Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Tests 3021 and 3022 (SSH SHA256 host keys) fail if curl is built with libssh rather than libssh2 #8009

Closed
pghmcfc opened this issue Nov 13, 2021 · 0 comments
Closed

Tests 3021 and 3022 (SSH SHA256 host keys) fail if curl is built with libssh rather than libssh2 #8009

pghmcfc opened this issue Nov 13, 2021 · 0 comments
Assignees
@bagder
Labels
SCP/SFTP tests

Comments

@pghmcfc
Copy link
Contributor

pghmcfc commented Nov 13, 2021

I did this

Built curl with libssh as the SSH back-end. Ran the test suite.

...
test 3021...[SFTP correct sha256 host key]
../src/curl --output log/curl3021.out  --include --trace-ascii log/trace3021 --trace-time --hostpubsha256 tuofrme8Oa2zL+lDozIdDoMsAap/7J9rRPHlf0A/nU4 --key curl_client_key --pubkey curl_client_key.pub -u mockbuild: sftp://127.0.0.1:20025/builddir/build/BUILD/curl-7.80.0/build-full/tests/log/file3021.txt >log/stdout3021 2>log/stderr3021
CMD (15360): ../src/curl --output log/curl3021.out  --include --trace-ascii log/trace3021 --trace-time --hostpubsha256 tuofrme8Oa2zL+lDozIdDoMsAap/7J9rRPHlf0A/nU4 --key curl_client_key --pubkey curl_client_key.pub -u mockbuild: sftp://127.0.0.1:20025/builddir/build/BUILD/curl-7.80.0/build-full/tests/log/file3021.txt >log/stdout3021 2>log/stderr3021
 3021: data FAILED:
--- log/check-expected	2021-11-10 21:37:39.283719015 +0000
+++ log/check-generated	2021-11-10 21:37:39.282718930 +0000
@@ -1 +0,0 @@
-test[LF]
== Contents of files in the log/ dir after test 3021
=== Start of file check-expected
 test[LF]
=== End of file check-expected
=== Start of file commands.log
 ../src/curl --output log/curl3021.out  --include --trace-ascii log/trace3021 --trace-time --hostpubsha256 tuofrme8Oa2zL+lDozIdDoMsAap/7J9rRPHlf0A/nU4 --key curl_client_key --pubkey curl_client_key.pub -u mockbuild: sftp://127.0.0.1:20025/builddir/build/BUILD/curl-7.80.0/build-full/tests/log/file3021.txt >log/stdout3021 2>log/stderr3021
=== End of file commands.log
=== Start of file file3021.txt
 test
=== End of file file3021.txt
=== Start of file ftpserver.cmd
 Testnum 3021
=== End of file ftpserver.cmd
=== Start of file stderr3021
   % Total    % Received % Xferd  Average Speed   Time    Time     Time  Current
                                  Dload  Upload   Total   Spent    Left  Speed
 
   0     0    0     0    0     0      0      0 --:--:-- --:--:-- --:--:--     0
   0     0    0     0    0     0      0      0 --:--:-- --:--:-- --:--:--     0
 
