92 lines
4.3 KiB
Diff
92 lines
4.3 KiB
Diff
From 3908845fd109cc532e793473aa60a20bfa2e450f Mon Sep 17 00:00:00 2001
|
|
From: "Tom G. Christensen" <tgc@jupiterrise.com>
|
|
Date: Fri, 11 Mar 2022 17:00:40 +0100
|
|
Subject: [PATCH 7/7] Fix authopt test on platforms without IPv6 support
|
|
|
|
---
|
|
regress/unittests/authopt/testdata/mktestdata.sh | 1 +
|
|
.../authopt/testdata/sourceaddr_ipv4only.cert | 1 +
|
|
regress/unittests/authopt/tests.c | 22 ++++++++++++++++------
|
|
3 files changed, 18 insertions(+), 6 deletions(-)
|
|
create mode 100644 regress/unittests/authopt/testdata/sourceaddr_ipv4only.cert
|
|
|
|
diff --git a/regress/unittests/authopt/testdata/mktestdata.sh b/regress/unittests/authopt/testdata/mktestdata.sh
|
|
index 06a24e39..0510163c 100644
|
|
--- a/regress/unittests/authopt/testdata/mktestdata.sh
|
|
+++ b/regress/unittests/authopt/testdata/mktestdata.sh
|
|
@@ -36,6 +36,7 @@ sign only_x11fwd.cert -Oclear -Opermit-X11-forwarding
|
|
|
|
sign force_command.cert -Oforce-command="foo"
|
|
sign sourceaddr.cert -Osource-address="127.0.0.1/32,::1/128"
|
|
+sign sourceaddr_ipv4only.cert -Osource-address="127.0.0.1/32"
|
|
|
|
# ssh-keygen won't permit generation of certs with invalid source-address
|
|
# values, so we do it as a custom extension.
|
|
diff --git a/regress/unittests/authopt/testdata/sourceaddr_ipv4only.cert b/regress/unittests/authopt/testdata/sourceaddr_ipv4only.cert
|
|
new file mode 100644
|
|
index 00000000..ca756ca5
|
|
--- /dev/null
|
|
+++ b/regress/unittests/authopt/testdata/sourceaddr_ipv4only.cert
|
|
@@ -0,0 +1 @@
|
|
+ssh-ed25519-cert-v01@openssh.com AAAAIHNzaC1lZDI1NTE5LWNlcnQtdjAxQG9wZW5zc2guY29tAAAAIOjl/9se9GhdE8SARP9lHV9IVWeokGjUS1JVk+95JyztAAAAILsTBtFFO81VAwEYCCi+LGl5aa5b7UIrFIKD637xgvN9AAAAAAAAAAEAAAABAAAABHVzZXIAAAAIAAAABHVzZXIAAAAANowB8AAAAAA4a+PwAAAAJgAAAA5zb3VyY2UtYWRkcmVzcwAAABAAAAAMMTI3LjAuMC4xLzMyAAAAggAAABVwZXJtaXQtWDExLWZvcndhcmRpbmcAAAAAAAAAF3Blcm1pdC1hZ2VudC1mb3J3YXJkaW5nAAAAAAAAABZwZXJtaXQtcG9ydC1mb3J3YXJkaW5nAAAAAAAAAApwZXJtaXQtcHR5AAAAAAAAAA5wZXJtaXQtdXNlci1yYwAAAAAAAAAAAAAAMwAAAAtzc2gtZWQyNTUxOQAAACCzFxz+o7QkolOrc+Crw/t3wYPP82mX3vEYDRP+21UyCQAAAFMAAAALc3NoLWVkMjU1MTkAAABAlroivhFKt2b6GIX3IFjBOOD5kn6URV7HNbk4JRwZheujUIe0T7x/v3mN53dug0hbtl0M4jAxYhG+7Kq8RnMsDA== user key
|
|
diff --git a/regress/unittests/authopt/tests.c b/regress/unittests/authopt/tests.c
|
|
index d9e19030..25ba5f2d 100644
|
|
--- a/regress/unittests/authopt/tests.c
|
|
+++ b/regress/unittests/authopt/tests.c
|
|
@@ -24,6 +24,16 @@
|
|
#include "misc.h"
|
|
#include "log.h"
|
|
|
|
+#ifndef HAVE_STRUCT_IN6_ADDR
|
|
+# define SOURCEADDR_CERT_FILE "sourceaddr_ipv4only.cert"
|
|
+# define SOURCEADDR_CERT_NAME "sourceaddr_ipv4only"
|
|
+# define HOST_CERT_LOCALHOST "127.0.0.1/32"
|
|
+#else
|
|
+# define SOURCEADDR_CERT_FILE "sourceaddr.cert"
|
|
+# define SOURCEADDR_CERT_NAME "sourceaddr"
|
|
+# define HOST_CERT_LOCALHOST "127.0.0.1/32,::1/128"
|
|
+#endif
|
|
+
|
|
static struct sshkey *
|
|
load_key(const char *name)
|
|
{
|
|
@@ -349,9 +359,9 @@ test_cert_parse(void)
|
|
TEST_DONE();
|
|
|
|
TEST_START("sshauthopt_from_cert source-address");
|
|
- cert = load_key("sourceaddr.cert");
|
|
+ cert = load_key(SOURCEADDR_CERT_FILE);
|
|
expected = default_authkey_opts();
|
|
- expected->required_from_host_cert = strdup("127.0.0.1/32,::1/128");
|
|
+ expected->required_from_host_cert = strdup(HOST_CERT_LOCALHOST);
|
|
ASSERT_PTR_NE(expected->required_from_host_cert, NULL);
|
|
opts = sshauthopt_from_cert(cert);
|
|
CHECK_SUCCESS_AND_CLEANUP();
|
|
@@ -481,9 +491,9 @@ test_merge(void)
|
|
FLAG_TEST("x11fwd", "x11-forwarding", permit_x11_forwarding_flag);
|
|
#undef FLAG_TEST
|
|
|
|
- PREPARE("source-address both", "sourceaddr", "from=\"127.0.0.1\"");
|
|
+ PREPARE("source-address both", SOURCEADDR_CERT_NAME, "from=\"127.0.0.1\"");
|
|
expected = default_authkey_opts();
|
|
- expected->required_from_host_cert = strdup("127.0.0.1/32,::1/128");
|
|
+ expected->required_from_host_cert = strdup(HOST_CERT_LOCALHOST);
|
|
ASSERT_PTR_NE(expected->required_from_host_cert, NULL);
|
|
expected->required_from_host_keys = strdup("127.0.0.1");
|
|
ASSERT_PTR_NE(expected->required_from_host_keys, NULL);
|
|
@@ -502,9 +512,9 @@ test_merge(void)
|
|
CHECK_SUCCESS_AND_CLEANUP();
|
|
TEST_DONE();
|
|
|
|
- PREPARE("source-address cert", "sourceaddr", "");
|
|
+ PREPARE("source-address cert", SOURCEADDR_CERT_NAME, "");
|
|
expected = default_authkey_opts();
|
|
- expected->required_from_host_cert = strdup("127.0.0.1/32,::1/128");
|
|
+ expected->required_from_host_cert = strdup(HOST_CERT_LOCALHOST);
|
|
ASSERT_PTR_NE(expected->required_from_host_cert, NULL);
|
|
CHECK_SUCCESS_AND_CLEANUP();
|
|
TEST_DONE();
|
|
--
|
|
2.16.6
|
|
|