1 /* $OpenBSD: tests.c,v 1.3 2021/12/14 21:25:27 deraadt Exp $ */ 2 3 /* 4 * Regress test for keys options functions. 5 * 6 * Placed in the public domain 7 */ 8 9 #include <sys/types.h> 10 #include <stdio.h> 11 #include <stdint.h> 12 #include <stdlib.h> 13 #include <string.h> 14 15 #include "test_helper.h" 16 17 #include "sshkey.h" 18 #include "authfile.h" 19 #include "auth-options.h" 20 #include "misc.h" 21 #include "log.h" 22 23 static struct sshkey * 24 load_key(const char *name) 25 { 26 struct sshkey *ret; 27 int r; 28 29 r = sshkey_load_public(test_data_file(name), &ret, NULL); 30 ASSERT_INT_EQ(r, 0); 31 ASSERT_PTR_NE(ret, NULL); 32 return ret; 33 } 34 35 static struct sshauthopt * 36 default_authkey_opts(void) 37 { 38 struct sshauthopt *ret = sshauthopt_new(); 39 40 ASSERT_PTR_NE(ret, NULL); 41 ret->permit_port_forwarding_flag = 1; 42 ret->permit_agent_forwarding_flag = 1; 43 ret->permit_x11_forwarding_flag = 1; 44 ret->permit_pty_flag = 1; 45 ret->permit_user_rc = 1; 46 return ret; 47 } 48 49 static struct sshauthopt * 50 default_authkey_restrict_opts(void) 51 { 52 struct sshauthopt *ret = sshauthopt_new(); 53 54 ASSERT_PTR_NE(ret, NULL); 55 ret->permit_port_forwarding_flag = 0; 56 ret->permit_agent_forwarding_flag = 0; 57 ret->permit_x11_forwarding_flag = 0; 58 ret->permit_pty_flag = 0; 59 ret->permit_user_rc = 0; 60 ret->restricted = 1; 61 return ret; 62 } 63 64 static char ** 65 commasplit(const char *s, size_t *np) 66 { 67 char *ocp, *cp, *cp2, **ret = NULL; 68 size_t n; 69 70 ocp = cp = strdup(s); 71 ASSERT_PTR_NE(cp, NULL); 72 for (n = 0; (cp2 = strsep(&cp, ",")) != NULL;) { 73 ret = recallocarray(ret, n, n + 1, sizeof(*ret)); 74 ASSERT_PTR_NE(ret, NULL); 75 cp2 = strdup(cp2); 76 ASSERT_PTR_NE(cp2, NULL); 77 ret[n++] = cp2; 78 } 79 free(ocp); 80 *np = n; 81 return ret; 82 } 83 84 static void 85 compare_opts(const struct sshauthopt *opts, 86 const struct sshauthopt *expected) 87 { 88 size_t i; 89 90 ASSERT_PTR_NE(opts, NULL); 91 ASSERT_PTR_NE(expected, NULL); 92 ASSERT_PTR_NE(expected, opts); /* bozo :) */ 93 94 #define FLAG_EQ(x) ASSERT_INT_EQ(opts->x, expected->x) 95 FLAG_EQ(permit_port_forwarding_flag); 96 FLAG_EQ(permit_agent_forwarding_flag); 97 FLAG_EQ(permit_x11_forwarding_flag); 98 FLAG_EQ(permit_pty_flag); 99 FLAG_EQ(permit_user_rc); 100 FLAG_EQ(restricted); 101 FLAG_EQ(cert_authority); 102 #undef FLAG_EQ 103 104 #define STR_EQ(x) \ 105 do { \ 106 if (expected->x == NULL) \ 107 ASSERT_PTR_EQ(opts->x, expected->x); \ 108 else \ 109 ASSERT_STRING_EQ(opts->x, expected->x); \ 110 } while (0) 111 STR_EQ(cert_principals); 112 STR_EQ(force_command); 113 STR_EQ(required_from_host_cert); 114 STR_EQ(required_from_host_keys); 115 #undef STR_EQ 116 117 #define ARRAY_EQ(nx, x) \ 118 do { \ 119 ASSERT_SIZE_T_EQ(opts->nx, expected->nx); \ 120 if (expected->nx == 0) \ 121 break; \ 122 for (i = 0; i < expected->nx; i++) \ 123 ASSERT_STRING_EQ(opts->x[i], expected->x[i]); \ 124 } while (0) 125 ARRAY_EQ(nenv, env); 126 