aboutsummaryrefslogtreecommitdiffstats
path: root/lib/ssh/test/ssh_to_openssh_SUITE.erl
diff options
context:
space:
mode:
Diffstat (limited to 'lib/ssh/test/ssh_to_openssh_SUITE.erl')
-rw-r--r--lib/ssh/test/ssh_to_openssh_SUITE.erl309
1 files changed, 139 insertions, 170 deletions
diff --git a/lib/ssh/test/ssh_to_openssh_SUITE.erl b/lib/ssh/test/ssh_to_openssh_SUITE.erl
index 663168b169..104c1f9107 100644
--- a/lib/ssh/test/ssh_to_openssh_SUITE.erl
+++ b/lib/ssh/test/ssh_to_openssh_SUITE.erl
@@ -85,6 +85,11 @@ init_per_group(erlang_server, Config) ->
UserDir = ?config(priv_dir, Config),
ssh_test_lib:setup_dsa_known_host(DataDir, UserDir),
Config;
+init_per_group(erlang_client, Config) ->
+ CommonAlgs = ssh_test_lib:algo_intersection(
+ ssh:default_algorithms(),
+ ssh_test_lib:default_algorithms("localhost", 22)),
+ [{common_algs,CommonAlgs} | Config];
init_per_group(_, Config) ->
Config.
@@ -201,43 +206,49 @@ erlang_client_openssh_server_kexs() ->
[{doc, "Test that we can connect with different KEXs."}].
erlang_client_openssh_server_kexs(Config) when is_list(Config) ->
- Success =
- lists:foldl(
- fun(Kex, Acc) ->
- ct:log("============= ~p ============= ~p",[Kex,Acc]),
- ConnectionRef =
- ssh_test_lib:connect(?SSH_DEFAULT_PORT, [{silently_accept_hosts, true},
- {user_interaction, false},
- {preferred_algorithms,
- [{kex,[Kex]}]}]),
-
- {ok, ChannelId} =
- ssh_connection:session_channel(ConnectionRef, infinity),
- success =
- ssh_connection:exec(ConnectionRef, ChannelId,
- "echo testing", infinity),
-
- ExpectedData = {ssh_cm, ConnectionRef, {data, ChannelId, 0, <<"testing\n">>}},
- case ssh_test_lib:receive_exec_result(ExpectedData) of
- expected ->
- ssh_test_lib:receive_exec_end(ConnectionRef, ChannelId),
- Acc;
- {unexpected_msg,{ssh_cm, ConnectionRef,
- {exit_status, ChannelId, 0}} = ExitStatus} ->
- ct:log("0: Collected data ~p", [ExitStatus]),
- ssh_test_lib:receive_exec_result(ExpectedData, ConnectionRef, ChannelId),
- Acc;
- Other ->
- ct:log("~p failed: ~p",[Kex,Other]),
- [Kex|Acc]
- end
- end, [], ssh_transport:supported_algorithms(kex)),
- case Success of
- [] ->
- ok;
- BadKex ->
- ct:log("Bad kex algos: ~p",[BadKex]),
- {fail, "Kex failed for one or more algos"}
+ KexAlgos = try proplists:get_value(kex, ?config(common_algs,Config))
+ catch _:_ -> []
+ end,
+ comment(KexAlgos),
+ case KexAlgos of
+ [] -> {skip, "No common kex algorithms"};
+ _ ->
+ Success =
+ lists:foldl(
+ fun(Kex, Acc) ->
+ ConnectionRef =
+ ssh_test_lib:connect(?SSH_DEFAULT_PORT, [{silently_accept_hosts, true},
+ {user_interaction, false},
+ {preferred_algorithms,
+ [{kex,[Kex]}]}]),
+
+ {ok, ChannelId} =
+ ssh_connection:session_channel(ConnectionRef, infinity),
+ success =
+ ssh_connection:exec(ConnectionRef, ChannelId,
+ "echo testing", infinity),
+
+ ExpectedData = {ssh_cm, ConnectionRef, {data, ChannelId, 0, <<"testing\n">>}},
+ case ssh_test_lib:receive_exec_result(ExpectedData) of
+ expected ->
+ ssh_test_lib:receive_exec_end(ConnectionRef, ChannelId),
+ Acc;
+ {unexpected_msg,{ssh_cm, ConnectionRef,
+ {exit_status, ChannelId, 0}} = ExitStatus} ->
+ ct:log("0: Collected data ~p", [ExitStatus]),
+ ssh_test_lib:receive_exec_result(ExpectedData, ConnectionRef, ChannelId),
+ Acc;
+ Other ->
+ ct:log("~p failed: ~p",[Kex,Other]),
+ false
+ end
+ end, true, KexAlgos),
+ case Success of
+ true ->
+ ok;
+ false ->
+ {fail, "Kex failed for one or more algos"}
+ end
end.
