summaryrefslogtreecommitdiff
path: root/regress/unittests/hostkeys/test_iterate.c
diff options
context:
space:
mode:
Diffstat (limited to 'regress/unittests/hostkeys/test_iterate.c')
-rw-r--r--regress/unittests/hostkeys/test_iterate.c1141
1 files changed, 1141 insertions, 0 deletions
diff --git a/regress/unittests/hostkeys/test_iterate.c b/regress/unittests/hostkeys/test_iterate.c
new file mode 100644
index 000000000..92d3a8345
--- /dev/null
+++ b/regress/unittests/hostkeys/test_iterate.c
@@ -0,0 +1,1141 @@
1/* $OpenBSD: test_iterate.c,v 1.1 2015/02/16 22:18:34 djm Exp $ */
2/*
3 * Regress test for hostfile.h hostkeys_foreach()
4 *
5 * Placed in the public domain
6 */
7
8#include <sys/types.h>
9#include <sys/param.h>
10#include <stdio.h>
11#include <stdint.h>
12#include <stdlib.h>
13#include <string.h>
14
15#include "test_helper.h"
16
17#include "sshkey.h"
18#include "authfile.h"
19#include "hostfile.h"
20
21struct expected {
22 const char *key_file; /* Path for key, NULL for none */
23 int no_parse_status; /* Expected status w/o key parsing */
24 int no_parse_keytype; /* Expected keytype w/o key parsing */
25 int match_host_p; /* Match 'prometheus.example.com' */
26 int match_host_s; /* Match 'sisyphus.example.com' */
27 int match_ipv4; /* Match '192.0.2.1' */
28 int match_ipv6; /* Match '2001:db8::1' */
29 int match_flags; /* Expected flags from match */
30 struct hostkey_foreach_line l; /* Expected line contents */
31};
32
33struct cbctx {
34 const struct expected *expected;
35 size_t nexpected;
36 size_t i;
37 int flags;
38 int match_host_p;
39 int match_host_s;
40 int match_ipv4;
41 int match_ipv6;
42};
43
44/*
45 * hostkeys_foreach() iterator callback that verifies the line passed
46 * against an array of expected entries.
47 */
48static int
49check(struct hostkey_foreach_line *l, void *_ctx)
50{
51 struct cbctx *ctx = (struct cbctx *)_ctx;
52 const struct expected *expected;
53 const int parse_key = (ctx->flags & HKF_WANT_PARSE_KEY) != 0;
54 const int matching = (ctx->flags & HKF_WANT_MATCH) != 0;
55 u_int expected_status, expected_match;
56 int expected_keytype;
57
58 test_subtest_info("entry %zu/%zu, file line %ld",
59 ctx->i + 1, ctx->nexpected, l->linenum);
60
61 for (;;) {
62 ASSERT_SIZE_T_LT(ctx->i, ctx->nexpected);
63 expected = ctx->expected + ctx->i++;
64 /* If we are matching host/IP then skip entries that don't */
65 if (!matching)
66 break;
67 if (ctx->match_host_p && expected->match_host_p)
68 break;
69 if (ctx->match_host_s && expected->match_host_s)
70 break;
71 if (ctx->match_ipv4 && expected->match_ipv4)
72 break;
73 if (ctx->match_ipv6 && expected->match_ipv6)
74 break;
75 }
76 expected_status = (parse_key || expected->no_parse_status < 0) ?
77 expected->l.status : (u_int)expected->no_parse_status;
78 expected_match = expected->l.match;
79#define UPDATE_MATCH_STATUS(x) do { \
80 if (ctx->x && expected->x) { \
81 expected_match |= expected->x; \
82 if (expected_status == HKF_STATUS_OK) \
83 expected_status = HKF_STATUS_MATCHED; \
84 } \
85 } while (0)
86 UPDATE_MATCH_STATUS(match_host_p);
87 UPDATE_MATCH_STATUS(match_host_s);
88 UPDATE_MATCH_STATUS(match_ipv4);
89 UPDATE_MATCH_STATUS(match_ipv6);
90 expected_keytype = (parse_key || expected->no_parse_keytype < 0) ?