   0     0    0     0    0     0      0      0 --:--:-- --:--:-- --:--:--     0
 curl: (60) SSL peer certificate or SSH remote key was not OK
 More details here: https://curl.se/docs/sslcerts.html
 curl failed to verify the legitimacy of the server and therefore could not
 establish a secure connection to it. To learn more about this situation and
 how to fix it, please visit the web page mentioned above.
=== End of file stderr3021
=== Start of file trace3021
 21:37:39.478502 == Info:   Trying 127.0.0.1:20025...
 21:37:39.480092 == Info: Connected to 127.0.0.1 (127.0.0.1) port 20025 (#0)
 21:37:39.480793 == Info: User: mockbuild
 21:37:39.480803 == Info: Known hosts: /builddir/build/BUILD/curl-7.80.0/build-full/tests/.ssh/known_hosts
 21:37:39.680504 == Info: Closing connection 0
=== End of file trace3021
test 3022...[SCP correct sha256 host key]
../src/curl --output log/curl3022.out  --include --trace-ascii log/trace3022 --trace-time --hostpubsha256 tuofrme8Oa2zL+lDozIdDoMsAap/7J9rRPHlf0A/nU4 --key curl_client_key --pubkey curl_client_key.pub -u mockbuild: scp://127.0.0.1:20025/builddir/build/BUILD/curl-7.80.0/build-full/tests/log/file3022.txt >log/stdout3022 2>log/stderr3022
CMD (15360): ../src/curl --output log/curl3022.out  --include --trace-ascii log/trace3022 --trace-time --hostpubsha256 tuofrme8Oa2zL+lDozIdDoMsAap/7J9rRPHlf0A/nU4 --key curl_client_key --pubkey curl_client_key.pub -u mockbuild: scp://127.0.0.1:20025/builddir/build/BUILD/curl-7.80.0/build-full/tests/log/file3022.txt >log/stdout3022 2>log/stderr3022
 3022: data FAILED:
--- log/check-expected	2021-11-10 21:37:39.521739376 +0000
+++ log/check-generated	2021-11-10 21:37:39.521739376 +0000
@@ -1 +0,0 @@
-test[LF]
== Contents of files in the log/ dir after test 3022
=== Start of file check-expected
 test[LF]
=== End of file check-expected
=== Start of file commands.log
 ../src/curl --output log/curl3022.out  --include --trace-ascii log/trace3022 --trace-time --hostpubsha256 tuofrme8Oa2zL+lDozIdDoMsAap/7J9rRPHlf0A/nU4 --key curl_client_key --pubkey curl_client_key.pub -u mockbuild: scp://127.0.0.1:20025/builddir/build/BUILD/curl-7.80.0/build-full/tests/log/file3022.txt >log/stdout3022 2>log/stderr3022
=== End of file commands.log
=== Start of file file3022.txt
 test
=== End of file file3022.txt
=== Start of file ftpserver.cmd
 Testnum 3022
=== End of file ftpserver.cmd
=== Start of file stderr3022
   % Total    % Received % Xferd  Average Speed   Time    Time     Time  Current
                                  Dload  Upload   Total   Spent    Left  Speed
 
   0     0    0     0    0     0      0      0 --:--:-- --:--:-- --:--:--     0
   0     0    0     0    0     0      0      0 --:--:-- --:--:-- --:--:--     0
 
