1 /* $OpenBSD: tests.c,v 1.2 2021/07/24 01:54:23 djm Exp $ */ 2 3 /* 4 * Regress test for keys options functions. 5 * 6 * Placed in the public domain 7 */ 8 9 #include <sys/types.h> 10 #include <sys/param.h> 11 #include <stdio.h> 12 #include <stdint.h> 13 #include <stdlib.h> 14 #include <string.h> 15 16 #include "test_helper.h" 17 18 #include "sshkey.h" 19 #include "authfile.h" 20 #include "auth-options.h" 21 #include "misc.h" 22 #include "log.h" 23 24 static struct sshkey * 25 load_key(const char *name) 26 { 27 struct sshkey *ret; 28 int r; 29 30 r = sshkey_load_public(test_data_file(name), &ret, NULL); 31 ASSERT_INT_EQ(r, 0); 32 ASSERT_PTR_NE(ret, NULL); 33 return ret; 34 } 35 36 static struct sshauthopt * 37 default_authkey_opts(void) 38 { 39 struct sshauthopt *ret = sshauthopt_new(); 40 41 ASSERT_PTR_NE(ret, NULL); 42 ret->permit_port_forwarding_flag = 1; 43 ret->permit_agent_forwarding_flag = 1; 44 ret->permit_x11_forwarding_flag = 1; 45 ret->permit_pty_flag = 1; 46 ret->permit_user_rc = 1; 47 return ret; 48 } 49 50 static struct sshauthopt * 51 default_authkey_restrict_opts(void) 52 { 53 struct sshauthopt *ret = sshauthopt_new(); 54 55 ASSERT_PTR_NE(ret, NULL); 56 ret->permit_port_forwarding_flag = 0; 57 ret->permit_agent_forwarding_flag = 0; 58 ret->permit_x11_forwarding_flag = 0; 59 ret->permit_pty_flag = 0; 60 ret->permit_user_rc = 0; 61 ret->restricted = 1; 62 return ret; 63 } 64 65 static char ** 66 commasplit(const char *s, size_t *np) 67 { 68 char *ocp, *cp, *cp2, **ret = NULL; 69 size_t n; 70 71 ocp = cp = strdup(s); 72 ASSERT_PTR_NE(cp, NULL); 73 for (n = 0; (cp2 = strsep(&cp, ",")) != NULL;) { 74 ret = recallocarray(ret, n, n + 1, sizeof(*ret)); 75 ASSERT_PTR_NE(ret, NULL); 76 cp2 = strdup(cp2); 77 ASSERT_PTR_NE(cp2, NULL); 78 ret[n++] = cp2; 79 } 80 free(ocp); 81 *np = n; 82 return ret; 83 } 84 85 static void 86 compare_opts(const struct sshauthopt *opts, 87 const struct sshauthopt *expected) 88 { 89 size_t i; 90 91 ASSERT_PTR_NE(opts, NULL); 92 ASSERT_PTR_NE(expected, NULL); 93 ASSERT_PTR_NE(expected, opts); /* bozo :) */ 94 95 #define FLAG_EQ(x) ASSERT_INT_EQ(opts->x, expected->x) 96 FLAG_EQ(permit_port_forwarding_flag); 97 FLAG_EQ(permit_agent_forwarding_flag); 98 FLAG_EQ(permit_x11_forwarding_flag); 99 FLAG_EQ(permit_pty_flag); 100 FLAG_EQ(permit_user_rc); 101 FLAG_EQ(restricted); 102 FLAG_EQ(cert_authority); 103 #undef FLAG_EQ 104 105 #define STR_EQ(x) \ 106 do { \ 107 if (expected->x == NULL) \ 108 ASSERT_PTR_EQ(opts->x, expected->x); \ 109 else \ 110 ASSERT_STRING_EQ(opts->x, expected->x); \ 111 } while (0) 112 STR_EQ(cert_principals); 113 STR_EQ(force_command); 114 STR_EQ(required_from_host_cert); 115 STR_EQ(required_from_host_keys); 116 #undef STR_EQ 117 118 #define ARRAY_EQ(nx, x) \ 119 do { \ 120 ASSERT_SIZE_T_EQ(opts->nx, expected->nx); \ 121 if (expected->nx == 0) \ 122 break; \ 123 for (i = 0; i < expected->nx; i++) \ 124 ASSERT_STRING_EQ(opts->x[i], expected->x[i]); \ 125 } while (0) 126 ARRAY_EQ(nenv, env); 127 ARRAY_EQ(npermitopen, permitopen); 128 #undef ARRAY_EQ 129 } 130 131 static void 132 test_authkeys_parse(void) 133 { 134 struct