91 expected->l.keytype : expected->no_parse_keytype;
92
93 ASSERT_PTR_NE(l->path, NULL); /* Don't care about path */
94 ASSERT_LONG_LONG_EQ(l->linenum, expected->l.linenum);
95 ASSERT_U_INT_EQ(l->status, expected_status);
96 ASSERT_U_INT_EQ(l->match, expected_match);
97 /* Not all test entries contain fulltext */
98 if (expected->l.line != NULL)
99 ASSERT_STRING_EQ(l->line, expected->l.line);
100 ASSERT_INT_EQ(l->marker, expected->l.marker);
101 /* XXX we skip hashed hostnames for now; implement checking */
102 if (expected->l.hosts != NULL)
103 ASSERT_STRING_EQ(l->hosts, expected->l.hosts);
104 /* Not all test entries contain raw keys */
105 if (expected->l.rawkey != NULL)
106 ASSERT_STRING_EQ(l->rawkey, expected->l.rawkey);
107 /* XXX synthesise raw key for cases lacking and compare */
108 ASSERT_INT_EQ(l->keytype, expected_keytype);
109 if (parse_key) {
110 if (expected->l.key == NULL)
111 ASSERT_PTR_EQ(l->key, NULL);
112 if (expected->l.key != NULL) {
113 ASSERT_PTR_NE(l->key, NULL);
114 ASSERT_INT_EQ(sshkey_equal(l->key, expected->l.key), 1);
115 }
116 }
117 if (parse_key && !(l->comment == NULL && expected->l.comment == NULL))
118 ASSERT_STRING_EQ(l->comment, expected->l.comment);
119 return 0;
120}
121
122/* Loads public keys for a set of expected results */
123static void
124prepare_expected(struct expected *expected, size_t n)
125{
126 size_t i;
127
128 for (i = 0; i < n; i++) {
129 if (expected[i].key_file == NULL)
130 continue;
131 ASSERT_INT_EQ(sshkey_load_public(
132 test_data_file(expected[i].key_file), &expected[i].l.key,
133 NULL), 0);
134 }
135}
136
137struct expected expected_full[] = {
138 { NULL, -1, -1, 0, 0, 0, 0, -1, {
139 NULL, /* path, don't care */
140 1, /* line number */
141 HKF_STATUS_COMMENT, /* status */
142 0, /* match flags */
143 "# Plain host keys, plain host names", /* full line, optional */
144 MRK_NONE, /* marker (CA / revoked) */
145 NULL, /* hosts text */
146 NULL, /* raw key, optional */
147 KEY_UNSPEC, /* key type */
148 NULL, /* deserialised key */
149 NULL, /* comment */
150 } },
151 { "dsa_1.pub" , -1, -1, 0, HKF_MATCH_HOST, 0, 0, -1, {
152 NULL,
153 2,
154 HKF_STATUS_OK,
155 0,
156 NULL,
157 MRK_NONE,
158 "sisyphus.example.com",
159 NULL,
160 KEY_DSA,
161 NULL, /* filled at runtime */
162 "DSA #1",
163 } },
164 { "ecdsa_1.pub" , -1, -1, 0, HKF_MATCH_HOST, 0, 0, -1, {
165 NULL,
166 3,
167 HKF_STATUS_OK,
168 0,
169 NULL,
170 MRK_NONE,
171 "sisyphus.example.com",
172 NULL,
173 KEY_ECDSA,
174 NULL, /* filled at runtime */
175 "ECDSA #1",
176 } },
177 { "ed25519_1.pub" , -1, -1, 0, HKF_MATCH_HOST, 0, 0, -1, {
178 NULL,
179 4,
180 HKF_STATUS_OK,
181 0,
182 NULL,
183 MRK_NONE,
184 "sisyphus.example.com",
185 NULL,
186 KEY_ED25519,
187 NULL, /* filled at runtime */
188 "ED25519 #1",
189 } },
190 { "rsa1_1.pub" , -1, -1, 0, HKF_MATCH_HOST, 0, 0, -1, {
191 NULL,
192 5,
193 HKF_STATUS_OK,
194 0,
195 NULL,
196 MRK_NONE,
197 "sisyphus.example.com",
198 NULL,
199 KEY_RSA1,
200 NULL, /* filled at runtime */
201 "RSA1 #1",
202 } },
203 { "rsa_1.pub" , -1, -1, 0, HKF_MATCH_HOST, 0, 0, -1, {
204 NULL,
205 6,
206 HKF_STATUS_OK,
207 0,
208 NULL,
209 MRK_NONE,
210 "sisyphus.example.com",
211 NULL,
212 KEY_RSA,
213 NULL, /* filled at runtime */
214 "RSA #1",
215 } },
216 { NULL, -1, -1, 0, 0, 0, 0, -1, {
217 NULL,
218 7,
219 HKF_STATUS_COMMENT,
220 0,
221 "",
222 MRK_NONE,
223 NULL,
224 NULL,
225 KEY_UNSPEC,
226 NULL,
227 NULL,
228 } },
229 { NULL, -1, -1, 0, 0, 0, 0, -1, {
230 NULL,
231 8,
232 HKF_STATUS_COMMENT,
233 0,
234 "# Plain host keys, hostnames + addresses",