   0     0    0     0    0     0      0      0 --:--:-- --:--:-- --:--:--     0
 curl: (60) SSL peer certificate or SSH remote key was not OK
 More details here: https://curl.se/docs/sslcerts.html
 curl failed to verify the legitimacy of the server and therefore could not
 establish a secure connection to it. To learn more about this situation and
 how to fix it, please visit the web page mentioned above.
=== End of file stderr3022
=== Start of file trace3022
 21:37:39.718869 == Info:   Trying 127.0.0.1:20025...
 21:37:39.719721 == Info: Connected to 127.0.0.1 (127.0.0.1) port 20025 (#0)
 21:37:39.720082 == Info: User: mockbuild
 21:37:39.720088 == Info: Known hosts: /builddir/build/BUILD/curl-7.80.0/build-full/tests/.ssh/known_hosts
 21:37:39.919123 == Info: Closing connection 0
=== End of file trace3022
setenv CURL_SSL_BACKEND = schannel
setenv CURL_SSL_BACKEND = schannel
* kill pid for ftp-ctrl => 1771933
* kill pid for ftp-ipv6-ctrl => 1773967
* kill pid for imap-filt => 1783039
* kill pid for pop3-filt => 1786297
* kill pid for smtp-filt => 1782981
* kill pid for ftp-ipv6 => 1773966
* kill pid for http => 1805768
* kill pid for https => 1805784
* kill pid for https => 1805788
* kill pid for socks => 1780532
* kill pid for dict => 1802015
* kill pid for telnet => 1802082
* kill pid for gopher => 1795963
* kill pid for tftp => 1797157
* kill pid for smtp => 1782980
* kill pid for ftp => 1771932
* kill pid for mqtt => 1795613
* kill pid for http/2 => 1804750
* kill pid for http/2 => 1804752
* kill pid for http-ipv6 => 1773584
* kill pid for https-proxy => 1804565
* kill pid for https-proxy => 1804569
* kill pid for gopher-ipv6 => 1796072
* kill pid for smb => 1802047
* kill pid for http-unix => 1801539
* kill pid for httptls => 1776268
* kill pid for rtsp => 1780626
* kill pid for http-proxy => 1768561
* kill pid for pop3 => 1786296
* kill pid for imap => 1783038
* kill pid for ssh => 1781167
* kill pid for ssh => 1781097
* kill pid for ftps => 1777948
* kill pid for ftps => 1777952
RUN: Process with pid 1768561 signalled to die
RUN: Process with pid 1771932 signalled to die
RUN: Process with pid 1773584 signalled to die
RUN: Process with pid 1773966 signalled to die
RUN: Process with pid 1776268 signalled to die
RUN: Process with pid 1777948 signalled to die
RUN: Process with pid 1777952 signalled to die
RUN: Process with pid 1780532 signalled to die
RUN: Process with pid 1780626 signalled to die
RUN: Process with pid 1781097 signalled to die
RUN: Process with pid 1781167 signalled to die
RUN: Process with pid 1782980 signalled to die
RUN: Process with pid 1783038 signalled to die
RUN: Process with pid 1786296 signalled to die
RUN: Process with pid 1795613 signalled to die
RUN: Process with pid 1795963 signalled to die
RUN: Process with pid 1796072 signalled to die
RUN: Process with pid 1797157 signalled to die
RUN: Process with pid 1801539 signalled to die
RUN: Process with pid 1802015 signalled to die
RUN: Process with pid 1802047 signalled to die
RUN: Process with pid 1802082 signalled to die
RUN: Process with pid 1804565 signalled to die
RUN: Process with pid 1804569 signalled to die
RUN: Process with pid 1804750 signalled to die
RUN: Process with pid 1804752 signalled to die
RUN: Process with pid 1805768 signalled to die
RUN: Process with pid 1805784 signalled to die
RUN: Process with pid 1805788 signalled to die
RUN: Process with pid 1805788 gracefully died
RUN: Process with pid 1804752 gracefully died
RUN: Process with pid 1804569 gracefully died
RUN: Process with pid 1781167 gracefully died
RUN: Process with pid 1777952 gracefully died
RUN: Process with pid 1768561 forced to die with SIGKILL
RUN: Process with pid 1771932 forced to die with SIGKILL
RUN: Process with pid 1773584 forced to die with SIGKILL
RUN: Process with pid 1773966 forced to die with SIGKILL
RUN: Process with pid 1776268 forced to die with SIGKILL
RUN: Process with pid 1777948 forced to die with SIGKILL
RUN: Process with pid 1780532 forced to die with SIGKILL
RUN: Process with pid 1780626 forced to die with SIGKILL
RUN: Process with pid 1781097 forced to die with SIGKILL
RUN: Process with pid 1782980 forced to die with SIGKILL
RUN: Process with pid 1783038 forced to die with SIGKILL
RUN: Process with pid 1786296 forced to die with SIGKILL
RUN: Process with pid 1795613 forced to die with SIGKILL
RUN: Process with pid 1795963 forced to die with SIGKILL
RUN: Process with pid 1796072 forced to die with SIGKILL
RUN: Process with pid 1797157 forced to die with SIGKILL
RUN: Process with pid 1801539 forced to die with SIGKILL
RUN: Process with pid 1802015 forced to die with SIGKILL
RUN: Process with pid 1802047 forced to die with SIGKILL
RUN: Process with pid 1802082 forced to die with SIGKILL
RUN: Process with pid 1804565 forced to die with SIGKILL
RUN: Process with pid 1804750 forced to die with SIGKILL
RUN: Process with pid 1805768 forced to die with SIGKILL
RUN: Process with pid 1805784 forced to die with SIGKILL
TESTDONE: 1454 tests were considered during 1888 seconds.
TESTINFO: 199 tests were skipped due to these restraints:
TESTINFO: "curl lacks debug support" 96 times (67, 68, 69, 81, 89, 90, 91, 150, 155 and 87 more)
TESTINFO: "curl lacks unittest support" 40 times (1300, 1301, 1302, 1303, 1304, 1305, 1306, 1308, 1309 and 31 more)
TESTINFO: "configured as DISABLED" 20 times (323, 594, 836, 882, 938, 1112, 1182, 1184, 1209 and 11 more)
TESTINFO: "precheck command error" 18 times (165, 955, 956, 957, 958, 962, 963, 964, 965 and 9 more)
TESTINFO: "disabled by keyword" 8 times (573, 587, 1086, 1113, 1162, 1163, 1208, 2032)
TESTINFO: "curl lacks Schannel support" 6 times (2033, 2070, 2079, 2087, 3023, 3024)
TESTINFO: "curl has idn support" 3 times (959, 960, 961)
TESTINFO: "curl lacks zstd support" 2 times (396, 397)
TESTINFO: "curl lacks TrackMemory support" 2 times (96, 558)
TESTINFO: "curl has threaded-resolver support" 1 time (506)
TESTINFO: "curl has ipv6 support" 1 time (1454)
TESTINFO: "openssl engine not supported" 1 time (307)
TESTINFO: "curl lacks Unicode support" 1 time (1703)
TESTDONE: 1253 tests out of 1255 reported OK: 99%
TESTFAIL: These test cases failed: 3021 3022

