regular file", buf); + return -1; + } + if ((!platform_sys_dir_uid(stp->st_uid) && stp->st_uid != uid) || + (stp->st_mode & 022) != 0) { + snprintf(err, errlen, "bad ownership or modes for file %s", + buf); + return -1; + } + + /* for each component of the canonical path, walking upwards */ + for (;;) { + if ((cp = dirname(buf)) == NULL) { + snprintf(err, errlen, "dirname() failed"); + return -1; + } + strlcpy(buf, cp, sizeof(buf)); + + if (stat(buf, &st) < 0 || + (!platform_sys_dir_uid(st.st_uid) && st.st_uid != uid) || + (st.st_mode & 022) != 0) { + snprintf(err, errlen, + "bad ownership or modes for directory %s", buf); + return -1; + } + + /* If are past the homedir then we can stop */ + if (comparehome && strcmp(homedir, buf) == 0) + break; + + /* + * dirname should always complete with a "/" path, + * but we can be paranoid and check for "." too + */ + if ((strcmp("/", buf) == 0) || (strcmp(".", buf) == 0)) + break; + } + return 0; +} + +static void +usage(void) +{ + fprintf(stderr, "check-perm -m [chroot | keys-command] [path]\n"); + exit(1); +} + +int +main(int argc, char **argv) +{ + const char *path = "."; + char errmsg[256]; + int ch, mode = -1; + extern char *optarg; + extern int optind; + struct stat st; + + while ((ch = getopt(argc, argv, "hm:")) != -1) { + switch (ch) { + case 'm': + if (strcasecmp(optarg, "chroot") == 0) + mode = 1; + else if (strcasecmp(optarg, "keys-command") == 0) + mode = 2; + else { + fprintf(stderr, "Invalid -m option\n"), + usage(); + } + break; + default: + usage(); + } + } + argc -= optind; + argv += optind; + + if (argc > 1) + usage(); + else if (argc == 1) + path = argv[0]; + + if (mode == 1) + safely_chroot(path, getuid()); + else if (mode == 2) { + if (stat(path, &st) < 0) + fatal("Could not stat %s: %s", path, strerror(errno)); + if (auth_secure_path(path, &st, NULL, 0, + errmsg, sizeof(errmsg)) != 0) + fatal("Unsafe %s: %s", path, errmsg); + } else { + fprintf(stderr, "Invalid mode\n"); + usage(); + } + return 0; +} diff --git a/crypto/openssh/regress/dhgex.sh b/crypto/openssh/regress/dhgex.sh index 57fca4a..e7c5733 100755 --- a/crypto/openssh/regress/dhgex.sh +++ b/crypto/openssh/regress/dhgex.sh @@ -1,4 +1,4 @@ -# $OpenBSD: dhgex.sh,v 1.2 2014/04/21 22:15:37 djm Exp $ +# $OpenBSD: dhgex.sh,v 1.3 2015/10/23 02:22:01 dtucker Exp $ # Placed in the Public Domain. tid="dhgex" @@ -20,7 +20,9 @@ ssh_test_dhgex() echo "Ciphers=$cipher" >> $OBJ/sshd_proxy rm -f ${LOG} opts="-oKexAlgorithms=$kex -oCiphers=$cipher" - groupsz="1024<$bits<8192" + min=2048 + max=8192 + groupsz="$min<$bits<$max" verbose "$tid bits $bits $kex $cipher" ${SSH} ${opts} $@ -vvv -F ${OBJ}/ssh_proxy somehost true if [ $? -ne 0 ]; then diff --git a/crypto/openssh/regress/hostkey-rotate.sh b/crypto/openssh/regress/hostkey-rotate.sh index 3aa8c40..d69de32 100755 --- a/crypto/openssh/regress/hostkey-rotate.sh +++ b/crypto/openssh/regress/hostkey-rotate.sh @@ -1,4 +1,4 @@ -# $OpenBSD: hostkey-rotate.sh,v 1.4 2015/07/10 06:23:25 markus Exp $ +# $OpenBSD: hostkey-rotate.sh,v 1.5 2015/09/04 04:23:10 djm Exp $ # Placed in the Public Domain. tid="hostkey rotate" @@ -108,21 +108,3 @@ verbose "check rotate primary hostkey" dossh -oStrictHostKeyChecking=yes -oHostKeyAlgorithms=ssh-rsa expect_nkeys 1 "learn hostkeys" check_key_present ssh-rsa || fail "didn't learn changed key" - -# $OpenBSD: hostkey-rotate.sh,v 1.4 2015/07/10 06:23:25 markus Exp $ -# Placed in the Public Domain. - -tid="hostkey rotate" - -# Prepare hostkeys file with one key - -# Connect to sshd - -# Check that other keys learned - -# Change one hostkey (non primary) - -# Connect to sshd - -# Check that the key was replaced - diff --git a/crypto/openssh/regress/keys-command.sh b/crypto/openssh/regress/keys-command.sh index 700273b..af68cf1 100755 --- a/crypto/openssh/regress/keys-command.sh +++ b/crypto/openssh/regress/keys-command.sh @@ -36,6 +36,12 @@ exec cat "$OBJ/authorized_keys_${LOGNAME}" _EOF $SUDO chmod 0755 "$KEY_COMMAND" +if ! $OBJ/check-perm -m keys-command $KEY_COMMAND ; then + echo "skipping: $KEY_COMMAND is unsuitable as AuthorizedKeysCommand" + $SUDO rm -f $KEY_COMMAND + exit 0 +fi + if [ -x $KEY_COMMAND ]; then cp $OBJ/sshd_proxy $OBJ/sshd_proxy.bak diff --git a/crypto/openssh/regress/keyscan.sh b/crypto/openssh/regress/keyscan.sh index 886f329..f97364b 100644 --- a/crypto/openssh/regress/keyscan.sh +++ b/crypto/openssh/regress/keyscan.sh @@ -1,4 +1,4 @@ -# $OpenBSD: keyscan.sh,v 1.4 2015/03/03 22:35:19 markus Exp $ +# $OpenBSD: keyscan.sh,v 1.5 2015/09/11 03:44:21 djm Exp $ # Placed in the Public Domain. tid="keyscan" @@ -8,7 +8,7 @@ rm -f ${OBJ}/host.dsa start_sshd -KEYTYPES="rsa dsa" +KEYTYPES=`${SSH} -Q key-plain` if ssh_version 1; then KEYTYPES="${KEYTYPES} rsa1" fi diff --git a/crypto/openssh/regress/limit-keytype.sh b/crypto/openssh/regress/limit-keytype.sh index 2de037b..c0cf2fe 100755 --- a/crypto/openssh/regress/limit-keytype.sh +++ b/crypto/openssh/regress/limit-keytype.sh @@ -1,4 +1,4 @@ -# $OpenBSD: limit-keytype.sh,v 1.1 2015/01/13 07:49:49 djm Exp $ +# $OpenBSD: limit-keytype.sh,v 1.4 2015/10/29 08:05:17 djm Exp $ # Placed in the Public Domain. tid="restrict pubkey type" @@ -20,18 +20,19 @@ ${SSHKEYGEN} -q -N '' -t rsa -f $OBJ/user_key2 || \ fatal "ssh-keygen failed" ${SSHKEYGEN} -q -N '' -t rsa -f $OBJ/user_key3 || \ fatal "ssh-keygen failed" +${SSHKEYGEN} -q -N '' -t dsa -f $OBJ/user_key4 || \ + fatal "ssh-keygen failed" ${SSHKEYGEN} -q -s $OBJ/user_ca_key -I "regress user key for $USER" \ -z $$ -n ${USER},mekmitasdigoat $OBJ/user_key3 || fatal "couldn't sign user_key1" # Copy the private key alongside the cert to allow better control of when # it is offered. mv $OBJ/user_key3-cert.pub $OBJ/cert_user_key3.pub -cp -p $OBJ/user_key3 $OBJ/cert_user_key3 grep -v IdentityFile $OBJ/ssh_proxy.orig > $OBJ/ssh_proxy opts="-oProtocol=2 -F $OBJ/ssh_proxy -oIdentitiesOnly=yes" -fullopts="$opts -i $OBJ/cert_user_key3 -i $OBJ/user_key1 -i $OBJ/user_key2" +certopts="$opts -i $OBJ/user_key3 -oCertificateFile=$OBJ/cert_user_key3.pub" echo mekmitasdigoat > $OBJ/authorized_principals_$USER cat $OBJ/user_key1.pub > $OBJ/authorized_keys_$USER @@ -53,28 +54,44 @@ prepare_config() { prepare_config # Check we can log in with all key types. -${SSH} $opts -i $OBJ/cert_user_key3 proxy true || fatal "cert failed" +${SSH} $certopts proxy true || fatal "cert failed" ${SSH} $opts -i $OBJ/user_key1 proxy true || fatal "key1 failed" ${SSH} $opts -i $OBJ/user_key2 proxy true || fatal "key2 failed" # Allow plain Ed25519 and RSA. The certificate should fail. -verbose "privsep=$privsep allow rsa,ed25519" +verbose "allow rsa,ed25519" prepare_config "PubkeyAcceptedKeyTypes ssh-rsa,ssh-ed25519" -${SSH} $opts -i $OBJ/cert_user_key3 proxy true && fatal "cert succeeded" +${SSH} $certopts proxy true && fatal "cert succeeded" ${SSH} $opts -i $OBJ/user_key1 proxy true || fatal "key1 failed" ${SSH} $opts -i $OBJ/user_key2 proxy true || fatal "key2 failed" # Allow Ed25519 only. -verbose "privsep=$privsep allow ed25519" +verbose "allow ed25519" prepare_config "PubkeyAcceptedKeyTypes ssh-ed25519" -${SSH} $opts -i $OBJ/cert_user_key3 proxy true && fatal "cert succeeded" +${SSH} $certopts proxy true && fatal "cert succeeded" ${SSH} $opts -i $OBJ/user_key1 proxy true || fatal "key1 failed" ${SSH} $opts -i $OBJ/user_key2 proxy true && fatal "key2 succeeded" # Allow all certs. Plain keys should fail. -verbose "privsep=$privsep allow cert only" +verbose "allow cert only" prepare_config "PubkeyAcceptedKeyTypes ssh-*-cert-v01@openssh.com" -${SSH} $opts -i $OBJ/cert_user_key3 proxy true || fatal "cert failed" +${SSH} $certopts proxy true || fatal "cert failed" ${SSH} $opts -i $OBJ/user_key1 proxy true && fatal "key1 succeeded" ${SSH} $opts -i $OBJ/user_key2 proxy true && fatal "key2 succeeded" +# Allow RSA in main config, Ed25519 for non-existent user. +verbose "match w/ no match" +prepare_config "PubkeyAcceptedKeyTypes ssh-rsa" \ + "Match user x$USER" "PubkeyAcceptedKeyTypes +ssh-ed25519" +${SSH} $certopts proxy