235 MRK_NONE,
236 NULL,
237 NULL,
238 KEY_UNSPEC,
239 NULL,
240 NULL,
241 } },
242 { "dsa_2.pub" , -1, -1, HKF_MATCH_HOST, 0, HKF_MATCH_IP, HKF_MATCH_IP, -1, {
243 NULL,
244 9,
245 HKF_STATUS_OK,
246 0,
247 NULL,
248 MRK_NONE,
249 "prometheus.example.com,192.0.2.1,2001:db8::1",
250 NULL,
251 KEY_DSA,
252 NULL, /* filled at runtime */
253 "DSA #2",
254 } },
255 { "ecdsa_2.pub" , -1, -1, HKF_MATCH_HOST, 0, HKF_MATCH_IP, HKF_MATCH_IP, -1, {
256 NULL,
257 10,
258 HKF_STATUS_OK,
259 0,
260 NULL,
261 MRK_NONE,
262 "prometheus.example.com,192.0.2.1,2001:db8::1",
263 NULL,
264 KEY_ECDSA,
265 NULL, /* filled at runtime */
266 "ECDSA #2",
267 } },
268 { "ed25519_2.pub" , -1, -1, HKF_MATCH_HOST, 0, HKF_MATCH_IP, HKF_MATCH_IP, -1, {
269 NULL,
270 11,
271 HKF_STATUS_OK,
272 0,
273 NULL,
274 MRK_NONE,
275 "prometheus.example.com,192.0.2.1,2001:db8::1",
276 NULL,
277 KEY_ED25519,
278 NULL, /* filled at runtime */
279 "ED25519 #2",
280 } },
281 { "rsa1_2.pub" , -1, -1, HKF_MATCH_HOST, 0, HKF_MATCH_IP, HKF_MATCH_IP, -1, {
282 NULL,
283 12,
284 HKF_STATUS_OK,
285 0,
286 NULL,
287 MRK_NONE,
288 "prometheus.example.com,192.0.2.1,2001:db8::1",
289 NULL,
290 KEY_RSA1,
291 NULL, /* filled at runtime */
292 "RSA1 #2",
293 } },
294 { "rsa_2.pub" , -1, -1, HKF_MATCH_HOST, 0, HKF_MATCH_IP, HKF_MATCH_IP, -1, {
295 NULL,
296 13,
297 HKF_STATUS_OK,
298 0,
299 NULL,
300 MRK_NONE,
301 "prometheus.example.com,192.0.2.1,2001:db8::1",
302 NULL,
303 KEY_RSA,
304 NULL, /* filled at runtime */
305 "RSA #2",
306 } },
307 { NULL, -1, -1, 0, 0, 0, 0, -1, {
308 NULL,
309 14,
310 HKF_STATUS_COMMENT,
311 0,
312 "",
313 MRK_NONE,
314 NULL,
315 NULL,
316 KEY_UNSPEC,
317 NULL,
318 NULL,
319 } },
320 { NULL, -1, -1, 0, 0, 0, 0, -1, {
321 NULL,
322 15,
323 HKF_STATUS_COMMENT,
324 0,
325 "# Some hosts with wildcard names / IPs",
326 MRK_NONE,
327 NULL,
328 NULL,
329 KEY_UNSPEC,
330 NULL,
331 NULL,
332 } },
333 { "dsa_3.pub" , -1, -1, HKF_MATCH_HOST, HKF_MATCH_HOST, HKF_MATCH_IP, HKF_MATCH_IP, -1, {
334 NULL,
335 16,
336 HKF_STATUS_OK,
337 0,
338 NULL,
339 MRK_NONE,
340 "*.example.com,192.0.2.*,2001:*",
341 NULL,
342 KEY_DSA,
343 NULL, /* filled at runtime */
344 "DSA #3",
345 } },
346 { "ecdsa_3.pub" , -1, -1, HKF_MATCH_HOST, HKF_MATCH_HOST, HKF_MATCH_IP, HKF_MATCH_IP, -1, {
347 NULL,
348 17,
349 HKF_STATUS_OK,
350 0,
351 NULL,
352 MRK_NONE,
353 "*.example.com,192.0.2.*,2001:*",
354 NULL,
355 KEY_ECDSA,
356 NULL, /* filled at runtime */
357 "ECDSA #3",
358 } },
359 { "ed25519_3.pub" , -1, -1, HKF_MATCH_HOST, HKF_MATCH_HOST, HKF_MATCH_IP, HKF_MATCH_IP, -1, {
360 NULL,
361 18,
362 HKF_STATUS_OK,
363 0,
364 NULL,
365 MRK_NONE,
366 "*.example.com,192.0.2.*,2001:*",
367 NULL,
368 KEY_ED25519,
369 NULL, /* filled at runtime */
370 "ED25519 #3",
371 } },
372 { "rsa1_3.pub" , -1, -1, HKF_MATCH_HOST, HKF_MATCH_HOST, HKF_MATCH_IP, HKF_MATCH_IP, -1, {
373 NULL,
374 19,
375 HKF_STATUS_OK,
376 0,
377 NULL,
378 MRK_NONE,
379 "*.example.com,192.0.2.*,2001:*",
380 NULL,
381 KEY_RSA1,
382 NULL, /* filled at runtime */
383 "RSA1 #3",
384 } },
385 { "rsa_3.pub" , -1, -1, HKF_MATCH_HOST, HKF_MATCH_HOST, HKF_MATCH_IP, HKF_MATCH_IP, -1, {
386 NULL,
387 20,
388 HKF_STATUS_OK,
389 0,
390 NULL,
391 MRK_NONE,
392 "*.example.com,192.0.2.*,2001:*",
393 NULL,
394 KEY_RSA,
395 NULL, /* filled at runtime */
396 "RSA #3",
397 } },
398 { NULL, -1, -1, 0, 0, 0, 0, -1, {
399 NULL,
400 21,
401 HKF_STATUS_COMMENT,
402 0,
403 "",
404 MRK_NONE,
405 NULL,
406 NULL,
407 KEY_UNSPEC,
408 NULL,
409 NULL,
410 } },
411 { NULL, -1, -1, 0, 0, 0, 0, -1, {