sshauthopt *opts, *expected; 135 const char *errstr; 136 137 #define FAIL_TEST(label, keywords) \ 138 do { \ 139 TEST_START("sshauthopt_parse invalid " label); \ 140 opts = sshauthopt_parse(keywords, &errstr); \ 141 ASSERT_PTR_EQ(opts, NULL); \ 142 ASSERT_PTR_NE(errstr, NULL); \ 143 TEST_DONE(); \ 144 } while (0) 145 #define CHECK_SUCCESS_AND_CLEANUP() \ 146 do { \ 147 if (errstr != NULL) \ 148 ASSERT_STRING_EQ(errstr, ""); \ 149 compare_opts(opts, expected); \ 150 sshauthopt_free(expected); \ 151 sshauthopt_free(opts); \ 152 } while (0) 153 154 /* Basic tests */ 155 TEST_START("sshauthopt_parse empty"); 156 expected = default_authkey_opts(); 157 opts = sshauthopt_parse("", &errstr); 158 CHECK_SUCCESS_AND_CLEANUP(); 159 TEST_DONE(); 160 161 TEST_START("sshauthopt_parse trailing whitespace"); 162 expected = default_authkey_opts(); 163 opts = sshauthopt_parse(" ", &errstr); 164 CHECK_SUCCESS_AND_CLEANUP(); 165 TEST_DONE(); 166 167 TEST_START("sshauthopt_parse restrict"); 168 expected = default_authkey_restrict_opts(); 169 opts = sshauthopt_parse("restrict", &errstr); 170 CHECK_SUCCESS_AND_CLEANUP(); 171 TEST_DONE(); 172 173 /* Invalid syntax */ 174 FAIL_TEST("trailing comma", "restrict,"); 175 FAIL_TEST("bare comma", ","); 176 FAIL_TEST("unknown option", "BLAH"); 177 FAIL_TEST("unknown option with trailing comma", "BLAH,"); 178 FAIL_TEST("unknown option with trailing whitespace", "BLAH "); 179 180 /* force_tun_device */ 181 TEST_START("sshauthopt_parse tunnel explicit"); 182 expected = default_authkey_opts(); 183 expected->force_tun_device = 1; 184 opts = sshauthopt_parse("tunnel=\"1\"", &errstr); 185 CHECK_SUCCESS_AND_CLEANUP(); 186 TEST_DONE(); 187 188 TEST_START("sshauthopt_parse tunnel any"); 189 expected = default_authkey_opts(); 190 expected->force_tun_device = SSH_TUNID_ANY; 191 opts = sshauthopt_parse("tunnel=\"any\"", &errstr); 192 CHECK_SUCCESS_AND_CLEANUP(); 193 TEST_DONE(); 194 195 FAIL_TEST("tunnel", "tunnel=\"blah\""); 196 197 /* Flag options */ 198 #define FLAG_TEST(keyword, var, val) \ 199 do { \ 200 TEST_START("sshauthopt_parse " keyword); \ 201 expected = default_authkey_opts(); \ 202 expected->var = val; \ 203 opts = sshauthopt_parse(keyword, &errstr); \ 204 CHECK_SUCCESS_AND_CLEANUP(); \ 205 expected = default_authkey_restrict_opts(); \ 206 expected->var = val; \ 207 opts = sshauthopt_parse("restrict,"keyword, &errstr); \ 208 CHECK_SUCCESS_AND_CLEANUP(); \ 209 TEST_DONE(); \ 210 } while (0) 211 /* Positive flags */ 212 FLAG_TEST("cert-authority", cert_authority, 1); 213 FLAG_TEST("port-forwarding", permit_port_forwarding_flag, 1); 214 FLAG_TEST("agent-forwarding", permit_agent_forwarding_flag, 1); 215 FLAG_TEST("x11-forwarding", permit_x11_forwarding_flag, 1); 216 FLAG_TEST("pty", permit_pty_flag, 1); 217 FLAG_TEST("user-rc", permit_user_rc, 1); 218 /* Negative flags */ 219 FLAG_TEST("no-port-forwarding", permit_port_forwarding_flag, 0); 220 FLAG_TEST("no-agent-forwarding", permit_agent_forwarding_flag, 0); 221 FLAG_TEST("no-x11-forwarding", permit_x11_forwarding_flag, 0); 222 FLAG_TEST("no-pty", permit_pty_flag, 0); 223 FLAG_TEST("no-user-rc", permit_user_rc, 