%%--------------------------------------------------------------------
@@ -283,45 +294,37 @@ erlang_server_openssh_client_cipher_suites(Config) when is_list(Config) ->
{Pid, Host, Port} = ssh_test_lib:daemon([{system_dir, SystemDir},
{failfun, fun ssh_test_lib:failfun/2}]),
-
ct:sleep(500),
- Supports = crypto:supports(),
- Ciphers = proplists:get_value(ciphers, Supports),
- Tests = [
- {"3des-cbc", lists:member(des3_cbc, Ciphers)},
- {"aes128-cbc", lists:member(aes_cbc128, Ciphers)},
- {"aes128-ctr", lists:member(aes_ctr, Ciphers)},
- {"aes256-cbc", false}
- ],
- lists:foreach(fun({Cipher, Expect}) ->
- Cmd = "ssh -p " ++ integer_to_list(Port) ++
- " -o UserKnownHostsFile=" ++ KnownHosts ++ " " ++ Host ++ " " ++
- " -c " ++ Cipher ++ " 1+1.",
-
- ct:log("Cmd: ~p~n", [Cmd]),
-
- SshPort = open_port({spawn, Cmd}, [binary, stderr_to_stdout]),
-
- case Expect of
- true ->
- receive
- {SshPort,{data, <<"2\n">>}} ->
- ok
- after ?TIMEOUT ->
- ct:fail("Did not receive answer")
- end;
- false ->
- receive
- {SshPort,{data, <<"no matching cipher found", _/binary>>}} ->
- ok
- after ?TIMEOUT ->
- ct:fail("Did not receive no matching cipher message")
- end
- end
- end, Tests),
-
- ssh:stop_daemon(Pid).
+ OpenSshCiphers =
+ ssh_test_lib:to_atoms(
+ string:tokens(os:cmd("ssh -Q cipher"), "\n")),
+ ErlCiphers =
+ proplists:get_value(client2server,
+ proplists:get_value(cipher, ssh:default_algorithms())),
+ CommonCiphers =
+ ssh_test_lib:algo_intersection(ErlCiphers, OpenSshCiphers),
+
+ comment(CommonCiphers),
+
+ lists:foreach(
+ fun(Cipher) ->
+ Cmd = lists:concat(["ssh -p ",Port,
+ " -o UserKnownHostsFile=",KnownHosts," ",Host," ",
+ " -c ",Cipher," 1+1."]),
+ ct:log("Cmd: ~p~n", [Cmd]),
+
+ SshPort = open_port({spawn, Cmd}, [binary, stderr_to_stdout]),
+
+ receive
+ {SshPort,{data, <<"2\n">>}} ->
+ ok
+ after ?TIMEOUT ->
+ ct:fail("~p Did not receive answer",[Cipher])
+ end
+ end, CommonCiphers),
+
+ ssh:stop_daemon(Pid).
%%--------------------------------------------------------------------
erlang_server_openssh_client_macs() ->
@@ -333,45 +336,40 @@ erlang_server_openssh_client_macs(Config) when is_list(Config) ->
KnownHosts = filename:join(PrivDir, "known_hosts"),
{Pid, Host, Port} = ssh_test_lib:daemon([{system_dir, SystemDir},
- {failfun, fun ssh_test_lib:failfun/2}]),
+ {failfun, fun ssh_test_lib:failfun/2}]),
ct:sleep(500),
- Supports = crypto:supports(),
- Hashs = proplists:get_value(hashs, Supports),
- MACs = [{"hmac-sha1", lists:member(sha, Hashs)},
- {"hmac-sha2-256", lists:member(sha256, Hashs)},
- {"hmac-md5-96", false},
- {"hmac-ripemd160", false}],
- lists:foreach(fun({MAC, Expect}) ->
- Cmd = "ssh -p " ++ integer_to_list(Port) ++
- " -o UserKnownHostsFile=" ++ KnownHosts ++ " " ++ Host ++ " " ++
- " -o MACs=" ++ MAC ++ " 1+1.",
-
- ct:log("Cmd: ~p~n", [Cmd]),
-
- SshPort = open_port({spawn, Cmd}, [binary, stderr_to_stdout]),
-
- case Expect of
- true ->
- receive
- {SshPort,{data, <<"2\n">>}} ->
- ok
- after ?TIMEOUT ->
- ct:fail("Did not receive answer")
- end;
- false ->
- receive
- {SshPort,{data, <<"no matching mac found", _/binary>>}} ->
- ok
- after ?TIMEOUT ->
- ct:fail("Did not receive no matching mac message")
- end
- end
- end, MACs),
+ OpenSshMacs =
+ ssh_test_lib:to_atoms(
+ string:tokens(os:cmd("ssh -Q mac"), "\n")),
+ ErlMacs =
+ proplists:get_value(client2server,
+ proplists:get_value(mac, ssh:default_algorithms())),
+ CommonMacs =
+ ssh_test_lib:algo_intersection(ErlMacs, OpenSshMacs),
+
+ comment(CommonMacs),
+
+ lists:foreach(
+ fun(MAC) ->
+ Cmd = lists:concat(["ssh -p ",Port,
+ " -o UserKnownHostsFile=",KnownHosts," ",Host," ",
+ " -o MACs=",MAC," 1+1."]),
+ ct:log("Cmd: ~p~n", [Cmd]),
+
+ SshPort = open_port({spawn, Cmd}, [binary, stderr_to_stdout]),
+
+ receive
+ {SshPort,{data, <<"2\n">>}} ->
+ ok
+ after ?TIMEOUT ->
+ ct:fail("~p Did not receive answer",[MAC])
+ end
+ end, CommonMacs),
- ssh:stop_daemon(Pid).