412 NULL,
413 22,
414 HKF_STATUS_COMMENT,
415 0,
416 "# Hashed hostname and address entries",
417 MRK_NONE,
418 NULL,
419 NULL,
420 KEY_UNSPEC,
421 NULL,
422 NULL,
423 } },
424 { "dsa_5.pub" , -1, -1, 0, HKF_MATCH_HOST|HKF_MATCH_HOST_HASHED, 0, 0, -1, {
425 NULL,
426 23,
427 HKF_STATUS_OK,
428 0,
429 NULL,
430 MRK_NONE,
431 NULL,
432 NULL,
433 KEY_DSA,
434 NULL, /* filled at runtime */
435 "DSA #5",
436 } },
437 { "ecdsa_5.pub" , -1, -1, 0, HKF_MATCH_HOST|HKF_MATCH_HOST_HASHED, 0, 0, -1, {
438 NULL,
439 24,
440 HKF_STATUS_OK,
441 0,
442 NULL,
443 MRK_NONE,
444 NULL,
445 NULL,
446 KEY_ECDSA,
447 NULL, /* filled at runtime */
448 "ECDSA #5",
449 } },
450 { "ed25519_5.pub" , -1, -1, 0, HKF_MATCH_HOST|HKF_MATCH_HOST_HASHED, 0, 0, -1, {
451 NULL,
452 25,
453 HKF_STATUS_OK,
454 0,
455 NULL,
456 MRK_NONE,
457 NULL,
458 NULL,
459 KEY_ED25519,
460 NULL, /* filled at runtime */
461 "ED25519 #5",
462 } },
463 { "rsa1_5.pub" , -1, -1, 0, HKF_MATCH_HOST|HKF_MATCH_HOST_HASHED, 0, 0, -1, {
464 NULL,
465 26,
466 HKF_STATUS_OK,
467 0,
468 NULL,
469 MRK_NONE,
470 NULL,
471 NULL,
472 KEY_RSA1,
473 NULL, /* filled at runtime */
474 "RSA1 #5",
475 } },
476 { "rsa_5.pub" , -1, -1, 0, HKF_MATCH_HOST|HKF_MATCH_HOST_HASHED, 0, 0, -1, {
477 NULL,
478 27,
479 HKF_STATUS_OK,
480 0,
481 NULL,
482 MRK_NONE,
483 NULL,
484 NULL,
485 KEY_RSA,
486 NULL, /* filled at runtime */
487 "RSA #5",
488 } },
489 { NULL, -1, -1, 0, 0, 0, 0, -1, {
490 NULL,
491 28,
492 HKF_STATUS_COMMENT,
493 0,
494 "",
495 MRK_NONE,
496 NULL,
497 NULL,
498 KEY_UNSPEC,
499 NULL,
500 NULL,
501 } },
502 /*
503 * The next series have each key listed multiple times, as the
504 * hostname and addresses in the pre-hashed known_hosts are split
505 * to separate lines.
506 */
507 { "dsa_6.pub" , -1, -1, HKF_MATCH_HOST|HKF_MATCH_HOST_HASHED, 0, 0, 0, -1, {
508 NULL,
509 29,
510 HKF_STATUS_OK,
511 0,
512 NULL,
513 MRK_NONE,
514 NULL,
515 NULL,
516 KEY_DSA,
517 NULL, /* filled at runtime */
518 "DSA #6",
519 } },
520 { "dsa_6.pub" , -1, -1, 0, 0, HKF_MATCH_IP|HKF_MATCH_IP_HASHED, 0, -1, {
521 NULL,
522 30,
523 HKF_STATUS_OK,
524 0,
525 NULL,
526 MRK_NONE,
527 NULL,
528 NULL,
529 KEY_DSA,
530 NULL, /* filled at runtime */
531 "DSA #6",
532 } },
533 { "dsa_6.pub" , -1, -1, 0, 0, 0, HKF_MATCH_IP|HKF_MATCH_IP_HASHED, -1, {
534 NULL,
535 31,
536 HKF_STATUS_OK,
537 0,
538 NULL,
539 MRK_NONE,
540 NULL,
541 NULL,
542 KEY_DSA,
543 NULL, /* filled at runtime */
544 "DSA #6",
545 } },
546 { "ecdsa_6.pub" , -1, -1, HKF_MATCH_HOST|HKF_MATCH_HOST_HASHED, 0, 0, 0, -1, {
547 NULL,
548 32,
549 HKF_STATUS_OK,
550 0,
551 NULL,
552 MRK_NONE,
553 NULL,
554 NULL,
555 KEY_ECDSA,
556 NULL, /* filled at runtime */
557 "ECDSA #6",
558 } },
559 { "ecdsa_6.pub" , -1, -1, 0, 0, HKF_MATCH_IP|HKF_MATCH_IP_HASHED, 0, -1, {
560 NULL,
561 33,
562 HKF_STATUS_OK,
563 0,
564 NULL,
565 MRK_NONE,
566 NULL,
567 NULL,
568 KEY_ECDSA,
569 NULL, /* filled at runtime */
570 "ECDSA #6",
571 } },
572 { "ecdsa_6.pub" , -1, -1, 0, 0, 0, HKF_MATCH_IP|HKF_MATCH_IP_HASHED, -1, {
573 NULL,
574 34,
575 HKF_STATUS_OK,
576 0,
577 NULL,
578 MRK_NONE,
579 NULL,
580 NULL,
581 KEY_ECDSA,
582 NULL, /* filled at runtime */
583 "ECDSA #6",
584 } },
585 { "ed25519_6.pub" , -1, -1, HKF_MATCH_HOST|HKF_MATCH_HOST_HASHED, 0, 0, 0, -1, {
586 NULL,
587 35,
588 HKF_STATUS_OK,
589 0,
590 NULL,
591 MRK_NONE,
592 NULL,
593 NULL,
594 KEY_ED25519,
595 NULL, /* filled at runtime */
596 "ED25519 #6",
597 } },
598 { "ed25519_6.pub" , -1, -1, 0, 0, HKF_MATCH_IP|HKF_MATCH_IP_HASHED, 0, -1, {
599 NULL,
600 36,