true && fatal "cert succeeded" +${SSH} $opts -i $OBJ/user_key1 proxy true && fatal "key1 succeeded" +${SSH} $opts -i $OBJ/user_key2 proxy true || fatal "key2 failed" + +# Allow only DSA in main config, Ed25519 for user. +verbose "match w/ matching" +prepare_config "PubkeyAcceptedKeyTypes ssh-dss" \ + "Match user $USER" "PubkeyAcceptedKeyTypes +ssh-ed25519" +${SSH} $certopts proxy true || fatal "cert failed" +${SSH} $opts -i $OBJ/user_key1 proxy true || fatal "key1 failed" +${SSH} $opts -i $OBJ/user_key4 proxy true && fatal "key4 succeeded" + diff --git a/crypto/openssh/regress/principals-command.sh b/crypto/openssh/regress/principals-command.sh index b90a8cf..c0be7e7 100755 --- a/crypto/openssh/regress/principals-command.sh +++ b/crypto/openssh/regress/principals-command.sh @@ -24,6 +24,13 @@ _EOF test $? -eq 0 || fatal "couldn't prepare principals command" $SUDO chmod 0755 "$PRINCIPALS_CMD" +if ! $OBJ/check-perm -m keys-command $PRINCIPALS_CMD ; then + echo "skipping: $PRINCIPALS_CMD is unsuitable as " \ + "AuthorizedPrincipalsCommand" + $SUDO rm -f $PRINCIPALS_CMD + exit 0 +fi + # Create a CA key and a user certificate. ${SSHKEYGEN} -q -N '' -t ed25519 -f $OBJ/user_ca_key || \ fatal "ssh-keygen of user_ca_key failed" diff --git a/crypto/openssh/regress/proxy-connect.sh b/crypto/openssh/regress/proxy-connect.sh index f816962..b7a43fa 100644 --- a/crypto/openssh/regress/proxy-connect.sh +++ b/crypto/openssh/regress/proxy-connect.sh @@ -1,4 +1,4 @@ -# $OpenBSD: proxy-connect.sh,v 1.8 2015/03/03 22:35:19 markus Exp $ +# $OpenBSD: proxy-connect.sh,v 1.9 2016/02/17 02:24:17 djm Exp $ # Placed in the Public Domain. tid="proxy connect" @@ -18,7 +18,8 @@ for ps in no yes; do fail "ssh proxyconnect protocol $p privsep=$ps comp=$c failed" fi if [ "$SSH_CONNECTION" != "UNKNOWN 65535 UNKNOWN 65535" ]; then - fail "bad SSH_CONNECTION protocol $p privsep=$ps comp=$c" + fail "bad SSH_CONNECTION protocol $p privsep=$ps comp=$c: " \ + "$SSH_CONNECTION" fi done done diff --git a/crypto/openssh/regress/rekey.sh b/crypto/openssh/regress/rekey.sh index 0d4444d..ae145bc 100644 --- a/crypto/openssh/regress/rekey.sh +++ b/crypto/openssh/regress/rekey.sh @@ -1,4 +1,4 @@ -# $OpenBSD: rekey.sh,v 1.16 2015/02/14 12:43:16 markus Exp $ +# $OpenBSD: rekey.sh,v 1.17 2016/01/29 05:18:15 dtucker Exp $ # Placed in the Public Domain. tid="rekey" @@ -137,13 +137,15 @@ for s in 5 10; do done verbose "rekeylimit parsing" -for size in 16 1k 1K 1m 1M 1g 1G; do +for size in 16 1k 1K 1m 1M 1g 1G 4G 8G; do for time in 1 1m 1M 1h 1H 1d 1D 1w 1W; do case $size in 16) bytes=16 ;; 1k|1K) bytes=1024 ;; 1m|1M) bytes=1048576 ;; 1g|1G) bytes=1073741824 ;; + 4g|4G) bytes=4294967296 ;; + 8g|8G) bytes=8589934592 ;; esac case $time in 1) seconds=1 ;; diff --git a/crypto/openssh/regress/setuid-allowed.c b/crypto/openssh/regress/setuid-allowed.c index 676d266..7a0527f 100644 --- a/crypto/openssh/regress/setuid-allowed.c +++ b/crypto/openssh/regress/setuid-allowed.c @@ -26,7 +26,7 @@ #include <string.h> #include <errno.h> -void +static void usage(void) { fprintf(stderr, "check-setuid [path]\n"); diff --git a/crypto/openssh/regress/sftp-chroot.sh b/crypto/openssh/regress/sftp-chroot.sh index 23f7456..9c26eb6 100755 --- a/crypto/openssh/regress/sftp-chroot.sh +++ b/crypto/openssh/regress/sftp-chroot.sh @@ -12,6 +12,11 @@ if [ -z "$SUDO" ]; then exit 0 fi +if ! $OBJ/check-perm -m chroot "$CHROOT" ; then + echo "skipped: $CHROOT is unsuitable as ChrootDirectory" + exit 0 +fi + $SUDO sh -c "echo mekmitastdigoat > $PRIVDATA" || \ fatal "create $PRIVDATA failed" diff --git a/crypto/openssh/regress/unittests/sshkey/test_file.c b/crypto/openssh/regress/unittests/sshkey/test_file.c index c8a2369..906491f 100644 --- a/crypto/openssh/regress/unittests/sshkey/test_file.c +++ b/crypto/openssh/regress/unittests/sshkey/test_file.c @@ -1,4 +1,4 @@ -/* $OpenBSD: test_file.c,v 1.4 2015/07/07 14:53:30 markus Exp $ */ +/* $OpenBSD: test_file.c,v 1.5 2015/10/06 01:20:59 djm Exp $ */ /* * Regress test for sshkey.h