ARRAY_EQ(npermitopen, permitopen); 127 #undef ARRAY_EQ 128 } 129 130 static void 131 test_authkeys_parse(void) 132 { 133 struct sshauthopt *opts, *expected; 134 const char *errstr; 135 136 #define FAIL_TEST(label, keywords) \ 137 do { \ 138 TEST_START("sshauthopt_parse invalid " label); \ 139 opts = sshauthopt_parse(keywords, &errstr); \ 140 ASSERT_PTR_EQ(opts, NULL); \ 141 ASSERT_PTR_NE(errstr, NULL); \ 142 TEST_DONE(); \ 143 } while (0) 144 #define CHECK_SUCCESS_AND_CLEANUP() \ 145 do { \ 146 if (errstr != NULL) \ 147 ASSERT_STRING_EQ(errstr, ""); \ 148 compare_opts(opts, expected); \ 149 sshauthopt_free(expected); \ 150 sshauthopt_free(opts); \ 151 } while (0) 152 153 /* Basic tests */ 154 TEST_START("sshauthopt_parse empty"); 155 expected = default_authkey_opts(); 156 opts = sshauthopt_parse("", &errstr); 157 CHECK_SUCCESS_AND_CLEANUP(); 158 TEST_DONE(); 159 160 TEST_START("sshauthopt_parse trailing whitespace"); 161 expected = default_authkey_opts(); 162 opts = sshauthopt_parse(" ", &errstr); 163 CHECK_SUCCESS_AND_CLEANUP(); 164 TEST_DONE(); 165 166 TEST_START("sshauthopt_parse restrict"); 167 expected = default_authkey_restrict_opts(); 168 opts = sshauthopt_parse("restrict", &errstr); 169 CHECK_SUCCESS_AND_CLEANUP(); 170 TEST_DONE(); 171 172 /* Invalid syntax */ 173 FAIL_TEST("trailing comma", "restrict,"); 174 FAIL_TEST("bare comma", ","); 175 FAIL_TEST("unknown option", "BLAH"); 176 FAIL_TEST("unknown option with trailing comma", "BLAH,"); 177 FAIL_TEST("unknown option with trailing whitespace", "BLAH "); 178 179 /* force_tun_device */ 180 TEST_START("sshauthopt_parse tunnel explicit"); 181 expected = default_authkey_opts(); 182 expected->force_tun_device = 1; 183 opts = sshauthopt_parse("tunnel=\"1\"", &errstr); 184 CHECK_SUCCESS_AND_CLEANUP(); 185 TEST_DONE(); 186 187 TEST_START("sshauthopt_parse tunnel any"); 188 expected = default_authkey_opts(); 189 expected->force_tun_device = SSH_TUNID_ANY; 190 opts = sshauthopt_parse("tunnel=\"any\"", &errstr); 191 CHECK_SUCCESS_AND_CLEANUP(); 192 TEST_DONE(); 193 194 FAIL_TEST("tunnel", "tunnel=\"blah\""); 195 196 /* Flag options */ 197 #define FLAG_TEST(keyword, var, val) \ 198 do { \ 199 TEST_START("sshauthopt_parse " keyword); \ 200 expected = default_authkey_opts(); \ 201 expected->var = val; \ 202 opts = sshauthopt_parse(keyword, &errstr); \ 203 CHECK_SUCCESS_AND_CLEANUP(); \ 204 expected = default_authkey_restrict_opts(); \ 205 expected->var = val; \ 206 opts = sshauthopt_parse("restrict,"keyword, &errstr); \ 207 CHECK_SUCCESS_AND_CLEANUP(); \ 208 TEST_DONE(); \ 209 } while (0) 210 /* Positive flags */ 211 FLAG_TEST("cert-authority", cert_authority, 1); 212 FLAG_TEST("port-forwarding", permit_port_forwarding_flag, 1); 213 FLAG_TEST("agent-forwarding", permit_agent_forwarding_flag, 1); 214 FLAG_TEST("x11-forwarding", permit_x11_forwarding_flag, 1); 215 FLAG_TEST("pty", permit_pty_flag, 1); 216 FLAG_TEST("user-rc", permit_user_rc, 1); 217 /* Negative flags */ 218 