Commit Graph

81 Commits

Author SHA1 Message Date
max.mehl
ad9bc5976d
copyright: make repository REUSE compliant
Add licensing and copyright information for all files in this repository. This
either happens in the file itself as a comment header or in the file
`.reuse/dep5`.

This commit also adds a Github workflow to check pull requests and adapts
copyright.pl to the changes.

Closes #8869
2022-06-13 09:13:00 +02:00
Mats Lindestam
d1e7d9197b
libssh2: add SHA256 fingerprint support
Added support for SHA256 fingerprint in command line curl and in
libcurl.

Closes #7646
2021-09-26 23:20:53 +02:00
Kamil Dudka
ab78d2c679 tests/sshserver.pl: make it work with openssh-8.7p1
... by not using options with no argument where an argument is required:

=== Start of file tests/log/ssh_server.log
curl_sshd_config line 6: no argument after keyword "DenyGroups"
curl_sshd_config line 7: no argument after keyword "AllowGroups"
curl_sshd_config line 10: Deprecated option AuthorizedKeysFile2
curl_sshd_config line 29: Deprecated option KeyRegenerationInterval
curl_sshd_config line 39: Deprecated option RhostsRSAAuthentication
curl_sshd_config line 40: Deprecated option RSAAuthentication
curl_sshd_config line 41: Deprecated option ServerKeyBits
curl_sshd_config line 45: Deprecated option UseLogin
curl_sshd_config line 56: no argument after keyword "AcceptEnv"
curl_sshd_config: terminating, 3 bad configuration options
=== End of file tests/log/ssh_server.log

=== Start of file log/sftp_server.log
curl_sftp_config line 33: Unsupported option "rhostsrsaauthentication"
curl_sftp_config line 34: Unsupported option "rsaauthentication"
curl_sftp_config line 52: no argument after keyword "sendenv"
curl_sftp_config: terminating, 1 bad configuration options
Connection closed.
Connection closed
=== End of file log/sftp_server.log

Closes #7724
2021-09-16 08:37:25 +02:00
Daniel Stenberg
d9b2d1d90f
copyrights: update copyright year ranges 2021-09-08 09:36:49 +02:00
Marc Hoersken
5b1c2dd1db
tests/*server.pl: flush output before executing subprocess
Also avoid shell processes staying around by using exec.
This is necessary to avoid output data being buffering
inside the process chain of Perl, Bash/Shell and our
test server binaries. On non-Windows systems the exec
will also make the subprocess replace the intermediate
shell, but on Windows it will at least bind the processes
together since there is no real fork or exec available.

See: https://cygwin.com/cygwin-ug-net/highlights.html
and: https://docs.microsoft.com/cpp/c-runtime-library/exec-wexec-functions
Ref: https://github.com/curl/curl/pull/7530#issuecomment-900949010

Reviewed-by: Daniel Stenberg
Reviewed-by: Jay Satiro
Closes #7530
2021-08-18 20:59:36 +02:00
Daniel Stenberg
4d2f800677
curl.se: new home
Closes #6172
2020-11-04 23:59:47 +01:00
Marc Hoersken
3ee7c676ec
tests/sshserver.pl: fix compatibility with OpenSSH for Windows
Follow up to #5721
2020-07-31 18:56:50 +02:00
Viktor Szakats
308c243db5
all: fix codespell errors
Reviewed-by: Jay Satiro
Reviewed-by: Daniel Stenberg
Closes https://github.com/curl/curl/pull/5452
2020-05-25 19:44:04 +00:00
Marc Hoersken
c1951cdb38
tests: use Cygwin/msys PIDs for stunnel and sshd on Windows
Since the Windows versions of both programs would write Windows
PIDs to their pidfiles which we cannot handle, we need to use
our known perl.exe Cygwin/msys PID together with exec() in order
to tie the spawned processes to the existance of our perl.exe

The perl.exe that is executing secureserver.pl and sshserver.pl
has a Cygwin/msys PID, because it is started inside Cygwin/msys.

Related to #5188
2020-04-11 23:46:15 +02:00
Marc Hoersken
8c92f7e82f
sshserver.pl: use cached Win32 environment check variable 2020-04-10 21:03:24 +02:00
Daniel Stenberg
9a8b3b3e13
copyright: fix out-of-date copyright ranges and missing headers
Reported by the new script 'scripts/copyright.pl'. The script has a
regex whitelist for the files that don't need copyright headers.