601 HKF_STATUS_OK,
602 0,
603 NULL,
604 MRK_NONE,
605 NULL,
606 NULL,
607 KEY_ED25519,
608 NULL, /* filled at runtime */
609 "ED25519 #6",
610 } },
611 { "ed25519_6.pub" , -1, -1, 0, 0, 0, HKF_MATCH_IP|HKF_MATCH_IP_HASHED, -1, {
612 NULL,
613 37,
614 HKF_STATUS_OK,
615 0,
616 NULL,
617 MRK_NONE,
618 NULL,
619 NULL,
620 KEY_ED25519,
621 NULL, /* filled at runtime */
622 "ED25519 #6",
623 } },
624 { "rsa1_6.pub" , -1, -1, HKF_MATCH_HOST|HKF_MATCH_HOST_HASHED, 0, 0, 0, -1, {
625 NULL,
626 38,
627 HKF_STATUS_OK,
628 0,
629 NULL,
630 MRK_NONE,
631 NULL,
632 NULL,
633 KEY_RSA1,
634 NULL, /* filled at runtime */
635 "RSA1 #6",
636 } },
637 { "rsa1_6.pub" , -1, -1, 0, 0, HKF_MATCH_IP|HKF_MATCH_IP_HASHED, 0, -1, {
638 NULL,
639 39,
640 HKF_STATUS_OK,
641 0,
642 NULL,
643 MRK_NONE,
644 NULL,
645 NULL,
646 KEY_RSA1,
647 NULL, /* filled at runtime */
648 "RSA1 #6",
649 } },
650 { "rsa1_6.pub" , -1, -1, 0, 0, 0, HKF_MATCH_IP|HKF_MATCH_IP_HASHED, -1, {
651 NULL,
652 40,
653 HKF_STATUS_OK,
654 0,
655 NULL,
656 MRK_NONE,
657 NULL,
658 NULL,
659 KEY_RSA1,
660 NULL, /* filled at runtime */
661 "RSA1 #6",
662 } },
663 { "rsa_6.pub" , -1, -1, HKF_MATCH_HOST|HKF_MATCH_HOST_HASHED, 0, 0, 0, -1, {
664 NULL,
665 41,
666 HKF_STATUS_OK,
667 0,
668 NULL,
669 MRK_NONE,
670 NULL,
671 NULL,
672 KEY_RSA,
673 NULL, /* filled at runtime */
674 "RSA #6",
675 } },
676 { "rsa_6.pub" , -1, -1, 0, 0, HKF_MATCH_IP|HKF_MATCH_IP_HASHED, 0, -1, {
677 NULL,
678 42,
679 HKF_STATUS_OK,
680 0,
681 NULL,
682 MRK_NONE,
683 NULL,
684 NULL,
685 KEY_RSA,
686 NULL, /* filled at runtime */
687 "RSA #6",
688 } },
689 { "rsa_6.pub" , -1, -1, 0, 0, 0, HKF_MATCH_IP|HKF_MATCH_IP_HASHED, -1, {
690 NULL,
691 43,
692 HKF_STATUS_OK,
693 0,
694 NULL,
695 MRK_NONE,
696 NULL,
697 NULL,
698 KEY_RSA,
699 NULL, /* filled at runtime */
700 "RSA #6",
701 } },
702 { NULL, -1, -1, 0, 0, 0, 0, -1, {
703 NULL,
704 44,
705 HKF_STATUS_COMMENT,
706 0,
707 "",
708 MRK_NONE,
709 NULL,
710 NULL,
711 KEY_UNSPEC,
712 NULL,
713 NULL,
714 } },
715 { NULL, -1, -1, 0, 0, 0, 0, -1, {
716 NULL,
717 45,
718 HKF_STATUS_COMMENT,
719 0,
720 "",
721 MRK_NONE,
722 NULL,
723 NULL,
724 KEY_UNSPEC,
725 NULL,
726 NULL,
727 } },
728 { NULL, -1, -1, 0, 0, 0, 0, -1, {
729 NULL,
730 46,
731 HKF_STATUS_COMMENT,
732 0,
733 "# Revoked and CA keys",
734 MRK_NONE,
735 NULL,
736 NULL,
737 KEY_UNSPEC,
738 NULL,
739 NULL,
740 } },
741 { "rsa1_4.pub" , -1, -1, 0, HKF_MATCH_HOST, 0, 0, -1, {
742 NULL,
743 47,
744 HKF_STATUS_OK,
745 0,
746 NULL,
747 MRK_REVOKE,
748 "sisyphus.example.com",
749 NULL,
750 KEY_RSA1,
751 NULL, /* filled at runtime */
752 "RSA1 #4",
753 } },
754 { "ed25519_4.pub" , -1, -1, 0, HKF_MATCH_HOST, 0, 0, -1, {
755 NULL,
756 48,
757 HKF_STATUS_OK,
758 0,
759 NULL,
760 MRK_REVOKE,
761 "sisyphus.example.com",
762 NULL,
763 KEY_ED25519,
764 NULL, /* filled at runtime */
765 "ED25519 #4",
766 } },
767 { "ecdsa_4.pub" , -1, -1, HKF_MATCH_HOST, 0, 0, 0, -1, {
768 NULL,
769 49,
770 HKF_STATUS_OK,
771 0,
772 NULL,
773 MRK_CA,
774 "prometheus.example.com",
775 NULL,
776 KEY_ECDSA,
777 NULL, /* filled at runtime */
778 "ECDSA #4",
779 } },
780 { "dsa_4.pub" , -1, -1, HKF_MATCH_HOST, HKF_MATCH_HOST, 0, 0, -1, {
781 NULL,
782 50,
783 HKF_STATUS_OK,
784 0,
785 NULL,
786 MRK_CA,
787 "*.example.com",
788 NULL,
789 KEY_DSA,
790 NULL, /* filled at runtime */
791 "DSA #4",
792 } },
793 { NULL, -1, -1, 0, 0, 0, 0, -1, {
794 NULL,
795 51,
796 HKF_STATUS_COMMENT,
797 0,
798 "",
799 MRK_NONE,
800 NULL,
801 NULL,
802 KEY_UNSPEC,
803 NULL,
804 NULL,
805 } },
806 { NULL, -1, -1, 0, 0, 0, 0, -1, {