FLAG_TEST("no-port-forwarding", permit_port_forwarding_flag, 0); 219 FLAG_TEST("no-agent-forwarding", permit_agent_forwarding_flag, 0); 220 FLAG_TEST("no-x11-forwarding", permit_x11_forwarding_flag, 0); 221 FLAG_TEST("no-pty", permit_pty_flag, 0); 222 FLAG_TEST("no-user-rc", permit_user_rc, 0); 223 #undef FLAG_TEST 224 FAIL_TEST("no-cert-authority", "no-cert-authority"); 225 226 /* String options */ 227 #define STRING_TEST(keyword, var, val) \ 228 do { \ 229 TEST_START("sshauthopt_parse " keyword); \ 230 expected = default_authkey_opts(); \ 231 expected->var = strdup(val); \ 232 ASSERT_PTR_NE(expected->var, NULL); \ 233 opts = sshauthopt_parse(keyword "=" #val, &errstr); \ 234 CHECK_SUCCESS_AND_CLEANUP(); \ 235 expected = default_authkey_restrict_opts(); \ 236 expected->var = strdup(val); \ 237 ASSERT_PTR_NE(expected->var, NULL); \ 238 opts = sshauthopt_parse( \ 239 "restrict," keyword "=" #val ",restrict", &errstr); \ 240 CHECK_SUCCESS_AND_CLEANUP(); \ 241 TEST_DONE(); \ 242 } while (0) 243 STRING_TEST("command", force_command, "/bin/true"); 244 STRING_TEST("principals", cert_principals, "gregor,josef,K"); 245 STRING_TEST("from", required_from_host_keys, "127.0.0.0/8"); 246 #undef STRING_TEST 247 FAIL_TEST("unquoted command", "command=oops"); 248 FAIL_TEST("unquoted principals", "principals=estragon"); 249 FAIL_TEST("unquoted from", "from=127.0.0.1"); 250 251 /* String array option tests */ 252 #define ARRAY_TEST(label, keywords, var, nvar, val) \ 253 do { \ 254 TEST_START("sshauthopt_parse " label); \ 255 expected = default_authkey_opts(); \ 256 expected->var = commasplit(val, &expected->nvar); \ 257 ASSERT_PTR_NE(expected->var, NULL); \ 258 opts = sshauthopt_parse(keywords, &errstr); \ 259 CHECK_SUCCESS_AND_CLEANUP(); \ 260 expected = default_authkey_restrict_opts(); \ 261 expected->var = commasplit(val, &expected->nvar); \ 262 ASSERT_PTR_NE(expected->var, NULL); \ 263 opts = sshauthopt_parse( \ 264 "restrict," keywords ",restrict", &errstr); \ 265 CHECK_SUCCESS_AND_CLEANUP(); \ 266 TEST_DONE(); \ 267 } while (0) 268 ARRAY_TEST("environment", "environment=\"foo=1\",environment=\"bar=2\"", 269 env, nenv, "foo=1,bar=2"); 270 ARRAY_TEST("environment", "environment=\"foo=1\",environment=\"foo=2\"", 271 env, nenv, "foo=1"); 272 ARRAY_TEST("permitopen", "permitopen=\"foo:123\",permitopen=\"bar:*\"", 273 permitopen, npermitopen, "foo:123,bar:*"); 274 #undef ARRAY_TEST 275 FAIL_TEST("environment", "environment=\",=bah\""); 276 FAIL_TEST("permitopen port", "foo:bar"); 277 FAIL_TEST("permitopen missing port", "foo:"); 278 FAIL_TEST("permitopen missing port specification", "foo"); 279 FAIL_TEST("permitopen invalid host", "[:"); 280 281 #undef CHECK_SUCCESS_AND_CLEANUP 282 #undef FAIL_TEST 283 } 284 285 static void 286 test_cert_parse(void) 287 { 288 struct sshkey *cert; 289 struct sshauthopt *opts, *expected; 290 291 #define CHECK_SUCCESS_AND_CLEANUP() \ 292 do { \ 293 compare_opts(opts, expected); \ 294 sshauthopt_free(expected); \ 295 sshauthopt_free(opts); \ 