Removed three (mostly usesless) README files from docs/

Closes #5141
2020-03-24 15:05:59 +01:00
Jay Satiro
09aa807240 libssh: Fix matching user-specified MD5 hex key
Prior to this change a match would never be successful because it
was mistakenly coded to compare binary data from libssh to a
user-specified hex string (ie CURLOPT_SSH_HOST_PUBLIC_KEY_MD5).

Reported-by: fds242@users.noreply.github.com

Fixes https://github.com/curl/curl/issues/4971
Closes https://github.com/curl/curl/pull/4974
2020-03-07 03:06:11 -05:00
Marc Hoersken
213c5aca7b tests: fix permissions of ssh keys in WSL
Keys created on Windows Subsystem for Linux (WSL) require it for some
reason.

(This is one of several commits to support use of WSL for the tests.)

Ref: https://github.com/curl/curl/pull/3899
2019-12-09 19:32:35 -05:00
Marc Hoersken
081d374f49 tests: add support to test against OpenSSH for Windows
Testing against OpenSSH for Windows requires v7.7.0.0 or newer
due to the use of AllowUsers and DenyUsers. For more info see:
https://github.com/PowerShell/Win32-OpenSSH/wiki/sshd_config
2019-05-22 19:54:05 +02:00
Daniel Stenberg
54c784556e
test: make tests and test scripts use socksd for SOCKS
Make all SOCKS tests use socksd instead of ssh.
2019-04-13 11:21:53 +02:00
klemens
f7df67cff0 spelling fixes
Closes #1356
2017-03-26 23:56:23 +02:00
Karlson2k
4c5d5e5e55 tests: Use 'pathhelp' for paths conversions in sshserver.pl 2016-04-29 23:42:55 +02:00
Karlson2k
e32644851a sshserver.pl: use quotes for given options
Fixed failed redirection of stderr with some options. At least on Msys2,
perl fails to redirect stderr if $value contains newline or other weird
characters.
2016-03-26 23:34:55 +01:00
Daniel Stenberg
d5e7f50e63 Revert "sshserver: remove use of AuthorizedKeysFile2"
It seems we may have some autobuild problems after this commit went
in. Trying to see if a revert helps to get them back.

This reverts commit 2716350d1f.
2016-03-22 10:43:55 +01:00
Daniel Stenberg
2716350d1f sshserver: remove use of AuthorizedKeysFile2
Support for the (undocumented) AuthorizedKeysFile2 was removed in
OpenSSH 5.9, released in September 2011

Closes #715
2016-03-21 00:53:02 +01:00
Kamil Dudka
effa575fc7 tests/sshserver.pl: use RSA instead of DSA for host auth
DSA is no longer supported by OpenSSH 7.0, which causes all SCP/SFTP
test cases to be skipped.  Using RSA for host authentication works with
both old and new versions of OpenSSH.

Reported-by: Karlson2k

Closes #676
2016-02-23 11:55:18 +01:00
Daniel Stenberg
4af40b3646 URLs: change all http:// URLs to https:// 2016-02-03 00:19:02 +01:00
Marc Hoersken
003dd2e7de sshserver.pl: clarify and streamline variable names 2014-12-22 00:30:02 +01:00
Marc Hoersken
ed68159d19 tests: use Cygwin-style paths in SSH, SSHD and SFTP config files
Second patch to enable Windows support using Cygwin-based OpenSSH.

Tested with CopSSH 5.0.0 free edition using an msys shell on Windows 7.
2014-12-21 03:52:37 +01:00
Marc Hoersken
0114889456 tests: support spaces in paths to SSH, SSHD and SFTP binaries
First patch to enable Windows support using Cygwin-based OpenSSH.
2014-12-21 03:52:36 +01:00
Daniel Stenberg
1498a0073e sshserver: disable StrictHostKeyChecking
I couldn't figure out why the host key logic isn't working, but having
it set to yes prevents my SSH-based test cases to run. I also don't see
a strong need to use strict host key checking on this test server.