807 NULL,
808 52,
809 HKF_STATUS_COMMENT,
810 0,
811 "# Some invalid lines",
812 MRK_NONE,
813 NULL,
814 NULL,
815 KEY_UNSPEC,
816 NULL,
817 NULL,
818 } },
819 { NULL, -1, -1, 0, 0, 0, 0, -1, {
820 NULL,
821 53,
822 HKF_STATUS_INVALID,
823 0,
824 NULL,
825 MRK_ERROR,
826 NULL,
827 NULL,
828 KEY_UNSPEC,
829 NULL,
830 NULL,
831 } },
832 { NULL, -1, -1, 0, HKF_MATCH_HOST, 0, 0, -1, {
833 NULL,
834 54,
835 HKF_STATUS_INVALID,
836 0,
837 NULL,
838 MRK_NONE,
839 "sisyphus.example.com",
840 NULL,
841 KEY_UNSPEC,
842 NULL,
843 NULL,
844 } },
845 { NULL, -1, -1, HKF_MATCH_HOST, 0, 0, 0, -1, {
846 NULL,
847 55,
848 HKF_STATUS_INVALID,
849 0,
850 NULL,
851 MRK_NONE,
852 "prometheus.example.com",
853 NULL,
854 KEY_UNSPEC,
855 NULL,
856 NULL,
857 } },
858 { NULL, -1, -1, 0, HKF_MATCH_HOST, 0, 0, -1, {
859 NULL,
860 56,
861 HKF_STATUS_INVALID, /* Would be ok if key not parsed */
862 0,
863 NULL,
864 MRK_NONE,
865 "sisyphus.example.com",
866 NULL,
867 KEY_UNSPEC,
868 NULL,
869 NULL,
870 } },
871 { NULL, -1, -1, HKF_MATCH_HOST, 0, 0, 0, -1, {
872 NULL,
873 57,
874 HKF_STATUS_INVALID, /* Would be ok if key not parsed */
875 0,
876 NULL,
877 MRK_NONE,
878 "prometheus.example.com",
879 NULL,
880 KEY_UNSPEC,
881 NULL,
882 NULL,
883 } },
884 { NULL, HKF_STATUS_OK, KEY_RSA1, 0, HKF_MATCH_HOST, 0, 0, -1, {
885 NULL,
886 58,
887 HKF_STATUS_INVALID, /* Would be ok if key not parsed */
888 0,
889 NULL,
890 MRK_NONE,
891 "sisyphus.example.com",
892 NULL,
893 KEY_UNSPEC,
894 NULL,
895 NULL,
896 } },
897 { NULL, HKF_STATUS_OK, KEY_RSA1, HKF_MATCH_HOST, 0, 0, 0, -1, {
898 NULL,
899 59,
900 HKF_STATUS_INVALID, /* Would be ok if key not parsed */
901 0,
902 NULL,
903 MRK_NONE,
904 "prometheus.example.com",
905 NULL,
906 KEY_UNSPEC,
907 NULL, /* filled at runtime */
908 NULL,
909 } },
910 { NULL, -1, -1, 0, HKF_MATCH_HOST, 0, 0, -1, {
911 NULL,
912 60,
913 HKF_STATUS_INVALID,
914 0,
915 NULL,
916 MRK_NONE,
917 "sisyphus.example.com",
918 NULL,
919 KEY_UNSPEC,
920 NULL, /* filled at runtime */
921 NULL,
922 } },
923 { NULL, HKF_STATUS_OK, KEY_RSA, HKF_MATCH_HOST, 0, 0, 0, -1, {
924 NULL,
925 61,
926 HKF_STATUS_INVALID, /* Would be ok if key not parsed */
927 0,
928 NULL,
929 MRK_NONE,
930 "prometheus.example.com",
931 NULL,
932 KEY_UNSPEC,
933 NULL, /* filled at runtime */
934 NULL,
935 } },
936};
937
938void test_iterate(void);
939
940void
941test_iterate(void)
942{
943 struct cbctx ctx;
944
945 TEST_START("hostkeys_iterate all with key parse");
946 memset(&ctx, 0, sizeof(ctx));
947 ctx.expected = expected_full;
948 ctx.nexpected = sizeof(expected_full)/sizeof(*expected_full);
949 ctx.flags = HKF_WANT_PARSE_KEY;
950 prepare_expected(expected_full, ctx.nexpected);
951 ASSERT_INT_EQ(hostkeys_foreach(test_data_file("known_hosts"),
952 check, &ctx, NULL, NULL, ctx.flags), 0);
953 TEST_DONE();
954
955 TEST_START("hostkeys_iterate all without key parse");
956 memset(&ctx, 0, sizeof(ctx));
957 ctx.expected = expected_full;
958 ctx.nexpected = sizeof(expected_full)/sizeof(*expected_full);
959 ctx.flags = 0;
960 prepare_expected(expected_full, ctx.nexpected);
961 ASSERT_INT_EQ(hostkeys_foreach(test_data_file("known_hosts"),
962 check, &ctx, NULL, NULL, ctx.flags), 0);
963 TEST_DONE();
964
965 TEST_START("hostkeys_iterate specify host 1");
966 memset(&ctx, 0, sizeof(ctx));
967 ctx.expected = expected_full;
968 ctx.nexpected = sizeof(expected_full)/sizeof(*expected_full);
969 ctx.flags = 0;
970 ctx.match_host_p = 1;
971 prepare_expected(expected_full, ctx.nexpected);
972 ASSERT_INT_EQ(hostkeys_foreach(test_data_file("known_hosts"),
