[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[PATCH] tests: Do not test blowfish ciphers with OpenSSH 7.6 and newer
[Thread Prev] | [Thread Next]
- Subject: [PATCH] tests: Do not test blowfish ciphers with OpenSSH 7.6 and newer
- From: Jakub Jelen <jjelen@xxxxxxxxxx>
- Reply-to: libssh@xxxxxxxxxx
- Date: Fri, 24 Nov 2017 14:04:57 +0100
- To: libssh@xxxxxxxxxx
The latest OpenSSH removes support for blowfish ciphers, which prevents sshd server starting for the client testsuite of libssh. The following patch removes these ciphers tests when we use this new OpenSSH version. Regards, -- Jakub Jelen Software Engineer Security Technologies Red Hat, Inc.
From ff90555afb7e71a1350788488387f2d7ed7ce027 Mon Sep 17 00:00:00 2001
From: Jakub Jelen <jjelen@xxxxxxxxxx>
Date: Tue, 21 Nov 2017 16:09:01 +0100
Subject: [PATCH] tests: Do not test blowfish ciphers with OpenSSH 7.6 and
newer
Signed-off-by: Jakub Jelen <jjelen@xxxxxxxxxx>
---
tests/client/torture_algorithms.c | 4 ++++
tests/torture.c | 4 ++++
2 files changed, 8 insertions(+)
diff --git a/tests/client/torture_algorithms.c b/tests/client/torture_algorithms.c
index cac59a0f..ce7d36ad 100644
--- a/tests/client/torture_algorithms.c
+++ b/tests/client/torture_algorithms.c
@@ -245,6 +245,7 @@ static void torture_algorithms_3des_cbc_hmac_sha2_512(void **state) {
test_algorithm(s->ssh.session, NULL/*kex*/, "3des-cbc", "hmac-sha2-512");
}
+#if ((OPENSSH_VERSION_MAJOR == 7 && OPENSSH_VERSION_MINOR < 6) || OPENSSH_VERSION_MAJOR <= 6)
static void torture_algorithms_blowfish_cbc_hmac_sha1(void **state) {
struct torture_state *s = *state;
@@ -262,6 +263,7 @@ static void torture_algorithms_blowfish_cbc_hmac_sha2_512(void **state) {
test_algorithm(s->ssh.session, NULL/*kex*/, "blowfish-cbc", "hmac-sha2-512");
}
+#endif
static void torture_algorithms_zlib(void **state) {
struct torture_state *s = *state;
@@ -432,6 +434,7 @@ int torture_run_tests(void) {
cmocka_unit_test_setup_teardown(torture_algorithms_3des_cbc_hmac_sha2_512,
session_setup,
session_teardown),
+#if ((OPENSSH_VERSION_MAJOR == 7 && OPENSSH_VERSION_MINOR < 6) || OPENSSH_VERSION_MAJOR <= 6)
cmocka_unit_test_setup_teardown(torture_algorithms_blowfish_cbc_hmac_sha1,
session_setup,
session_teardown),
@@ -441,6 +444,7 @@ int torture_run_tests(void) {
cmocka_unit_test_setup_teardown(torture_algorithms_blowfish_cbc_hmac_sha2_512,
session_setup,
session_teardown),
+#endif
cmocka_unit_test_setup_teardown(torture_algorithms_zlib,
session_setup,
session_teardown),
diff --git a/tests/torture.c b/tests/torture.c
index 4bd71f19..8486eb41 100644
--- a/tests/torture.c
+++ b/tests/torture.c
@@ -902,7 +902,11 @@ static void torture_setup_create_sshd_config(void **state)
"\n"
#if (OPENSSH_VERSION_MAJOR == 6 && OPENSSH_VERSION_MINOR >= 7) || (OPENSSH_VERSION_MAJOR >= 7)
"HostKeyAlgorithms +ssh-dss\n"
+# if (OPENSSH_VERSION_MAJOR == 7 && OPENSSH_VERSION_MINOR < 6)
"Ciphers +3des-cbc,aes128-cbc,aes192-cbc,aes256-cbc,blowfish-cbc\n"
+# else
+ "Ciphers +3des-cbc,aes128-cbc,aes192-cbc,aes256-cbc\n"
+# endif
"KexAlgorithms +diffie-hellman-group1-sha1"
#else
"Ciphers 3des-cbc,aes128-cbc,aes192-cbc,aes256-cbc,aes128-ctr,"
--
2.13.6
Archive administrator: postmaster@lists.cynapses.org