So I disabled it.
2013-04-25 23:40:31 +02:00
Yang Tse
437848d754 test harness: fix detection of test harness client knownhosts file
Regenerate curl's tests client knownhosts file also when, somehow,
this file is empty.
2011-08-31 19:59:26 +02:00
Yang Tse
38fff918f9 test harness: fix detection of test harness host and client key files
Regenerate curl's tests host and client key files also when, somehow,
any of these files are empty.
2011-08-31 18:16:14 +02:00
Daniel Stenberg
be28825b2d restore executable bits on some files 2010-03-24 11:07:35 +01:00
Daniel Stenberg
2309b4e330 remove the CVSish $Id$ lines 2010-03-24 11:02:54 +01:00
Yang Tse
ada2774ab2 Start using the centralized pidfile and logfile name generation
subroutines for ssh and socks test suite servers.
2010-01-15 18:55:01 +00:00
Yang Tse
532d4b5106 SunSSH sshd ignores UsePrivilegeSeparation option 2008-04-04 14:47:32 +00:00
Yang Tse
5788719988 SunSSH 1.2 options sync 2008-04-04 14:08:36 +00:00
Yang Tse
8f9e0357dd Additional SunSSH 1.1 ssh server options 2008-02-11 14:28:48 +00:00
Yang Tse
405e192b8c Get rid of sftp subsystem additional parameters, they aren't widely supported 2008-02-08 17:32:58 +00:00
Yang Tse
1a340de0e5 To verify that the sftp server is actually running, responsive and that
all curl's tests generated configuration and key files are fine, a real
connection is established to the test harness sftp server authenticating
and running a simple sftp remote pwd command.

The verification is done using OpenSSH's or SunSSH's sftp client tool with
a configuration file with the same options as the test harness socks server
with the exception that dynamic forwarding is not used for sftp.
2008-02-08 13:54:02 +00:00
Yang Tse
03bbf4de48 When possible, use additional config options for test harness ssh server,
which are deprecated in recent OpenSSH versions but are current for SunSSH.
2008-01-31 16:37:16 +00:00
Yang Tse
8fca5c2e69 Dont rely on PAMAuthenticationViaKbdInt default being 'no' 2008-01-27 02:35:20 +00:00
Yang Tse
e9490fdbd9 Also disable GSSAPIAuthentication for the test harness ssh client 2008-01-20 04:05:25 +00:00
Yang Tse
5004529685 Remove hardcoded verbosity 2008-01-12 04:32:03 +00:00
Yang Tse
14ff7e75e0 Temporary change to help debugging SSH server verification failures 2008-01-10 16:19:14 +00:00
Yang Tse
1c0a19ad53 Remove increased loglevel intended to debug autobuild's publickey
authentication failures when using OpenSSH 2.9.9 or SunSSH.

Verified fact: Even when only using publickey authentication,
OpenSSH and SunSSH first validate the user, this implies that
if the user validation fails, 'invalid user', the publickey
authentication will not be allowed to complete.
2008-01-08 19:18:25 +00:00
Yang Tse
34d02d1969 Increase loglevel to debug autobuild's publickey authentication
failures when using OpenSSH 2.9.9 or SunSSH
2008-01-08 00:40:02 +00:00
Yang Tse
9c6533d287 Increase MaxAuthTries from 0 to 10. Using a value of 0 is too restrictive 2008-01-06 02:02:55 +00:00
Yang Tse
61a2d5ea75 'ControlPath' ssh client configuration file option requires OpenSSH 4.2 or
later to accept 'none' as an indication to disable connection multiplexing
2008-01-04 14:12:10 +00:00
Yang Tse
c479c64333 SunSSH 1.1 ssh client does not support config file options:
ConnectTimeout
 ForwardX11Trusted
 HashKnownHosts
 RekeyLimit
 ServerAliveCountMax
 ServerAliveInterval
2008-01-04 13:24:17 +00:00
Yang Tse
f5da1e5484 'LocalCommand' no longer used for ssh client config file. When used it
requires a non blank argument.
2008-01-04 03:04:30 +00:00
Yang Tse
fd8d862c37 Modify test harness so that the minimum SSH version required to run
SCP, SFTP and SOCKS4 tests is now OpenSSH 2.9.9 or SunSSH 1.0

For SOCKS5 tests minimum versions are OpenSSH 3.7 or SunSSH 1.0
2008-01-03 20:48:22 +00:00
Dan Fandrich
9cd30c2012 Use getcwd() to get the directory, which works even if one of the directory
components doesn't have read permission set.
2007-12-22 18:25:43 +00:00
Yang Tse
cf806748ec To allow remote log inspection avoid redirecting messages to stderr.
Cleanup some debugging messages. Unlink log file on exit.
2007-11-28 01:46:28 +00:00