0); 224 #undef FLAG_TEST 225 FAIL_TEST("no-cert-authority", "no-cert-authority"); 226 227 /* String options */ 228 #define STRING_TEST(keyword, var, val) \ 229 do { \ 230 TEST_START("sshauthopt_parse " keyword); \ 231 expected = default_authkey_opts(); \ 232 expected->var = strdup(val); \ 233 ASSERT_PTR_NE(expected->var, NULL); \ 234 opts = sshauthopt_parse(keyword "=" #val, &errstr); \ 235 CHECK_SUCCESS_AND_CLEANUP(); \ 236 expected = default_authkey_restrict_opts(); \ 237 expected->var = strdup(val); \ 238 ASSERT_PTR_NE(expected->var, NULL); \ 239 opts = sshauthopt_parse( \ 240 "restrict," keyword "=" #val ",restrict", &errstr); \ 241 CHECK_SUCCESS_AND_CLEANUP(); \ 242 TEST_DONE(); \ 243 } while (0) 244 STRING_TEST("command", force_command, "/bin/true"); 245 STRING_TEST("principals", cert_principals, "gregor,josef,K"); 246 STRING_TEST("from", required_from_host_keys, "127.0.0.0/8"); 247 #undef STRING_TEST 248 FAIL_TEST("unquoted command", "command=oops"); 249 FAIL_TEST("unquoted principals", "principals=estragon"); 250 FAIL_TEST("unquoted from", "from=127.0.0.1"); 251 252 /* String array option tests */ 253 #define ARRAY_TEST(label, keywords, var, nvar, val) \ 254 do { \ 255 TEST_START("sshauthopt_parse " label); \ 256 expected = default_authkey_opts(); \ 257 expected->var = commasplit(val, &expected->nvar); \ 258 ASSERT_PTR_NE(expected->var, NULL); \ 259 opts = sshauthopt_parse(keywords, &errstr); \ 260 CHECK_SUCCESS_AND_CLEANUP(); \ 261 expected = default_authkey_restrict_opts(); \ 262 expected->var = commasplit(val, &expected->nvar); \ 263 ASSERT_PTR_NE(expected->var, NULL); \ 264 opts = sshauthopt_parse( \ 265 "restrict," keywords ",restrict", &errstr); \ 266 CHECK_SUCCESS_AND_CLEANUP(); \ 267 TEST_DONE(); \ 268 } while (0) 269 ARRAY_TEST("environment", "environment=\"foo=1\",environment=\"bar=2\"", 270 env, nenv, "foo=1,bar=2"); 271 ARRAY_TEST("environment", "environment=\"foo=1\",environment=\"foo=2\"", 272 env, nenv, "foo=1"); 273 ARRAY_TEST("permitopen", "permitopen=\"foo:123\",permitopen=\"bar:*\"", 274 permitopen, npermitopen, "foo:123,bar:*"); 275 #undef ARRAY_TEST 276 FAIL_TEST("environment", "environment=\",=bah\""); 277 FAIL_TEST("permitopen port", "foo:bar"); 278 FAIL_TEST("permitopen missing port", "foo:"); 279 FAIL_TEST("permitopen missing port specification", "foo"); 280 FAIL_TEST("permitopen invalid host", "[:"); 281 282 #undef CHECK_SUCCESS_AND_CLEANUP 283 #undef FAIL_TEST 284 } 285 286 static void 287 test_cert_parse(void) 288 { 289 struct sshkey *cert; 290 struct sshauthopt *opts, *expected; 291 292 #define CHECK_SUCCESS_AND_CLEANUP() \ 293 do { \ 294 compare_opts(opts, expected); \ 295 sshauthopt_free(expected); \ 296 sshauthopt_free(opts); \ 297 sshkey_free(cert); \ 298 } while (0) 299 #define FLAG_TEST(keybase, var) \ 300 do { \ 301 TEST_START("sshauthopt_from_cert no_" keybase); \ 302 cert = load_key("no_" keybase ".cert"); \ 303 expected = default_authkey_opts(); \ 304 expected->var = 0; \ 305 opts = sshauthopt_from_cert(cert); \ 306 CHECK_SUCCESS_AND_CLEANUP(); \ 307 TEST_DONE(); \ 308 TEST_START("sshauthopt_from_cert only_" keybase); \ 309 cert = load_key("only_" keybase ".cert"); \ 310 expected = sshauthopt_new(); \ 311 ASSERT_PTR_NE(expected, NULL); \ 312 expected->var = 1; \ 313 opts = sshauthopt_from_cert(cert); \ 314 CHECK_SUCCESS_AND_CLEANUP(); \ 315 TEST_DONE(); \ 316 } while (0) 317 FLAG_TEST("agentfwd", permit_agent_forwarding_flag); 318 FLAG_TEST("portfwd", permit_port_forwarding_flag); 319 FLAG_TEST("pty", permit_pty_flag); 320 FLAG_TEST("user_rc", permit_user_rc); 321 FLAG_TEST("x11fwd", permit_x11_forwarding_flag); 322 #undef FLAG_TEST 323 324 TEST_START("sshauthopt_from_cert all permitted"); 325 cert = load_key("all_permit.cert"); 326 expected = default_authkey_opts(); 327 opts = sshauthopt_from_cert(cert); 328 CHECK_SUCCESS_AND_CLEANUP(); 329 TEST_DONE(); 330 331 TEST_START("sshauthopt_from_cert nothing permitted"); 332 cert = load_key("no_permit.cert"); 333 expected = sshauthopt_new(); 334 ASSERT_PTR_NE(expected, NULL); 335 opts = sshauthopt_from_cert(cert); 336 CHECK_SUCCESS_AND_CLEANUP(); 337 TEST_DONE(); 338 339 TEST_START("sshauthopt_from_cert force-command"); 340 cert = load_key("force_command.cert"); 341 expected = default_authkey_opts(); 342 expected->force_command = strdup("foo"); 343 ASSERT_PTR_NE(expected->force_command, NULL); 344 opts = sshauthopt_from_cert(cert); 345 CHECK_SUCCESS_AND_CLEANUP(); 346 TEST_DONE(); 347 348 TEST_START("sshauthopt_from_cert source-address"); 349 cert = load_key("sourceaddr.cert"); 350 expected = default_authkey_opts(); 351 expected->required_from_host_cert = strdup("127.0.0.1/32,::1/128"); 352 ASSERT_PTR_NE(expected->required_from_host_cert, NULL); 353 opts = sshauthopt_from_cert(cert); 354 CHECK_SUCCESS_AND_CLEANUP(); 355 TEST_DONE(); 356 #undef CHECK_SUCCESS_AND_CLEANUP 357 358 #define FAIL_TEST(keybase) \ 359 do { \ 360 TEST_START("sshauthopt_from_cert " keybase); \ 361 cert = load_key(keybase ".cert"); \ 362 opts = sshauthopt_from_cert(cert); \ 363 ASSERT_PTR_EQ(opts, NULL); \ 364 sshkey_free(cert); \ 365 TEST_DONE(); \ 366 } while (0) 367 FAIL_TEST("host"); 368 FAIL_TEST("bad_sourceaddr"); 369 FAIL_TEST("unknown_critical"); 370 #undef FAIL_TEST 371 } 372 373 static void 374 test_merge(void) 375 { 376 struct sshkey *cert; 377 struct sshauthopt *key_opts, *cert_opts, *merge_opts, *expected; 378 const char *errstr; 379 380 /* 381 * Prepare for a test by making some key and cert options and 382 * attempting to merge them. 383 */ 384 #define PREPARE(label, keyname, keywords) \ 385 do { \ 386 expected = NULL; \ 387 TEST_START("sshauthopt_merge " label); \ 388 cert = load_key(keyname ".cert"); \ 389 cert_opts = sshauthopt_from_cert(cert); \ 390 ASSERT_PTR_NE(cert_opts, NULL); \ 391 key_opts = sshauthopt_parse(keywords, &errstr); \ 392 if (errstr != NULL) \ 393 ASSERT_STRING_EQ(errstr, ""); \ 394 ASSERT_PTR_NE(key_opts, NULL); \ 395 merge_opts = sshauthopt_merge(key_opts, \ 396 cert_opts, &errstr); \ 397 } while (0) 398 399 /* Cleanup stuff allocated by PREPARE() */ 400 #define CLEANUP() \ 401 do { \ 402 sshauthopt_free(expected); \ 403 sshauthopt_free(merge_opts); \ 404 sshauthopt_free(key_opts); \ 405 sshauthopt_free(cert_opts); \ 406 sshkey_free(cert); \ 