973 check, &ctx, "prometheus.example.com", NULL, ctx.flags), 0);
974 TEST_DONE();
975
976 TEST_START("hostkeys_iterate specify host 2");
977 memset(&ctx, 0, sizeof(ctx));
978 ctx.expected = expected_full;
979 ctx.nexpected = sizeof(expected_full)/sizeof(*expected_full);
980 ctx.flags = 0;
981 ctx.match_host_s = 1;
982 prepare_expected(expected_full, ctx.nexpected);
983 ASSERT_INT_EQ(hostkeys_foreach(test_data_file("known_hosts"),
984 check, &ctx, "sisyphus.example.com", NULL, ctx.flags), 0);
985 TEST_DONE();
986
987 TEST_START("hostkeys_iterate match host 1");
988 memset(&ctx, 0, sizeof(ctx));
989 ctx.expected = expected_full;
990 ctx.nexpected = sizeof(expected_full)/sizeof(*expected_full);
991 ctx.flags = HKF_WANT_MATCH;
992 ctx.match_host_p = 1;
993 prepare_expected(expected_full, ctx.nexpected);
994 ASSERT_INT_EQ(hostkeys_foreach(test_data_file("known_hosts"),
995 check, &ctx, "prometheus.example.com", NULL, ctx.flags), 0);
996 TEST_DONE();
997
998 TEST_START("hostkeys_iterate match host 2");
999 memset(&ctx, 0, sizeof(ctx));
1000 ctx.expected = expected_full;
1001 ctx.nexpected = sizeof(expected_full)/sizeof(*expected_full);
1002 ctx.flags = HKF_WANT_MATCH;
1003 ctx.match_host_s = 1;
1004 prepare_expected(expected_full, ctx.nexpected);
1005 ASSERT_INT_EQ(hostkeys_foreach(test_data_file("known_hosts"),
1006 check, &ctx, "sisyphus.example.com", NULL, ctx.flags), 0);
1007 TEST_DONE();
1008
1009 TEST_START("hostkeys_iterate specify host missing");
1010 memset(&ctx, 0, sizeof(ctx));
1011 ctx.expected = expected_full;
1012 ctx.nexpected = sizeof(expected_full)/sizeof(*expected_full);
1013 ctx.flags = 0;
1014 prepare_expected(expected_full, ctx.nexpected);
1015 ASSERT_INT_EQ(hostkeys_foreach(test_data_file("known_hosts"),
1016 check, &ctx, "actaeon.example.org", NULL, ctx.flags), 0);
1017 TEST_DONE();
1018
1019 TEST_START("hostkeys_iterate match host missing");
1020 memset(&ctx, 0, sizeof(ctx));
1021 ctx.expected = expected_full;
1022 ctx.nexpected = sizeof(expected_full)/sizeof(*expected_full);
1023 ctx.flags = HKF_WANT_MATCH;
1024 prepare_expected(expected_full, ctx.nexpected);
1025 ASSERT_INT_EQ(hostkeys_foreach(test_data_file("known_hosts"),
1026 check, &ctx, "actaeon.example.org", NULL, ctx.flags), 0);
1027 TEST_DONE();
1028
1029 TEST_START("hostkeys_iterate specify IPv4");
1030 memset(&ctx, 0, sizeof(ctx));
1031 ctx.expected = expected_full;
1032 ctx.nexpected = sizeof(expected_full)/sizeof(*expected_full);
1033 ctx.flags = 0;
1034 ctx.match_ipv4 = 1;
1035 prepare_expected(expected_full, ctx.nexpected);
1036 ASSERT_INT_EQ(hostkeys_foreach(test_data_file("known_hosts"),
1037 check, &ctx, "tiresias.example.org", "192.0.2.1", ctx.flags), 0);
1038 TEST_DONE();
1039
1040 TEST_START("hostkeys_iterate specify IPv6");
1041 memset(&ctx, 0, sizeof(ctx));
1042 ctx.expected = expected_full;
1043 ctx.nexpected = sizeof(expected_full)/sizeof(*expected_full);
1044 ctx.flags = 0;
1045 ctx.match_ipv6 = 1;
1046 prepare_expected(expected_full, ctx.nexpected);
1047 ASSERT_INT_EQ(hostkeys_foreach(test_data_file("known_hosts"),
1048 check, &ctx, "tiresias.example.org", "2001:db8::1", ctx.flags), 0);
1049 TEST_DONE();
1050
1051 TEST_START("hostkeys_iterate match IPv4");
1052 memset(&ctx, 0, sizeof(ctx));
1053 ctx.expected = expected_full;
1054 ctx.nexpected = sizeof(expected_full)/sizeof(*expected_full);
1055 ctx.flags = HKF_WANT_MATCH;
1056 ctx.match_ipv4 = 1;
1057 prepare_expected(expected_full, ctx.nexpected);
1058 ASSERT_INT_EQ(hostkeys_foreach(test_data_file("known_hosts"),
