--- lbbs/src/test_ssh_server.c 2025/06/05 05:24:56 1.4 +++ lbbs/src/test_ssh_server.c 2025/12/18 07:58:23 1.18 @@ -1,17 +1,34 @@ +/* SPDX-License-Identifier: GPL-3.0-or-later */ +/* + * test_ssh_server + * - tester for network server with SSH support + * + * Copyright (C) 2004-2025 Leaflet + */ + +// This test was written based on libssh example/proxy.c + +#ifdef HAVE_CONFIG_H +#include "config.h" +#endif + #include "log.h" #include +#include #include #include -#include -#ifndef BUF_SIZE -#define BUF_SIZE 2048 -#endif +enum test_ssh_server_constant_t +{ + BUF_SIZE = 2048, +}; -#define SSH_HOST_KEYFILE "../conf/ssh_host_rsa_key" +static const char SSH_HOST_RSA_KEY_FILE[] = "../conf/ssh_host_rsa_key"; +static const char SSH_HOST_ED25519_KEY_FILE[] = "../conf/ssh_host_ed25519_key"; +static const char SSH_HOST_ECDSA_KEY_FILE[] = "../conf/ssh_host_ecdsa_key"; -#define USER "test" -#define PASSWORD "123456" +static const char USER[] = "test"; +static const char PASSWORD[] = "123456"; static ssh_channel SSH_channel; static int authenticated = 0; @@ -69,7 +86,7 @@ struct ssh_channel_callbacks_struct chan .channel_pty_request_function = pty_request, .channel_shell_request_function = shell_request}; -static ssh_channel new_session_channel(ssh_session session, void *userdata) +static ssh_channel channel_open(ssh_session session, void *userdata) { (void)session; (void)userdata; @@ -94,21 +111,56 @@ int ssh_server(const char *hostaddr, uns struct ssh_server_callbacks_struct cb = { .userdata = NULL, .auth_password_function = auth_password, - .channel_open_request_session_function = new_session_channel}; + .channel_open_request_session_function = channel_open}; + + long int ssh_timeout = 0; char buf[BUF_SIZE]; char host[128] = ""; int i, r; - int ssh_log_level = SSH_LOG_WARNING; + int ssh_key_valid = 0; + int ssh_log_level = SSH_LOG_PROTOCOL; ssh_init(); sshbind = ssh_bind_new(); + if (ssh_bind_options_set(sshbind, SSH_BIND_OPTIONS_HOSTKEY, SSH_HOST_RSA_KEY_FILE) < 0) + { + log_error("Error loading SSH RSA key: %s\n", SSH_HOST_RSA_KEY_FILE); + } + else + { + ssh_key_valid = 1; + } + if (ssh_bind_options_set(sshbind, SSH_BIND_OPTIONS_HOSTKEY, SSH_HOST_ED25519_KEY_FILE) < 0) + { + log_error("Error loading SSH ED25519 key: %s\n", SSH_HOST_ED25519_KEY_FILE); + } + else + { + ssh_key_valid = 1; + } + if (ssh_bind_options_set(sshbind, SSH_BIND_OPTIONS_HOSTKEY, SSH_HOST_ECDSA_KEY_FILE) < 0) + { + log_error("Error loading SSH ECDSA key: %s\n", SSH_HOST_ECDSA_KEY_FILE); + } + else + { + ssh_key_valid = 1; + } + + if (!ssh_key_valid) + { + log_error("Error: no valid SSH host key\n"); + ssh_bind_free(sshbind); + return -1; + } + if (ssh_bind_options_set(sshbind, SSH_BIND_OPTIONS_BINDADDR, hostaddr) < 0 || ssh_bind_options_set(sshbind, SSH_BIND_OPTIONS_BINDPORT, &port) < 0 || - ssh_bind_options_set(sshbind, SSH_BIND_OPTIONS_HOSTKEY, SSH_HOST_KEYFILE) < 0 || + ssh_bind_options_set(sshbind, SSH_BIND_OPTIONS_HOSTKEY_ALGORITHMS, "+ssh-ed25519,ecdsa-sha2-nistp256,ssh-rsa") < 0 || ssh_bind_options_set(sshbind, SSH_BIND_OPTIONS_LOG_VERBOSITY, &ssh_log_level) < 0) { log_error("Error setting SSH bind options: %s\n", ssh_get_error(sshbind)); @@ -138,10 +190,19 @@ int ssh_server(const char *hostaddr, uns ssh_callbacks_init(&cb); ssh_set_server_callbacks(session, &cb); + ssh_timeout = 60; // second + if (ssh_options_set(session, SSH_OPTIONS_TIMEOUT, &ssh_timeout) < 0) + { + log_error("Error setting SSH options: %s\n", ssh_get_error(session)); + ssh_disconnect(session); + _exit(1); + } + if (ssh_handle_key_exchange(session)) { log_error("ssh_handle_key_exchange: %s\n", ssh_get_error(session)); - return 1; + ssh_disconnect(session); + _exit(1); } ssh_set_auth_methods(session, SSH_AUTH_METHOD_PASSWORD | SSH_AUTH_METHOD_GSSAPI_MIC); @@ -171,6 +232,14 @@ int ssh_server(const char *hostaddr, uns log_common("Authenticated and got a channel\n"); } + ssh_timeout = 0; + if (ssh_options_set(session, SSH_OPTIONS_TIMEOUT, &ssh_timeout) < 0) + { + log_error("Error setting SSH options: %s\n", ssh_get_error(session)); + ssh_disconnect(session); + _exit(1); + } + snprintf(buf, sizeof(buf), "Hello, welcome to the Sample SSH proxy.\r\nPlease select your destination: "); ssh_channel_write(SSH_channel, buf, (uint32_t)strlen(buf)); do