296 sshkey_free(cert); \ 297 } while (0) 298 #define FLAG_TEST(keybase, var) \ 299 do { \ 300 TEST_START("sshauthopt_from_cert no_" keybase); \ 301 cert = load_key("no_" keybase ".cert"); \ 302 expected = default_authkey_opts(); \ 303 expected->var = 0; \ 304 opts = sshauthopt_from_cert(cert); \ 305 CHECK_SUCCESS_AND_CLEANUP(); \ 306 TEST_DONE(); \ 307 TEST_START("sshauthopt_from_cert only_" keybase); \ 308 cert = load_key("only_" keybase ".cert"); \ 309 expected = sshauthopt_new(); \ 310 ASSERT_PTR_NE(expected, NULL); \ 311 expected->var = 1; \ 312 opts = sshauthopt_from_cert(cert); \ 313 CHECK_SUCCESS_AND_CLEANUP(); \ 314 TEST_DONE(); \ 315 } while (0) 316 FLAG_TEST("agentfwd", permit_agent_forwarding_flag); 317 FLAG_TEST("portfwd", permit_port_forwarding_flag); 318 FLAG_TEST("pty", permit_pty_flag); 319 FLAG_TEST("user_rc", permit_user_rc); 320 FLAG_TEST("x11fwd", permit_x11_forwarding_flag); 321 #undef FLAG_TEST 322 323 TEST_START("sshauthopt_from_cert all permitted"); 324 cert = load_key("all_permit.cert"); 325 expected = default_authkey_opts(); 326 opts = sshauthopt_from_cert(cert); 327 CHECK_SUCCESS_AND_CLEANUP(); 328 TEST_DONE(); 329 330 TEST_START("sshauthopt_from_cert nothing permitted"); 331 cert = load_key("no_permit.cert"); 332 expected = sshauthopt_new(); 333 ASSERT_PTR_NE(expected, NULL); 334 opts = sshauthopt_from_cert(cert); 335 CHECK_SUCCESS_AND_CLEANUP(); 336 TEST_DONE(); 337 338 TEST_START("sshauthopt_from_cert force-command"); 339 cert = load_key("force_command.cert"); 340 expected = default_authkey_opts(); 341 expected->force_command = strdup("foo"); 342 ASSERT_PTR_NE(expected->force_command, NULL); 343 opts = sshauthopt_from_cert(cert); 344 CHECK_SUCCESS_AND_CLEANUP(); 345 TEST_DONE(); 346 347 TEST_START("sshauthopt_from_cert source-address"); 348 cert = load_key("sourceaddr.cert"); 349 expected = default_authkey_opts(); 350 expected->required_from_host_cert = strdup("127.0.0.1/32,::1/128"); 351 ASSERT_PTR_NE(expected->required_from_host_cert, NULL); 352 opts = sshauthopt_from_cert(cert); 353 CHECK_SUCCESS_AND_CLEANUP(); 354 TEST_DONE(); 355 #undef CHECK_SUCCESS_AND_CLEANUP 356 357 #define FAIL_TEST(keybase) \ 358 do { \ 359 TEST_START("sshauthopt_from_cert " keybase); \ 360 cert = load_key(keybase ".cert"); \ 361 opts = sshauthopt_from_cert(cert); \ 362 ASSERT_PTR_EQ(opts, NULL); \ 363 sshkey_free(cert); \ 364 TEST_DONE(); \ 365 } while (0) 366 FAIL_TEST("host"); 367 FAIL_TEST("bad_sourceaddr"); 368 FAIL_TEST("unknown_critical"); 369 #undef FAIL_TEST 370 } 371 372 static void 373 test_merge(void) 374 { 375 struct sshkey *cert; 376 struct sshauthopt *key_opts, *cert_opts, *merge_opts, *expected; 377 const char *errstr; 378 379 /* 380 * Prepare for a test by making some key and cert options and 381 * attempting to merge them. 382 */ 383 #define PREPARE(label, keyname, keywords) \ 384 do { \ 385 expected = NULL; \ 386 TEST_START("sshauthopt_merge " label); \ 387 cert = load_key(keyname ".cert"); \ 