diff options
author | Daniel Baumann <daniel.baumann@progress-linux.org> | 2024-04-15 17:07:52 +0000 |
---|---|---|
committer | Daniel Baumann <daniel.baumann@progress-linux.org> | 2024-04-15 17:07:52 +0000 |
commit | f0f453c916e279980df981c1e1dee0d167dc124e (patch) | |
tree | d09973c9f173820ade2dc814467d3e57df8a042d /test/test_build_struct.py | |
parent | Initial commit. (diff) | |
download | ssh-audit-f0f453c916e279980df981c1e1dee0d167dc124e.tar.xz ssh-audit-f0f453c916e279980df981c1e1dee0d167dc124e.zip |
Adding upstream version 3.1.0.upstream/3.1.0upstream
Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
Diffstat (limited to 'test/test_build_struct.py')
-rw-r--r-- | test/test_build_struct.py | 44 |
1 files changed, 44 insertions, 0 deletions
diff --git a/test/test_build_struct.py b/test/test_build_struct.py new file mode 100644 index 0000000..e16baac --- /dev/null +++ b/test/test_build_struct.py @@ -0,0 +1,44 @@ +import os +import pytest + +from ssh_audit.outputbuffer import OutputBuffer +from ssh_audit.ssh2_kex import SSH2_Kex +from ssh_audit.ssh2_kexparty import SSH2_KexParty + + +@pytest.fixture +def kex(ssh_audit): + kex_algs, key_algs = [], [] + enc, mac, compression, languages = [], [], ['none'], [] + cli = SSH2_KexParty(enc, mac, compression, languages) + enc, mac, compression, languages = [], [], ['none'], [] + srv = SSH2_KexParty(enc, mac, compression, languages) + cookie = os.urandom(16) + kex = SSH2_Kex(OutputBuffer, cookie, kex_algs, key_algs, cli, srv, 0) + return kex + + +def test_prevent_runtime_error_regression(ssh_audit, kex): + """Prevent a regression of https://github.com/jtesta/ssh-audit/issues/41 + + The following test setup does not contain any sensible data. + It was made up to reproduce a situation when there are several host + keys, and an error occurred when iterating and modifying them at the + same time. + """ + kex.set_host_key("ssh-rsa", b"\x00\x00\x00\x07ssh-rsa\x00\x00\x00", 1024, '', 0) + kex.set_host_key("ssh-rsa1", b"\x00\x00\x00\x07ssh-rsa\x00\x00\x00", 1024, '', 0) + kex.set_host_key("ssh-rsa2", b"\x00\x00\x00\x07ssh-rsa\x00\x00\x00", 1024, '', 0) + kex.set_host_key("ssh-rsa3", b"\x00\x00\x00\x07ssh-rsa\x00\x00\x00", 1024, '', 0) + kex.set_host_key("ssh-rsa4", b"\x00\x00\x00\x07ssh-rsa\x00\x00\x00", 1024, '', 0) + kex.set_host_key("ssh-rsa5", b"\x00\x00\x00\x07ssh-rsa\x00\x00\x00", 1024, '', 0) + kex.set_host_key("ssh-rsa6", b"\x00\x00\x00\x07ssh-rsa\x00\x00\x00", 1024, '', 0) + kex.set_host_key("ssh-rsa7", b"\x00\x00\x00\x07ssh-rsa\x00\x00\x00", 1024, '', 0) + kex.set_host_key("ssh-rsa8", b"\x00\x00\x00\x07ssh-rsa\x00\x00\x00", 1024, '', 0) + + rv = ssh_audit.build_struct('localhost', None, [], kex=kex) + + assert len(rv["fingerprints"]) == (9 * 2) # Each host key generates two hash fingerprints: one using SHA256, and one using MD5. + + for key in ['banner', 'compression', 'enc', 'fingerprints', 'kex', 'key', 'mac']: + assert key in rv |