key management API * @@ -54,8 +54,7 @@ sshkey_file_tests(void) #ifdef WITH_SSH1 TEST_START("parse RSA1 from private"); buf = load_file("rsa1_1"); - ASSERT_INT_EQ(sshkey_parse_private_fileblob(buf, "", "rsa1_1", - &k1, NULL), 0); + ASSERT_INT_EQ(sshkey_parse_private_fileblob(buf, "", &k1, NULL), 0); sshbuf_free(buf); ASSERT_PTR_NE(k1, NULL); a = load_bignum("rsa1_1.param.n"); @@ -66,7 +65,7 @@ sshkey_file_tests(void) TEST_START("parse RSA1 from private w/ passphrase"); buf = load_file("rsa1_1_pw"); ASSERT_INT_EQ(sshkey_parse_private_fileblob(buf, - (const char *)sshbuf_ptr(pw), "rsa1_1_pw", &k2, NULL), 0); + (const char *)sshbuf_ptr(pw), &k2, NULL), 0); sshbuf_free(buf); ASSERT_PTR_NE(k2, NULL); ASSERT_INT_EQ(sshkey_equal(k1, k2), 1); @@ -104,8 +103,7 @@ sshkey_file_tests(void) TEST_START("parse RSA from private"); buf = load_file("rsa_1"); - ASSERT_INT_EQ(sshkey_parse_private_fileblob(buf, "", "rsa_1", - &k1, NULL), 0); + ASSERT_INT_EQ(sshkey_parse_private_fileblob(buf, "", &k1, NULL), 0); sshbuf_free(buf); ASSERT_PTR_NE(k1, NULL); a = load_bignum("rsa_1.param.n"); @@ -122,7 +120,7 @@ sshkey_file_tests(void) TEST_START("parse RSA from private w/ passphrase"); buf = load_file("rsa_1_pw"); ASSERT_INT_EQ(sshkey_parse_private_fileblob(buf, - (const char *)sshbuf_ptr(pw), "rsa_1_pw", &k2, NULL), 0); + (const char *)sshbuf_ptr(pw), &k2, NULL), 0); sshbuf_free(buf); ASSERT_PTR_NE(k2, NULL); ASSERT_INT_EQ(sshkey_equal(k1, k2), 1); @@ -131,8 +129,7 @@ sshkey_file_tests(void) TEST_START("parse RSA from new-format"); buf = load_file("rsa_n"); - ASSERT_INT_EQ(sshkey_parse_private_fileblob(buf, - "", "rsa_n", &k2, NULL), 0); + ASSERT_INT_EQ(sshkey_parse_private_fileblob(buf, "", &k2, NULL), 0); sshbuf_free(buf); ASSERT_PTR_NE(k2, NULL); ASSERT_INT_EQ(sshkey_equal(k1, k2), 1); @@ -142,7 +139,7 @@ sshkey_file_tests(void) TEST_START("parse RSA from new-format w/ passphrase"); buf = load_file("rsa_n_pw"); ASSERT_INT_EQ(sshkey_parse_private_fileblob(buf, - (const char *)sshbuf_ptr(pw), "rsa_n_pw", &k2, NULL), 0); + (const char *)sshbuf_ptr(pw), &k2, NULL), 0); sshbuf_free(buf); ASSERT_PTR_NE(k2, NULL); ASSERT_INT_EQ(sshkey_equal(k1, k2), 1); @@ -197,8 +194,7 @@ sshkey_file_tests(void) TEST_START("parse DSA from private"); buf = load_file("dsa_1"); - ASSERT_INT_EQ(sshkey_parse_private_fileblob(buf, "", "dsa_1", - &k1, NULL), 0); + ASSERT_INT_EQ(sshkey_parse_private_fileblob(buf, "", &k1, NULL), 0); sshbuf_free(buf); ASSERT_PTR_NE(k1, NULL); a = load_bignum("dsa_1.param.g"); @@ -215,7 +211,7 @@ sshkey_file_tests(void) TEST_START("parse DSA from private w/ passphrase"); buf = load_file("dsa_1_pw"); ASSERT_INT_EQ(sshkey_parse_private_fileblob(buf, - (const char *)sshbuf_ptr(pw), "dsa_1_pw", &k2, NULL), 0); + (const char *)sshbuf_ptr(pw), &k2, NULL), 0); sshbuf_free(buf); ASSERT_PTR_NE(k2, NULL); ASSERT_INT_EQ(sshkey_equal(k1, k2), 1); @@ -224,8 +220,7 @@ sshkey_file_tests(void) TEST_START("parse DSA from new-format"); buf = load_file("dsa_n"); - ASSERT_INT_EQ(sshkey_parse_private_fileblob(buf, - "", "dsa_n", &k2, NULL), 0); + ASSERT_INT_EQ(sshkey_parse_private_fileblob(buf, "", &k2, NULL), 0); sshbuf_free(buf); ASSERT_PTR_NE(k2, NULL); ASSERT_INT_EQ(sshkey_equal(k1, k2), 1); @@ -235,7 +230,7 @@ sshkey_file_tests(void) TEST_START("parse DSA from new-format w/ passphrase"); buf = load_file("dsa_n_pw"); ASSERT_INT_EQ(sshkey_parse_private_fileblob(buf, - (const char *)sshbuf_ptr(pw), "dsa_n_pw", &k2, NULL), 0); + (const char *)sshbuf_ptr(pw), &k2, NULL), 0); sshbuf_free(buf); ASSERT_PTR_NE(k2, NULL); ASSERT_INT_EQ(sshkey_equal(k1, k2), 1); @@ -291,8 +286,7 @@ sshkey_file_tests(void) #ifdef OPENSSL_HAS_ECC TEST_START("parse ECDSA from private"); buf = load_file("ecdsa_1"); - ASSERT_INT_EQ(sshkey_parse_private_fileblob(buf, "", "ecdsa_1", - &k1, NULL), 0); + ASSERT_INT_EQ(sshkey_parse_private_fileblob(buf, "", &k1, NULL), 0); sshbuf_free(buf); ASSERT_PTR_NE(k1, NULL); buf = load_text_file("ecdsa_1.param.curve"); @@ -315,7 +309,7 @@ sshkey_file_tests(void) TEST_START("parse