+ ssh:stop_daemon(Pid).
%%--------------------------------------------------------------------
erlang_server_openssh_client_kexs() ->
@@ -389,54 +387,34 @@ erlang_server_openssh_client_kexs(Config) when is_list(Config) ->
]),
ct:sleep(500),
- ErlKexs = lists:map(fun erlang:atom_to_list/1,
- ssh_transport:supported_algorithms(kex)),
- OpenSshKexs = string:tokens(os:cmd("ssh -Q kex"), "\n"),
-
- Kexs = [{OpenSshKex,lists:member(OpenSshKex,ErlKexs)}
- || OpenSshKex <- OpenSshKexs],
-
- Success =
- lists:foldl(
- fun({Kex, Expect}, Acc) ->
- Cmd = "ssh -p " ++ integer_to_list(Port) ++
- " -o UserKnownHostsFile=" ++ KnownHosts ++ " " ++ Host ++ " " ++
- " -o KexAlgorithms=" ++ Kex ++ " 1+1.",
-
- ct:log("Cmd: ~p~n", [Cmd]),
-
- SshPort = open_port({spawn, Cmd}, [binary, stderr_to_stdout]),
-
- case Expect of
- true ->
- receive
- {SshPort,{data, <<"2\n">>}} ->
- Acc
- after ?TIMEOUT ->
- ct:log("Did not receive answer for ~p",[Kex]),
- [Kex|Acc]
- end;
- false ->
- receive
- {SshPort,{data, <<"Unable to negotiate a key exchange method", _/binary>>}} ->
- Acc
- after ?TIMEOUT ->
- ct:log("Did not receive no matching kex message for ~p",[Kex]),
- [Kex|Acc]
- end
- end
- end, [], Kexs),
+ OpenSshKexs =
+ ssh_test_lib:to_atoms(
+ string:tokens(os:cmd("ssh -Q kex"), "\n")),
+ ErlKexs =
+ proplists:get_value(kex, ssh:default_algorithms()),
+ CommonKexs =
+ ssh_test_lib:algo_intersection(ErlKexs, OpenSshKexs),
+
+ comment(CommonKexs),
+
+ lists:foreach(
+ fun(Kex) ->
+ Cmd = lists:concat(["ssh -p ",Port,
+ " -o UserKnownHostsFile=",KnownHosts," ",Host," ",
+ " -o KexAlgorithms=",Kex," 1+1."]),
+ ct:log("Cmd: ~p~n", [Cmd]),
+
+ SshPort = open_port({spawn, Cmd}, [binary, stderr_to_stdout]),
+
+ receive
+ {SshPort,{data, <<"2\n">>}} ->
+ ok
+ after ?TIMEOUT ->
+ ct:log("~p Did not receive answer",[Kex])
+ end
+ end, CommonKexs),
- ssh:stop_daemon(Pid),
-
- case Success of
- [] ->
- ok;
- BadKex ->
- ct:log("Bad kex algos: ~p",[BadKex]),
- {fail, "Kex failed for one or more algos"}
- end.
-
+ ssh:stop_daemon(Pid).
%%--------------------------------------------------------------------
erlang_server_openssh_client_exec_compressed() ->
@@ -698,26 +676,17 @@ extra_logout() ->
end.
%%--------------------------------------------------------------------
-%%--------------------------------------------------------------------
%% Check if we have a "newer" ssh client that supports these test cases
-%%--------------------------------------------------------------------
check_ssh_client_support(Config) ->
- Port = open_port({spawn, "ssh -Q cipher"}, [exit_status, stderr_to_stdout]),
- case check_ssh_client_support2(Port) of
- 0 -> % exit status from command (0 == ok)
+ case ssh_test_lib:ssh_client_supports_Q() of
+ true ->
ssh:start(),
Config;
_ ->
{skip, "test case not supported by ssh client"}
end.
-check_ssh_client_support2(P) ->
- receive
- {P, {data, _A}} ->
- check_ssh_client_support2(P);
- {P, {exit_status, E}} ->
- E
- after 5000 ->
- ct:log("Openssh command timed out ~n"),
- -1
- end.
+comment(AtomList) ->
+ ct:comment(
+ string:join(lists:map(fun erlang:atom_to_list/1, AtomList),
+ ", ")).