407 } while (0) 408 409 /* Check the results of PREPARE() against expectation; calls CLEANUP */ 410 #define CHECK_SUCCESS_AND_CLEANUP() \ 411 do { \ 412 if (errstr != NULL) \ 413 ASSERT_STRING_EQ(errstr, ""); \ 414 compare_opts(merge_opts, expected); \ 415 CLEANUP(); \ 416 } while (0) 417 418 /* Check a single case of merging of flag options */ 419 #define FLAG_CASE(keybase, label, keyname, keywords, mostly_off, var, val) \ 420 do { \ 421 PREPARE(keybase " " label, keyname, keywords); \ 422 expected = mostly_off ? \ 423 sshauthopt_new() : default_authkey_opts(); \ 424 expected->var = val; \ 425 ASSERT_PTR_NE(expected, NULL); \ 426 CHECK_SUCCESS_AND_CLEANUP(); \ 427 TEST_DONE(); \ 428 } while (0) 429 430 /* 431 * Fairly exhaustive exercise of a flag option. Tests 432 * option both set and clear in certificate, set and clear in 433 * authorized_keys and set and cleared via restrict keyword. 434 */ 435 #define FLAG_TEST(keybase, keyword, var) \ 436 do { \ 437 FLAG_CASE(keybase, "keys:default,yes cert:default,no", \ 438 "no_" keybase, keyword, 0, var, 0); \ 439 FLAG_CASE(keybase,"keys:-*,yes cert:default,no", \ 440 "no_" keybase, "restrict," keyword, 1, var, 0); \ 441 FLAG_CASE(keybase, "keys:default,no cert:default,no", \ 442 "no_" keybase, "no-" keyword, 0, var, 0); \ 443 FLAG_CASE(keybase, "keys:-*,no cert:default,no", \ 444 "no_" keybase, "restrict,no-" keyword, 1, var, 0); \ 445 \ 446 FLAG_CASE(keybase, "keys:default,yes cert:-*,yes", \ 447 "only_" keybase, keyword, 1, var, 1); \ 448 FLAG_CASE(keybase,"keys:-*,yes cert:-*,yes", \ 449 "only_" keybase, "restrict," keyword, 1, var, 1); \ 450 FLAG_CASE(keybase, "keys:default,no cert:-*,yes", \ 451 "only_" keybase, "no-" keyword, 1, var, 0); \ 452 FLAG_CASE(keybase, "keys:-*,no cert:-*,yes", \ 453 "only_" keybase, "restrict,no-" keyword, 1, var, 0); \ 454 \ 455 FLAG_CASE(keybase, "keys:default,yes cert:-*", \ 456 "no_permit", keyword, 1, var, 0); \ 457 FLAG_CASE(keybase,"keys:-*,yes cert:-*", \ 458 "no_permit", "restrict," keyword, 1, var, 0); \ 459 FLAG_CASE(keybase, "keys:default,no cert:-*", \ 460 "no_permit", "no-" keyword, 1, var, 0); \ 461 FLAG_CASE(keybase, "keys:-*,no cert:-*", \ 462 "no_permit", "restrict,no-" keyword, 1, var, 0); \ 463 \ 464 FLAG_CASE(keybase, "keys:default,yes cert:*", \ 465 "all_permit", keyword, 0, var, 1); \ 466 FLAG_CASE(keybase,"keys:-*,yes cert:*", \ 467 "all_permit", "restrict," keyword, 1, var, 1); \ 468 FLAG_CASE(keybase, "keys:default,no cert:*", \ 469 "all_permit", "no-" keyword, 0, var, 0); \ 470 FLAG_CASE(keybase, "keys:-*,no cert:*", \ 471 "all_permit", "restrict,no-" keyword, 1, var, 0); \ 472 \ 473 } while (0) 474 FLAG_TEST("portfwd", "port-forwarding", permit_port_forwarding_flag); 475 FLAG_TEST("agentfwd", "agent-forwarding", permit_agent_forwarding_flag); 476 FLAG_TEST("pty", "pty", permit_pty_flag); 477 FLAG_TEST("user_rc", "user-rc", permit_user_rc); 478 FLAG_TEST("x11fwd", "x11-forwarding", permit_x11_forwarding_flag); 479 #undef FLAG_TEST 480 481 PREPARE("source-address both", "sourceaddr", "from=\"127.0.0.1\""); 482 expected = default_authkey_opts(); 483 expected->required_from_host_cert = strdup("127.0.0.1/32,::1/128"); 484 ASSERT_PTR_NE(expected->required_from_host_cert, NULL); 485 expected->required_from_host_keys = strdup("127.0.0.1"); 486 ASSERT_PTR_NE(expected->required_from_host_keys, NULL); 487 CHECK_SUCCESS_AND_CLEANUP(); 488 TEST_DONE(); 489 490 PREPARE("source-address none", "all_permit", ""); 491 expected = default_authkey_opts(); 492 CHECK_SUCCESS_AND_CLEANUP(); 493 TEST_DONE(); 494 495 PREPARE("source-address keys", "all_permit", "from=\"127.0.0.1\""); 496 expected = default_authkey_opts(); 497 expected->required_from_host_keys = strdup("127.0.0.1"); 498 ASSERT_PTR_NE(expected->required_from_host_keys, NULL); 499 CHECK_SUCCESS_AND_CLEANUP(); 500 TEST_DONE(); 501 502 PREPARE("source-address cert", "sourceaddr", ""); 503 expected = default_authkey_opts(); 504 expected->required_from_host_cert = strdup("127.0.0.1/32,::1/128"); 505 ASSERT_PTR_NE(expected->required_from_host_cert, NULL); 506 CHECK_SUCCESS_AND_CLEANUP(); 507 TEST_DONE(); 508 509 PREPARE("force-command both", "force_command", "command=\"foo\""); 510 expected = default_authkey_opts(); 511 expected->force_command = strdup("foo"); 512 ASSERT_PTR_NE(expected->force_command, NULL); 513 CHECK_SUCCESS_AND_CLEANUP(); 514 TEST_DONE(); 515 516 PREPARE("force-command none", "all_permit", ""); 517 expected = default_authkey_opts(); 518 CHECK_SUCCESS_AND_CLEANUP(); 519 TEST_DONE(); 520 521 PREPARE("force-command keys", "all_permit", "command=\"bar\""); 522 expected = default_authkey_opts(); 523 expected->force_command = strdup("bar"); 524 ASSERT_PTR_NE(expected->force_command, NULL); 525 CHECK_SUCCESS_AND_CLEANUP(); 526 TEST_DONE(); 527 528 PREPARE("force-command cert", "force_command", ""); 529 expected = default_authkey_opts(); 530 expected->force_command = strdup("foo"); 531 ASSERT_PTR_NE(expected->force_command, NULL); 532 CHECK_SUCCESS_AND_CLEANUP(); 533 TEST_DONE(); 534 535 PREPARE("force-command mismatch", "force_command", "command=\"bar\""); 536 ASSERT_PTR_EQ(merge_opts, NULL); 537 CLEANUP(); 538 TEST_DONE(); 539 540 PREPARE("tunnel", "all_permit", "tunnel=\"6\""); 541 expected = default_authkey_opts(); 542 expected->force_tun_device = 6; 543 CHECK_SUCCESS_AND_CLEANUP(); 544 TEST_DONE(); 545 546 PREPARE("permitopen", "all_permit", 547 "permitopen=\"127.0.0.1:*\",permitopen=\"127.0.0.1:123\""); 548 expected = default_authkey_opts(); 549 expected->permitopen = commasplit("127.0.0.1:*,127.0.0.1:123", 550 &expected->npermitopen); 551 CHECK_SUCCESS_AND_CLEANUP(); 552 TEST_DONE(); 553 554 PREPARE("environment", "all_permit", 555 "environment=\"foo=a\",environment=\"bar=b\""); 556 expected = default_authkey_opts(); 557 expected->env = commasplit("foo=a,bar=b", &expected->nenv); 558 CHECK_SUCCESS_AND_CLEANUP(); 559 TEST_DONE(); 560 } 561 562 void 563 tests(void) 564 { 565 extern char *__progname; 566 LogLevel ll = test_is_verbose() ? 567 SYSLOG_LEVEL_DEBUG3 : SYSLOG_LEVEL_QUIET; 568 569 /* test_cert_parse() are a bit spammy to error() by default... */ 570 log_init(__progname, ll, SYSLOG_FACILITY_USER, 1); 571 572 test_authkeys_parse(); 573 test_cert_parse(); 574 test_merge(); 575 } 576