ECDSA from private w/ passphrase"); buf = load_file("ecdsa_1_pw"); ASSERT_INT_EQ(sshkey_parse_private_fileblob(buf, - (const char *)sshbuf_ptr(pw), "ecdsa_1_pw", &k2, NULL), 0); + (const char *)sshbuf_ptr(pw), &k2, NULL), 0); sshbuf_free(buf); ASSERT_PTR_NE(k2, NULL); ASSERT_INT_EQ(sshkey_equal(k1, k2), 1); @@ -324,8 +318,7 @@ sshkey_file_tests(void) TEST_START("parse ECDSA from new-format"); buf = load_file("ecdsa_n"); - ASSERT_INT_EQ(sshkey_parse_private_fileblob(buf, - "", "ecdsa_n", &k2, NULL), 0); + ASSERT_INT_EQ(sshkey_parse_private_fileblob(buf, "", &k2, NULL), 0); sshbuf_free(buf); ASSERT_PTR_NE(k2, NULL); ASSERT_INT_EQ(sshkey_equal(k1, k2), 1); @@ -335,7 +328,7 @@ sshkey_file_tests(void) TEST_START("parse ECDSA from new-format w/ passphrase"); buf = load_file("ecdsa_n_pw"); ASSERT_INT_EQ(sshkey_parse_private_fileblob(buf, - (const char *)sshbuf_ptr(pw), "ecdsa_n_pw", &k2, NULL), 0); + (const char *)sshbuf_ptr(pw), &k2, NULL), 0); sshbuf_free(buf); ASSERT_PTR_NE(k2, NULL); ASSERT_INT_EQ(sshkey_equal(k1, k2), 1); @@ -391,8 +384,7 @@ sshkey_file_tests(void) TEST_START("parse Ed25519 from private"); buf = load_file("ed25519_1"); - ASSERT_INT_EQ(sshkey_parse_private_fileblob(buf, "", "ed25519_1", - &k1, NULL), 0); + ASSERT_INT_EQ(sshkey_parse_private_fileblob(buf, "", &k1, NULL), 0); sshbuf_free(buf); ASSERT_PTR_NE(k1, NULL); ASSERT_INT_EQ(k1->type, KEY_ED25519); @@ -402,7 +394,7 @@ sshkey_file_tests(void) TEST_START("parse Ed25519 from private w/ passphrase"); buf = load_file("ed25519_1_pw"); ASSERT_INT_EQ(sshkey_parse_private_fileblob(buf, - (const char *)sshbuf_ptr(pw), "ed25519_1_pw", &k2, NULL), 0); + (const char *)sshbuf_ptr(pw), &k2, NULL), 0); sshbuf_free(buf); ASSERT_PTR_NE(k2, NULL); ASSERT_INT_EQ(sshkey_equal(k1, k2), 1); diff --git a/crypto/openssh/regress/unittests/sshkey/test_fuzz.c b/crypto/openssh/regress/unittests/sshkey/test_fuzz.c index 1f08a2e4..1f414e0 100644 --- a/crypto/openssh/regress/unittests/sshkey/test_fuzz.c +++ b/crypto/openssh/regress/unittests/sshkey/test_fuzz.c @@ -1,4 +1,4 @@ -/* $OpenBSD: test_fuzz.c,v 1.4 2015/03/04 23:22:35 djm Exp $ */ +/* $OpenBSD: test_fuzz.c,v 1.6 2015/12/07 02:20:46 djm Exp $ */ /* * Fuzz tests for key parsing * @@ -72,13 +72,13 @@ public_fuzz(struct sshkey *k) } static void -sig_fuzz(struct sshkey *k) +sig_fuzz(struct sshkey *k, const char *sig_alg) { struct fuzz *fuzz; u_char *sig, c[] = "some junk to be signed"; size_t l; - ASSERT_INT_EQ(sshkey_sign(k, &sig, &l, c, sizeof(c), 0), 0); + ASSERT_INT_EQ(sshkey_sign(k, &sig, &l, c, sizeof(c), sig_alg, 0), 0); ASSERT_SIZE_T_GT(l, 0); fuzz = fuzz_begin(FUZZ_1_BIT_FLIP | /* too slow FUZZ_2_BIT_FLIP | */ FUZZ_1_BYTE_FLIP | FUZZ_2_BYTE_FLIP | @@ -110,8 +110,7 @@ sshkey_fuzz_tests(void) fuzz = fuzz_begin(FUZZ_1_BIT_FLIP | FUZZ_1_BYTE_FLIP | FUZZ_TRUNCATE_START | FUZZ_TRUNCATE_END, sshbuf_mutable_ptr(buf), sshbuf_len(buf)); - ASSERT_INT_EQ(sshkey_parse_private_fileblob(buf, "", "key", - &k1, NULL), 0); + ASSERT_INT_EQ(sshkey_parse_private_fileblob(buf, "", &k1, NULL), 0); sshkey_free(k1); sshbuf_free(buf); ASSERT_PTR_NE(fuzzed = sshbuf_new(), NULL); @@ -119,8 +118,7 @@ sshkey_fuzz_tests(void) for(; !fuzz_done(fuzz); fuzz_next(fuzz)) { r = sshbuf_put(fuzzed, fuzz_ptr(fuzz), fuzz_len(fuzz)); ASSERT_INT_EQ(r, 0); - if (sshkey_parse_private_fileblob(fuzzed, "", "key", - &k1, NULL) == 0) + if (sshkey_parse_private_fileblob(fuzzed, "", &k1, NULL) == 0) sshkey_free(k1); sshbuf_reset(fuzzed); } @@ -154,8 +152,7 @@ sshkey_fuzz_tests(void) buf = load_file("rsa_1"); fuzz = fuzz_begin(FUZZ_BASE64, sshbuf_mutable_ptr(buf), sshbuf_len(buf)); - ASSERT_INT_EQ(sshkey_parse_private_fileblob(buf, "", "key", - &k1, NULL), 0); + ASSERT_INT_EQ(sshkey_parse_private_fileblob(buf, "", &k1, NULL), 0); sshkey_free(k1); sshbuf_free(buf); ASSERT_PTR_NE(fuzzed = sshbuf_new(), NULL); @@ -163,8 +160,7 @@ sshkey_fuzz_tests(void) for(; !fuzz_done(fuzz); fuzz_next(fuzz)) { r = sshbuf_put(fuzzed, fuzz_ptr(fuzz), fuzz_len(fuzz)); ASSERT_INT_EQ(r, 