diff --git a/.github/workflows/os-check.yml b/.github/workflows/os-check.yml index fb70e26ca..aa745135c 100644 --- a/.github/workflows/os-check.yml +++ b/.github/workflows/os-check.yml @@ -11,12 +11,27 @@ concurrency: cancel-in-progress: true jobs: + create_matrix: + runs-on: ubuntu-latest + outputs: + versions: ${{ steps.json.outputs.versions }} + steps: + - name: Create wolfSSL version matrix + id: json + run: | + current=`curl -s https://api.github.com/repos/wolfssl/wolfssl/releases | grep tag_name | cut -d : -f 2,3 | tr -d \" | tr -d , | tr -d ' ' | head -1` + last=`curl -s https://api.github.com/repos/wolfssl/wolfssl/releases | grep tag_name | cut -d : -f 2,3 | tr -d \" | tr -d , | tr -d ' ' | head -2 | tail -1` + VERSIONS=$(echo "[ \"master\", \"$current\", \"$last\" ]") + echo "wolfSSL versions found: $VERSIONS" + echo "versions=$VERSIONS" >> $GITHUB_OUTPUT + build_wolfssl: + needs: create_matrix strategy: fail-fast: false matrix: os: [ ubuntu-latest, macos-latest ] - wolfssl: [ v5.7.2-stable, master ] + wolfssl: ${{ fromJson(needs.create_matrix.outputs['versions']) }} name: Build wolfssl runs-on: ${{ matrix.os }} timeout-minutes: 4 @@ -29,6 +44,9 @@ jobs: key: wolfssh-os-check-wolfssl-${{ matrix.wolfssl }}-${{ matrix.os }} lookup-only: true + - name: debug + run: echo wolfssl version ${{ matrix.wolfssl }} + - name: Checkout, build, and install wolfssl if: steps.cache-wolfssl.outputs.cache-hit != 'true' uses: wolfSSL/actions-build-autotools-project@v1 @@ -41,11 +59,14 @@ jobs: install: true build_wolfssh: + needs: + - build_wolfssl + - create_matrix strategy: fail-fast: false matrix: os: [ ubuntu-latest, macos-latest ] - wolfssl: [ v5.7.2-stable, master ] + wolfssl: ${{ fromJson(needs.create_matrix.outputs['versions']) }} config: [ '', '--enable-all', @@ -56,7 +77,6 @@ jobs: name: Build wolfssh runs-on: ${{ matrix.os }} timeout-minutes: 4 - needs: build_wolfssl steps: - name: Checking cache for wolfssl uses: actions/cache@v4 diff --git a/.github/workflows/sshd-test.yml b/.github/workflows/sshd-test.yml index 53330bdc1..a58db6ab3 100644 --- a/.github/workflows/sshd-test.yml +++ b/.github/workflows/sshd-test.yml @@ -11,12 +11,27 @@ concurrency: cancel-in-progress: true jobs: + create_matrix: + runs-on: ubuntu-latest + outputs: + versions: ${{ steps.json.outputs.versions }} + steps: + - name: Create wolfSSL version matrix + id: json + run: | + current=`curl -s https://api.github.com/repos/wolfssl/wolfssl/releases | grep tag_name | cut -d : -f 2,3 | tr -d \" | tr -d , | tr -d ' ' | head -1` + last=`curl -s https://api.github.com/repos/wolfssl/wolfssl/releases | grep tag_name | cut -d : -f 2,3 | tr -d \" | tr -d , | tr -d ' ' | head -2 | tail -1` + VERSIONS=$(echo "[ \"master\", \"$current\", \"$last\" ]") + echo "wolfSSL versions found: $VERSIONS" + echo "versions=$VERSIONS" >> $GITHUB_OUTPUT + build_wolfssl: + needs: create_matrix strategy: fail-fast: false matrix: os: [ ubuntu-latest ] - wolfssl: [ v5.7.2-stable ] + wolfssl: ${{ fromJson(needs.create_matrix.outputs['versions']) }} name: Build wolfssl runs-on: ${{ matrix.os }} timeout-minutes: 4 @@ -41,15 +56,17 @@ jobs: install: true build_wolfssh: + needs: + - build_wolfssl + - create_matrix strategy: fail-fast: false matrix: os: [ ubuntu-latest ] - wolfssl: [ v5.7.2-stable ] + wolfssl: ${{ fromJson(needs.create_matrix.outputs['versions']) }} name: Build and test wolfsshd runs-on: ${{ matrix.os }} timeout-minutes: 10 - needs: build_wolfssl steps: - name: Checking cache for wolfssl uses: actions/cache@v4 @@ -58,14 +75,25 @@ jobs: key: wolfssh-sshd-wolfssl-${{ matrix.wolfssl }}-${{ matrix.os }} fail-on-cache-miss: true - - name: Checkout and build wolfsshd - uses: wolfSSL/actions-build-autotools-project@v1 + - uses: actions/checkout@v4 with: - repository: wolfssl/wolfssh - path: wolfssh - configure: --enable-debug --enable-all LDFLAGS="-L${{ github.workspace }}/build-dir/lib" CPPFLAGS="-I${{ github.workspace }}/build-dir/include -DWOLFSSH_NO_FPKI -DWOLFSSH_NO_SFTP_TIMEOUT -DWOLFSSH_MAX_SFTP_RW=4000000" - check: true + path: wolfssh/ + + - name: autogen + working-directory: ./wolfssh/ + run: ./autogen.sh + + - name: configure + working-directory: ./wolfssh/ + run : | + ./configure --enable-all LDFLAGS="-L${{ github.workspace }}/build-dir/lib" CPPFLAGS="-I${{ github.workspace }}/build-dir/include -DWOLFSSH_NO_FPKI -DWOLFSSH_NO_SFTP_TIMEOUT -DWOLFSSH_MAX_SFTP_RW=4000000 -DMAX_PATH_SZ=120" + + - name: make check + working-directory: ./wolfssh/ + run: make check - name: Run wolfSSHd tests - working-directory: wolfssh/apps/wolfsshd/test - run: sudo ./run_all_sshd_tests.sh root + working-directory: ./wolfssh/apps/wolfsshd/test + run: | + git log -3 + sudo ./run_all_sshd_tests.sh diff --git a/apps/wolfsshd/test/sshd_forcedcmd_test.sh b/apps/wolfsshd/test/sshd_forcedcmd_test.sh index ce332e2c7..a5c268a9f 100755 --- a/apps/wolfsshd/test/sshd_forcedcmd_test.sh +++ b/apps/wolfsshd/test/sshd_forcedcmd_test.sh @@ -37,8 +37,9 @@ TEST_SFTP="./examples/sftpclient/wolfsftp" PRIVATE_KEY="./keys/hansel-key-ecc.der" PUBLIC_KEY="./keys/hansel-key-ecc.pub" -RESULT=`$TEST_CLIENT -c 'echo bob' -u $USER -i $PRIVATE_KEY -j $PUBLIC_KEY -h $TEST_HOST -p $TEST_PORT` -cat $RESULT | grep bob +RESULT=$( $TEST_CLIENT -c 'echo bob' -u $USER -i $PRIVATE_KEY -j $PUBLIC_KEY -h $TEST_HOST -p $TEST_PORT ) +echo $RESULT +echo $RESULT | grep bob RESULT=$? if [ "$RESULT" == 0 ]; then echo "Shell login should fail with forced command" diff --git a/apps/wolfsshd/test/sshd_term_size_test.sh b/apps/wolfsshd/test/sshd_term_size_test.sh index 0a25fad54..b48ad5e6a 100755 --- a/apps/wolfsshd/test/sshd_term_size_test.sh +++ b/apps/wolfsshd/test/sshd_term_size_test.sh @@ -15,21 +15,36 @@ if [ -z "$1" ] || [ -z "$2" ]; then exit 1 fi -set -e +# Check if tmux is available +which tmux +RESULT=$? +if [ ${RESULT} = 1 ]; then + echo "tmux is not installed!!" + exit 1 +fi + echo "Creating tmux session at $PWD with command :" -tmux new-session -d -s test "$TEST_CLIENT -t -u $USER -i $PRIVATE_KEY -j $PUBLIC_KEY -h \"$1\" -p \"$2\"" +echo "tmux new-session -d -s test \"$TEST_CLIENT -q -t -u $USER -i $PRIVATE_KEY -j $PUBLIC_KEY -h \"$1\" -p \"$2\"\"" +tmux new-session -d -s test "$TEST_CLIENT -q -t -u $USER -i $PRIVATE_KEY -j $PUBLIC_KEY -h \"$1\" -p \"$2\"" +echo "Result of tmux new-session = $?" # give the command a second to establish SSH connection -sleep 0.5 +sleep 1 COL=`tmux display -p -t test '#{pane_width}'` ROW=`tmux display -p -t test '#{pane_height}'` +echo "tmux 'test' session has COL = ${COL} and ROW = ${ROW}" # get the terminals columns and lines tmux send-keys -t test 'echo;echo $COLUMNS $LINES;echo' tmux send-keys -t test 'ENTER' + +# give the command a second to run +sleep 1 + tmux capture-pane -t test RESULT=$(tmux show-buffer | grep '^[0-9]* [0-9]*$') +tmux show-buffer echo "$RESULT" echo "" @@ -55,25 +70,32 @@ fi # close down the SSH session tmux send-keys -t test 'exit' tmux send-keys -t test 'ENTER' -set +e # kill off the session if it's still running, but don't error out if the session # has already closed down tmux kill-session -t test set -e -tmux new-session -d -x 50 -y 10 -s test "$TEST_CLIENT -t -u $USER -i $PRIVATE_KEY -j $PUBLIC_KEY -h \"$1\" -p \"$2\"" +echo "Starting another session with a smaller window size" +echo "tmux new-session -d -x 50 -y 10 -s test \"$TEST_CLIENT -q -t -u $USER -i $PRIVATE_KEY -j $PUBLIC_KEY -h \"$1\" -p \"$2\"\"" +tmux new-session -d -x 50 -y 10 -s test "$TEST_CLIENT -q -t -u $USER -i $PRIVATE_KEY -j $PUBLIC_KEY -h \"$1\" -p \"$2\"" # give the command a second to establish SSH connection -sleep 0.5 +sleep 1 +echo "Sending keys to tmux session for displaying column/rows" tmux send-keys -t test 'echo;echo $COLUMNS $LINES;echo' tmux send-keys -t test 'ENTER' tmux capture-pane -t test RESULT=$(tmux show-buffer | grep '^[0-9]* [0-9]*$') -ROW_FOUND=$(echo "$RESULT" | sed -e 's/[0-9]* \([0-9]*\)/\1/') -COL_FOUND=$(echo "$RESULT" | sed -e 's/\([0-9]*\) [0-9]*/\1/') +ROW_FOUND=$( echo "$RESULT" | sed -e 's/[0-9]* \([0-9]*\)/\1/' ) +COL_FOUND=$( echo "$RESULT" | sed -e 's/\([0-9]*\) [0-9]*/\1/' ) + +#remove any newlines, tabs, or returns +ROW_FOUND=$( tr -d '\n\t\r ' <<<"$ROW_FOUND" ) +COL_FOUND=$( tr -d '\n\t\r ' <<<"$COL_FOUND" ) + if [ "50" != "$COL_FOUND" ]; then echo "Col found was $COL_FOUND which does not match expected 50" diff --git a/apps/wolfsshd/test/sshd_window_full_test.sh b/apps/wolfsshd/test/sshd_window_full_test.sh index 3262c2ecb..dd915d7a6 100755 --- a/apps/wolfsshd/test/sshd_window_full_test.sh +++ b/apps/wolfsshd/test/sshd_window_full_test.sh @@ -42,7 +42,11 @@ PUBLIC_KEY="./keys/hansel-key-ecc.pub" head -c 1G /dev/urandom > random-test.txt PWD=`pwd` -$TEST_CLIENT -c "cd $PWD; $TEST_CLIENT -c \"cat $PWD/random-test.txt\" -u $USER -i $PRIVATE_KEY -j $PUBLIC_KEY -h $TEST_HOST -p $TEST_PORT" -u $USER -i $PRIVATE_KEY -j $PUBLIC_KEY -h $TEST_HOST -p $TEST_PORT > random-test-result.txt +echo "$TEST_CLIENT -q -c \"cd $PWD; $TEST_CLIENT -q -c \"cat $PWD/random-test.txt\" -u $USER -i $PRIVATE_KEY -j $PUBLIC_KEY -h $TEST_HOST -p $TEST_PORT\" -u $USER -i $PRIVATE_KEY -j $PUBLIC_KEY -h $TEST_HOST -p $TEST_PORT > random-test-result.txt" + +$TEST_CLIENT -q -c "cd $PWD; $TEST_CLIENT -q -c \"cat $PWD/random-test.txt\" -u $USER -i $PRIVATE_KEY -j $PUBLIC_KEY -h $TEST_HOST -p $TEST_PORT" -u $USER -i $PRIVATE_KEY -j $PUBLIC_KEY -h $TEST_HOST -p $TEST_PORT > random-test-result.txt + +ls -la random-test* diff random-test.txt random-test-result.txt RESULT=$? diff --git a/apps/wolfsshd/test/sshd_x509_test.sh b/apps/wolfsshd/test/sshd_x509_test.sh index 26850fea3..d52b03c24 100755 --- a/apps/wolfsshd/test/sshd_x509_test.sh +++ b/apps/wolfsshd/test/sshd_x509_test.sh @@ -17,13 +17,13 @@ PUBLIC_KEY="./keys/$3-cert.der" CA_CERT="./keys/ca-cert-ecc.der" set -e -echo "$TEST_CLIENT -c 'pwd' -u $3 -i $PRIVATE_KEY -J $PUBLIC_KEY -A $CA_CERT -h \"$1\" -p \"$2\"" -$TEST_CLIENT -c 'pwd' -u $3 -i "$PRIVATE_KEY" -J "$PUBLIC_KEY" -A "$CA_CERT" -h "$1" -p "$2" +echo "$TEST_CLIENT -X -c 'pwd' -u $3 -i $PRIVATE_KEY -J $PUBLIC_KEY -A $CA_CERT -h \"$1\" -p \"$2\"" +$TEST_CLIENT -X -c 'pwd' -u $3 -i "$PRIVATE_KEY" -J "$PUBLIC_KEY" -A "$CA_CERT" -h "$1" -p "$2" set +e rm -f error.txt -echo "$TEST_CLIENT -c 'ls error' -u $3 -i $PRIVATE_KEY -J $PUBLIC_KEY -A $CA_CERT -h \"$1\" -p \"$2\" 2> error.txt" -$TEST_CLIENT -c 'ls error' -u $3 -i "$PRIVATE_KEY" -J "$PUBLIC_KEY" -A "$CA_CERT" -h "$1" -p "$2" 2> error.txt +echo "$TEST_CLIENT -X -c 'ls error' -u $3 -i $PRIVATE_KEY -J $PUBLIC_KEY -A $CA_CERT -h \"$1\" -p \"$2\" 2> error.txt" +$TEST_CLIENT -X -c 'ls error' -u $3 -i "$PRIVATE_KEY" -J "$PUBLIC_KEY" -A "$CA_CERT" -h "$1" -p "$2" 2> error.txt # check stderr output was caught if [ ! -s error.txt ]; then @@ -36,4 +36,3 @@ rm -f error.txt cd $PWD exit 0 - diff --git a/examples/client/client.c b/examples/client/client.c index c6c7ff0b4..c6cde31bc 100644 --- a/examples/client/client.c +++ b/examples/client/client.c @@ -120,6 +120,7 @@ static void ShowUsage(void) #endif printf(" -E List all possible algos\n"); printf(" -k set the list of key algos to use\n"); + printf(" -q turn off debugging output\n"); } @@ -658,7 +659,7 @@ THREAD_RETURN WOLFSSH_THREAD client_test(void* args) (void)keepOpen; - while ((ch = mygetopt(argc, argv, "?ac:h:i:j:p:tu:xzNP:RJ:A:XeEk:")) != -1) { + while ((ch = mygetopt(argc, argv, "?ac:h:i:j:p:tu:xzNP:RJ:A:XeEk:q")) != -1) { switch (ch) { case 'h': host = myoptarg; @@ -671,6 +672,10 @@ THREAD_RETURN WOLFSSH_THREAD client_test(void* args) #endif break; + case 'q': + wolfSSH_Debugging_OFF(); + break; + case 'e': userEcc = 1; break; diff --git a/src/internal.c b/src/internal.c index b2be0cd94..4e407c2fc 100644 --- a/src/internal.c +++ b/src/internal.c @@ -14047,7 +14047,6 @@ int SendUserAuthRequest(WOLFSSH* ssh, byte authType, int addSig) payloadSz = MSG_ID_SZ + (LENGTH_SZ * 3) + ssh->userNameSz + serviceNameSz + authNameSz; - if (authId == ID_USERAUTH_PASSWORD) ret = PrepareUserAuthRequestPassword(ssh, &payloadSz, &authData); else if (authId == ID_USERAUTH_PUBLICKEY && !ssh->userAuthPkDone) {