1059 check, &ctx, "tiresias.example.org", "192.0.2.1", ctx.flags), 0);
1060 TEST_DONE();
1061
1062 TEST_START("hostkeys_iterate match IPv6");
1063 memset(&ctx, 0, sizeof(ctx));
1064 ctx.expected = expected_full;
1065 ctx.nexpected = sizeof(expected_full)/sizeof(*expected_full);
1066 ctx.flags = HKF_WANT_MATCH;
1067 ctx.match_ipv6 = 1;
1068 prepare_expected(expected_full, ctx.nexpected);
1069 ASSERT_INT_EQ(hostkeys_foreach(test_data_file("known_hosts"),
1070 check, &ctx, "tiresias.example.org", "2001:db8::1", ctx.flags), 0);
1071 TEST_DONE();
1072
1073 TEST_START("hostkeys_iterate specify addr missing");
1074 memset(&ctx, 0, sizeof(ctx));
1075 ctx.expected = expected_full;
1076 ctx.nexpected = sizeof(expected_full)/sizeof(*expected_full);
1077 ctx.flags = 0;
1078 prepare_expected(expected_full, ctx.nexpected);
1079 ASSERT_INT_EQ(hostkeys_foreach(test_data_file("known_hosts"),
1080 check, &ctx, "tiresias.example.org", "192.168.0.1", ctx.flags), 0);
1081 TEST_DONE();
1082
1083 TEST_START("hostkeys_iterate match addr missing");
1084 memset(&ctx, 0, sizeof(ctx));
1085 ctx.expected = expected_full;
1086 ctx.nexpected = sizeof(expected_full)/sizeof(*expected_full);
1087 ctx.flags = HKF_WANT_MATCH;
1088 prepare_expected(expected_full, ctx.nexpected);
1089 ASSERT_INT_EQ(hostkeys_foreach(test_data_file("known_hosts"),
1090 check, &ctx, "tiresias.example.org", "::1", ctx.flags), 0);
1091 TEST_DONE();
1092
1093 TEST_START("hostkeys_iterate specify host 2 and IPv4");
1094 memset(&ctx, 0, sizeof(ctx));
1095 ctx.expected = expected_full;
1096 ctx.nexpected = sizeof(expected_full)/sizeof(*expected_full);
1097 ctx.flags = 0;
1098 ctx.match_host_s = 1;
1099 ctx.match_ipv4 = 1;
1100 prepare_expected(expected_full, ctx.nexpected);
1101 ASSERT_INT_EQ(hostkeys_foreach(test_data_file("known_hosts"),
1102 check, &ctx, "sisyphus.example.com", "192.0.2.1", ctx.flags), 0);
1103 TEST_DONE();
1104
1105 TEST_START("hostkeys_iterate match host 1 and IPv6");
1106 memset(&ctx, 0, sizeof(ctx));
1107 ctx.expected = expected_full;
1108 ctx.nexpected = sizeof(expected_full)/sizeof(*expected_full);
1109 ctx.flags = HKF_WANT_MATCH;
1110 ctx.match_host_p = 1;
1111 ctx.match_ipv6 = 1;
1112 prepare_expected(expected_full, ctx.nexpected);
1113 ASSERT_INT_EQ(hostkeys_foreach(test_data_file("known_hosts"),
1114 check, &ctx, "prometheus.example.com", "2001:db8::1", ctx.flags), 0);
1115 TEST_DONE();
1116
1117 TEST_START("hostkeys_iterate specify host 2 and IPv4 w/ key parse");
1118 memset(&ctx, 0, sizeof(ctx));
1119 ctx.expected = expected_full;
1120 ctx.nexpected = sizeof(expected_full)/sizeof(*expected_full);
1121 ctx.flags = HKF_WANT_PARSE_KEY;
1122 ctx.match_host_s = 1;
1123 ctx.match_ipv4 = 1;
1124 prepare_expected(expected_full, ctx.nexpected);
1125 ASSERT_INT_EQ(hostkeys_foreach(test_data_file("known_hosts"),
1126 check, &ctx, "sisyphus.example.com", "192.0.2.1", ctx.flags), 0);
1127 TEST_DONE();
1128
1129 TEST_START("hostkeys_iterate match host 1 and IPv6 w/ key parse");
1130 memset(&ctx, 0, sizeof(ctx));
1131 ctx.expected = expected_full;
1132 ctx.nexpected = sizeof(expected_full)/sizeof(*expected_full);
1133 ctx.flags = HKF_WANT_MATCH|HKF_WANT_PARSE_KEY;
1134 ctx.match_host_p = 1;
1135 ctx.match_ipv6 = 1;
1136 prepare_expected(expected_full, ctx.nexpected);
1137 ASSERT_INT_EQ(hostkeys_foreach(test_data_file("known_hosts"),
1138 check, &ctx, "prometheus.example.com", "2001:db8::1", ctx.flags), 0);
1139 TEST_DONE();
1140}
1141
generated by cgit v1.2.3 (git 2.39.1) at 2024-09-02 05:16:15 +0000