0); - if (sshkey_parse_private_fileblob(fuzzed, "", "key", - &k1, NULL) == 0) + if (sshkey_parse_private_fileblob(fuzzed, "", &k1, NULL) == 0) sshkey_free(k1); sshbuf_reset(fuzzed); } @@ -176,8 +172,7 @@ sshkey_fuzz_tests(void) buf = load_file("rsa_n"); fuzz = fuzz_begin(FUZZ_BASE64, sshbuf_mutable_ptr(buf), sshbuf_len(buf)); - ASSERT_INT_EQ(sshkey_parse_private_fileblob(buf, "", "key", - &k1, NULL), 0); + ASSERT_INT_EQ(sshkey_parse_private_fileblob(buf, "", &k1, NULL), 0); sshkey_free(k1); sshbuf_free(buf); ASSERT_PTR_NE(fuzzed = sshbuf_new(), NULL); @@ -185,8 +180,7 @@ sshkey_fuzz_tests(void) for(; !fuzz_done(fuzz); fuzz_next(fuzz)) { r = sshbuf_put(fuzzed, fuzz_ptr(fuzz), fuzz_len(fuzz)); ASSERT_INT_EQ(r, 0); - if (sshkey_parse_private_fileblob(fuzzed, "", "key", - &k1, NULL) == 0) + if (sshkey_parse_private_fileblob(fuzzed, "", &k1, NULL) == 0) sshkey_free(k1); sshbuf_reset(fuzzed); } @@ -198,8 +192,7 @@ sshkey_fuzz_tests(void) buf = load_file("dsa_1"); fuzz = fuzz_begin(FUZZ_BASE64, sshbuf_mutable_ptr(buf), sshbuf_len(buf)); - ASSERT_INT_EQ(sshkey_parse_private_fileblob(buf, "", "key", - &k1, NULL), 0); + ASSERT_INT_EQ(sshkey_parse_private_fileblob(buf, "", &k1, NULL), 0); sshkey_free(k1); sshbuf_free(buf); ASSERT_PTR_NE(fuzzed = sshbuf_new(), NULL); @@ -207,8 +200,7 @@ sshkey_fuzz_tests(void) for(; !fuzz_done(fuzz); fuzz_next(fuzz)) { r = sshbuf_put(fuzzed, fuzz_ptr(fuzz), fuzz_len(fuzz)); ASSERT_INT_EQ(r, 0); - if (sshkey_parse_private_fileblob(fuzzed, "", "key", - &k1, NULL) == 0) + if (sshkey_parse_private_fileblob(fuzzed, "", &k1, NULL) == 0) sshkey_free(k1); sshbuf_reset(fuzzed); } @@ -220,8 +212,7 @@ sshkey_fuzz_tests(void) buf = load_file("dsa_n"); fuzz = fuzz_begin(FUZZ_BASE64, sshbuf_mutable_ptr(buf), sshbuf_len(buf)); - ASSERT_INT_EQ(sshkey_parse_private_fileblob(buf, "", "key", - &k1, NULL), 0); + ASSERT_INT_EQ(sshkey_parse_private_fileblob(buf, "", &k1, NULL), 0); sshkey_free(k1); sshbuf_free(buf); ASSERT_PTR_NE(fuzzed = sshbuf_new(), NULL); @@ -229,8 +220,7 @@ sshkey_fuzz_tests(void) for(; !fuzz_done(fuzz); fuzz_next(fuzz)) { r = sshbuf_put(fuzzed, fuzz_ptr(fuzz), fuzz_len(fuzz)); ASSERT_INT_EQ(r, 0); - if (sshkey_parse_private_fileblob(fuzzed, "", "key", - &k1, NULL) == 0) + if (sshkey_parse_private_fileblob(fuzzed, "", &k1, NULL) == 0) sshkey_free(k1); sshbuf_reset(fuzzed); } @@ -243,8 +233,7 @@ sshkey_fuzz_tests(void) buf = load_file("ecdsa_1"); fuzz = fuzz_begin(FUZZ_BASE64, sshbuf_mutable_ptr(buf), sshbuf_len(buf)); - ASSERT_INT_EQ(sshkey_parse_private_fileblob(buf, "", "key", - &k1, NULL), 0); + ASSERT_INT_EQ(sshkey_parse_private_fileblob(buf, "", &k1, NULL), 0); sshkey_free(k1); sshbuf_free(buf); ASSERT_PTR_NE(fuzzed = sshbuf_new(), NULL); @@ -252,8 +241,7 @@ sshkey_fuzz_tests(void) for(; !fuzz_done(fuzz); fuzz_next(fuzz)) { r = sshbuf_put(fuzzed, fuzz_ptr(fuzz), fuzz_len(fuzz)); ASSERT_INT_EQ(r, 0); - if (sshkey_parse_private_fileblob(fuzzed, "", "key", - &k1, NULL) == 0) + if (sshkey_parse_private_fileblob(fuzzed, "", &k1, NULL) == 0) sshkey_free(k1); sshbuf_reset(fuzzed); } @@ -265,8 +253,7 @@ sshkey_fuzz_tests(void) buf = load_file("ecdsa_n"); fuzz = fuzz_begin(FUZZ_BASE64, sshbuf_mutable_ptr(buf), sshbuf_len(buf)); - ASSERT_INT_EQ(sshkey_parse_private_fileblob(buf, "", "key", - &k1, NULL), 0); + ASSERT_INT_EQ(sshkey_parse_private_fileblob(buf, "", &k1, NULL), 0); sshkey_free(k1); sshbuf_free(buf); ASSERT_PTR_NE(fuzzed = sshbuf_new(), NULL); @@ -274,8 +261,7 @@ sshkey_fuzz_tests(void) for(; !fuzz_done(fuzz); fuzz_next(fuzz)) { r = sshbuf_put(fuzzed, fuzz_ptr(fuzz), fuzz_len(fuzz)); ASSERT_INT_EQ(r, 0); - if (sshkey_parse_private_fileblob(fuzzed, "", "key", - &k1, NULL) == 0) + if (sshkey_parse_private_fileblob(fuzzed, "", &k1, NULL) == 0) sshkey_free(k1); sshbuf_reset(fuzzed); } @@ -288,8 +274,7 @@ sshkey_fuzz_tests(void) buf = load_file("ed25519_1"); fuzz = fuzz_begin(FUZZ_BASE64, sshbuf_mutable_ptr(buf), sshbuf_len(buf)); - ASSERT_INT_EQ(sshkey_parse_private_fileblob(buf, "", "key", - &k1, NULL), 