I expected the following

Test suite passing.

curl/libcurl version

7.80.0

[curl -V output]

curl 7.80.0 (x86_64-redhat-linux-gnu) libcurl/7.80.0 OpenSSL/1.1.1l-fips zlib/1.2.11 brotli/1.0.9 libidn2/2.3.2 libpsl/0.21.1 (+libidn2/2.3.2) libssh/0.9.6/openssl/zlib nghttp2/1.45.1 OpenLDAP/2.4.59
Release-Date: 2021-11-10
Protocols: dict file ftp ftps gopher gophers http https imap imaps ldap ldaps mqtt pop3 pop3s rtsp scp sftp smb smbs smtp smtps telnet tftp 
Features: alt-svc AsynchDNS brotli GSS-API HSTS HTTP2 HTTPS-proxy IDN IPv6 Kerberos Largefile libz NTLM NTLM_WB PSL SPNEGO SSL TLS-SRP UnixSockets

operating system

Linux tycho.city-fan.org 5.14.16-301.fc35.x86_64 #1 SMP Wed Nov 3 13:55:42 UTC 2021 x86_64 x86_64 x86_64 GNU/Linux

The SHA256 host key support has been implemented for libssh2 but not yet for libssh. Until that happens it looks like these tests should be skipped for curl built with libssh but I don't see a hook for that as the SSH back-end is not yet a testable feature.
bagder added a commit that referenced this issue Nov 13, 2021
@bagder
test302[12]: run only with the libssh2 backend
82b41b7 
... as the others don't support --hostpubsha256

Reported-by: Paul Howarth
Fixes #8009
@bagder bagder linked a pull request Nov 13, 2021 that will close this issue
make the SSH sha256 tests only run with the libssh2 backend #8010
Closed
@bagder bagder self-assigned this Nov 13, 2021
@bagder bagder closed this as completed in 4825d0c Nov 14, 2021
@norbertmm norbertmm mentioned this issue Dec 23, 2022
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@bagder bagder

Labels
SCP/SFTP tests
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

make the SSH sha256 tests only run with the libssh2 backend curl/curl
2 participants
@bagder @pghmcfc