0); + ASSERT_INT_EQ(sshkey_parse_private_fileblob(buf, "", &k1, NULL), 0); sshkey_free(k1); sshbuf_free(buf); ASSERT_PTR_NE(fuzzed = sshbuf_new(), NULL); @@ -297,8 +282,7 @@ sshkey_fuzz_tests(void) for(; !fuzz_done(fuzz); fuzz_next(fuzz)) { r = sshbuf_put(fuzzed, fuzz_ptr(fuzz), fuzz_len(fuzz)); ASSERT_INT_EQ(r, 0); - if (sshkey_parse_private_fileblob(fuzzed, "", "key", - &k1, NULL) == 0) + if (sshkey_parse_private_fileblob(fuzzed, "", &k1, NULL) == 0) sshkey_free(k1); sshbuf_reset(fuzzed); } @@ -308,8 +292,7 @@ sshkey_fuzz_tests(void) TEST_START("fuzz RSA public"); buf = load_file("rsa_1"); - ASSERT_INT_EQ(sshkey_parse_private_fileblob(buf, "", "key", - &k1, NULL), 0); + ASSERT_INT_EQ(sshkey_parse_private_fileblob(buf, "", &k1, NULL), 0); sshbuf_free(buf); public_fuzz(k1); sshkey_free(k1); @@ -323,8 +306,7 @@ sshkey_fuzz_tests(void) TEST_START("fuzz DSA public"); buf = load_file("dsa_1"); - ASSERT_INT_EQ(sshkey_parse_private_fileblob(buf, "", "key", - &k1, NULL), 0); + ASSERT_INT_EQ(sshkey_parse_private_fileblob(buf, "", &k1, NULL), 0); sshbuf_free(buf); public_fuzz(k1); sshkey_free(k1); @@ -339,8 +321,7 @@ sshkey_fuzz_tests(void) #ifdef OPENSSL_HAS_ECC TEST_START("fuzz ECDSA public"); buf = load_file("ecdsa_1"); - ASSERT_INT_EQ(sshkey_parse_private_fileblob(buf, "", "key", - &k1, NULL), 0); + ASSERT_INT_EQ(sshkey_parse_private_fileblob(buf, "", &k1, NULL), 0); sshbuf_free(buf); public_fuzz(k1); sshkey_free(k1); @@ -355,8 +336,7 @@ sshkey_fuzz_tests(void) TEST_START("fuzz Ed25519 public"); buf = load_file("ed25519_1"); - ASSERT_INT_EQ(sshkey_parse_private_fileblob(buf, "", "key", - &k1, NULL), 0); + ASSERT_INT_EQ(sshkey_parse_private_fileblob(buf, "", &k1, NULL), 0); sshbuf_free(buf); public_fuzz(k1); sshkey_free(k1); @@ -370,39 +350,51 @@ sshkey_fuzz_tests(void) TEST_START("fuzz RSA sig"); buf = load_file("rsa_1"); - ASSERT_INT_EQ(sshkey_parse_private_fileblob(buf, "", "key", - &k1, NULL), 0); + ASSERT_INT_EQ(sshkey_parse_private_fileblob(buf, "", &k1, NULL), 0); sshbuf_free(buf); - sig_fuzz(k1); + sig_fuzz(k1, "ssh-rsa"); + sshkey_free(k1); + TEST_DONE(); + + TEST_START("fuzz RSA SHA256 sig"); + buf = load_file("rsa_1"); + ASSERT_INT_EQ(sshkey_parse_private_fileblob(buf, "", &k1, NULL), 0); + sshbuf_free(buf); + sig_fuzz(k1, "rsa-sha2-256"); + sshkey_free(k1); + TEST_DONE(); + + TEST_START("fuzz RSA SHA512 sig"); + buf = load_file("rsa_1"); + ASSERT_INT_EQ(sshkey_parse_private_fileblob(buf, "", &k1, NULL), 0); + sshbuf_free(buf); + sig_fuzz(k1, "rsa-sha2-512"); sshkey_free(k1); TEST_DONE(); TEST_START("fuzz DSA sig"); buf = load_file("dsa_1"); - ASSERT_INT_EQ(sshkey_parse_private_fileblob(buf, "", "key", - &k1, NULL), 0); + ASSERT_INT_EQ(sshkey_parse_private_fileblob(buf, "", &k1, NULL), 0); sshbuf_free(buf); - sig_fuzz(k1); + sig_fuzz(k1, NULL); sshkey_free(k1); TEST_DONE(); #ifdef OPENSSL_HAS_ECC TEST_START("fuzz ECDSA sig"); buf = load_file("ecdsa_1"); - ASSERT_INT_EQ(sshkey_parse_private_fileblob(buf, "", "key", - &k1, NULL), 0); + ASSERT_INT_EQ(sshkey_parse_private_fileblob(buf, "", &k1, NULL), 0); sshbuf_free(buf); - sig_fuzz(k1); + sig_fuzz(k1, NULL); sshkey_free(k1); TEST_DONE(); #endif TEST_START("fuzz Ed25519 sig"); buf = load_file("ed25519_1"); - ASSERT_INT_EQ(sshkey_parse_private_fileblob(buf, "", "key", - &k1, NULL), 0); + ASSERT_INT_EQ(sshkey_parse_private_fileblob(buf, "", &k1, NULL), 0); sshbuf_free(buf); - sig_fuzz(k1); + sig_fuzz(k1, NULL); sshkey_free(k1); TEST_DONE(); diff --git a/crypto/openssh/regress/unittests/sshkey/test_sshkey.c b/crypto/openssh/regress/unittests/sshkey/test_sshkey.c index 9b3ce7e..1f160d1 100644 --- a/crypto/openssh/regress/unittests/sshkey/test_sshkey.c +++ b/crypto/openssh/regress/unittests/sshkey/test_sshkey.c @@ -1,4 +1,4 @@ -/* $OpenBSD: test_sshkey.c,v 1.7 2015/08/05 05:27:33 djm Exp $ */ +/* $OpenBSD: test_sshkey.c,v 1.9 2015/12/07 02:20:46 djm Exp $ */ /* * Regress test for sshkey.h key management API * @@ -52,7 +52,8 @@ put_opt(struct sshbuf *b, const char *name, const char *value) static void build_cert(struct sshbuf *b, const struct sshkey *k, const char *type, - const struct sshkey *sign_key, const struct sshkey *ca_key) + const struct sshkey *sign_key, const struct sshkey *ca_key, + const char *sig_alg) { struct sshbuf *ca_buf, *pk, *principals, *critopts, *exts; u_char *sigblob; @@ -99,7 +100,7 @@ build_cert(struct sshbuf *b, const struct sshkey *k, const char *type, ASSERT_INT_EQ(sshbuf_put_string(b, NULL, 0), 0); /* reserved */ ASSERT_INT_EQ(sshbuf_put_stringb(b, ca_buf), 0); /* signature key */ ASSERT_INT_EQ(sshkey_sign(sign_key, &sigblob, &siglen, - sshbuf_ptr(b), sshbuf_len(b), 0), 0); + sshbuf_ptr(b), sshbuf_len(b), sig_alg, 0), 0); ASSERT_INT_EQ(sshbuf_put_string(b, sigblob, siglen), 0); /* signature */ free(sigblob); @@ -111,12 +112,13 @@ build_cert(struct sshbuf *b, const struct sshkey *k, const char *type, } static void -signature_test(struct sshkey *k, struct sshkey *bad, const u_char *d, size_t l) +signature_test(struct sshkey *k, struct sshkey *bad, const char *sig_alg, + const u_char *d, size_t l) { size_t len; u_char *sig; - ASSERT_INT_EQ(sshkey_sign(k, &sig, &len, d, l, 0), 0); + ASSERT_INT_EQ(sshkey_sign(k, &sig, &len, d, l, sig_alg, 0), 0); ASSERT_SIZE_T_GT(len, 8); ASSERT_PTR_NE(sig, NULL); ASSERT_INT_EQ(sshkey_verify(k, sig, len, d, l, 0), 0); @@ -143,7 +145,7 @@ banana(u_char *s, size_t l) } static void -signature_tests(struct sshkey *k, struct sshkey *bad) +signature_tests(struct sshkey *k, struct sshkey *bad, const char *sig_alg) { u_char i, buf[2049]; size_t lens[] = { @@ -155,7 +157,7 @@ signature_tests(struct sshkey *k, struct sshkey *bad) test_subtest_info("%s key, banana length %zu", sshkey_type(k), lens[i]); banana(buf, lens[i]); - signature_test(k, bad, buf, lens[i]); + signature_test(k, bad, sig_alg, buf, lens[i]); } } @@ -166,7 +168,7 @@ get_private(const char *n) struct sshkey *ret; b = load_file(n); - ASSERT_INT_EQ(sshkey_parse_private_fileblob(b, "", n, &ret, NULL), 0); + ASSERT_INT_EQ(sshkey_parse_private_fileblob(b, "", &ret, NULL), 0); sshbuf_free(b); return ret; } @@ -469,7 +471,25 @@ sshkey_tests(void) k1 = get_private("rsa_1"); ASSERT_INT_EQ(sshkey_load_public(test_data_file("rsa_2.pub"), &k2, NULL), 0); - signature_tests(k1, k2); + signature_tests(k1, k2, "ssh-rsa"); + sshkey_free(k1); + sshkey_free(k2); + TEST_DONE(); + + TEST_START("sign and verify RSA-SHA256"); + k1 = get_private("rsa_1"); + ASSERT_INT_EQ(sshkey_load_public(test_data_file("rsa_2.pub"), &k2, + NULL), 0); + signature_tests(k1, k2, "rsa-sha2-256"); + sshkey_free(k1); + sshkey_free(k2); + TEST_DONE(); + + TEST_START("sign and verify RSA-SHA512"); + k1 = get_private("rsa_1"); + ASSERT_INT_EQ(sshkey_load_public(test_data_file("rsa_2.pub"), &k2, + NULL), 0); + signature_tests(k1, k2, "rsa-sha2-512"); sshkey_free(k1); sshkey_free(k2); TEST_DONE(); @@ -478,7 +498,7 @@ sshkey_tests(void) k1 = get_private("dsa_1"); ASSERT_INT_EQ(sshkey_load_public(test_data_file("dsa_2.pub"), &k2, NULL), 0); - signature_tests(k1, k2); + signature_tests(k1, k2, NULL); sshkey_free(k1); sshkey_free(k2); TEST_DONE(); @@ -488,7 +508,7 @@ sshkey_tests(void) k1 = get_private("ecdsa_1"); ASSERT_INT_EQ(sshkey_load_public(test_data_file("ecdsa_2.pub"), &k2, NULL), 0); - signature_tests(k1, k2); + signature_tests(k1, k2, NULL); sshkey_free(k1); sshkey_free(k2); TEST_DONE(); @@ -498,7 +518,7 @@ sshkey_tests(void) k1 = get_private("ed25519_1"); ASSERT_INT_EQ(sshkey_load_public(test_data_file("ed25519_2.pub"), &k2, NULL), 0); - signature_tests(k1, k2); + signature_tests(k1, k2, NULL); sshkey_free(k1); sshkey_free(k2); TEST_DONE(); @@ -508,7 +528,7 @@ sshkey_tests(void) ASSERT_INT_EQ(sshkey_load_public(test_data_file("rsa_1.pub"), &k2, NULL), 0); k3 = get_private("rsa_1"); - build_cert(b, k2, "ssh-rsa-cert-v01@openssh.com", k3, k1); + build_cert(b, k2, "ssh-rsa-cert-v01@openssh.com", k3, k1, NULL); ASSERT_INT_EQ(sshkey_from_blob(sshbuf_ptr(b), sshbuf_len(b), &k4), SSH_ERR_KEY_CERT_INVALID_SIGN_KEY); ASSERT_PTR_EQ(k4, NULL); |