388 cert_opts = sshauthopt_from_cert(cert); \ 389 ASSERT_PTR_NE(cert_opts, NULL); \ 390 key_opts = sshauthopt_parse(keywords, &errstr); \ 391 if (errstr != NULL) \ 392 ASSERT_STRING_EQ(errstr, ""); \ 393 ASSERT_PTR_NE(key_opts, NULL); \ 394 merge_opts = sshauthopt_merge(key_opts, \ 395 cert_opts, &errstr); \ 396 } while (0) 397 398 /* Cleanup stuff allocated by PREPARE() */ 399 #define CLEANUP() \ 400 do { \ 401 sshauthopt_free(expected); \ 402 sshauthopt_free(merge_opts); \ 403 sshauthopt_free(key_opts); \ 404 sshauthopt_free(cert_opts); \ 405 sshkey_free(cert); \ 406 } while (0) 407 408 /* Check the results of PREPARE() against expectation; calls CLEANUP */ 409 #define CHECK_SUCCESS_AND_CLEANUP() \ 410 do { \ 411 if (errstr != NULL) \ 412 ASSERT_STRING_EQ(errstr, ""); \ 413 compare_opts(merge_opts, expected); \ 414 CLEANUP(); \ 415 } while (0) 416 417 /* Check a single case of merging of flag options */ 418 #define FLAG_CASE(keybase, label, keyname, keywords, mostly_off, var, val) \ 419 do { \ 420 PREPARE(keybase " " label, keyname, keywords); \ 421 expected = mostly_off ? \ 422 sshauthopt_new() : default_authkey_opts(); \ 423 expected->var = val; \ 424 ASSERT_PTR_NE(expected, NULL); \ 425 CHECK_SUCCESS_AND_CLEANUP(); \ 426 TEST_DONE(); \ 427 } while (0) 428 429 /* 430 * Fairly exhaustive exercise of a flag option. Tests 431 * option both set and clear in certificate, set and clear in 432 * authorized_keys and set and cleared via restrict keyword. 433 */ 434 #define FLAG_TEST(keybase, keyword, var) \ 435 do { \ 436 FLAG_CASE(keybase, "keys:default,yes cert:default,no", \ 437 "no_" keybase, keyword, 0, var, 0); \ 438 FLAG_CASE(keybase,"keys:-*,yes cert:default,no", \ 439 "no_" keybase, "restrict," keyword, 1, var, 0); \ 440 FLAG_CASE(keybase, "keys:default,no cert:default,no", \ 441 "no_" keybase, "no-" keyword, 0, var, 0); \ 442 FLAG_CASE(keybase, "keys:-*,no cert:default,no", \ 443 "no_" keybase, "restrict,no-" keyword, 1, var, 0); \ 444 \ 445 FLAG_CASE(keybase, "keys:default,yes cert:-*,yes", \ 446 "only_" keybase, keyword, 1, var, 1); \ 447 FLAG_CASE(keybase,"keys:-*,yes cert:-*,yes", \ 448 "only_" keybase, "restrict," keyword, 1, var, 1); \ 449 FLAG_CASE(keybase, "keys:default,no cert:-*,yes", \ 450 "only_" keybase, "no-" keyword, 1, var, 0); \ 451 FLAG_CASE(keybase, "keys:-*,no cert:-*,yes", \ 452 "only_" keybase, "restrict,no-" keyword, 1, var, 0); \ 453 \ 454 FLAG_CASE(keybase, "keys:default,yes cert:-*", \ 455 "no_permit", keyword, 1, var, 0); \ 456 FLAG_CASE(keybase,"keys:-*,yes cert:-*", \ 457 "no_permit", "restrict," keyword, 1, var, 0); \ 458 FLAG_CASE(keybase, "keys:default,no cert:-*", \ 459 "no_permit", "no-" keyword, 1, var, 0); \ 460 FLAG_CASE(keybase, "keys:-*,no cert:-*", \ 461 "no_permit", "restrict,no-" keyword, 1, var, 0); \ 462 \ 463 FLAG_CASE(keybase, "keys:default,yes cert:*", \ 464 "all_permit", keyword, 0, var, 1); \ 465 FLAG_CASE(keybase,"keys:-*,yes cert:*", \ 466 "all_permit", "restrict," keyword, 1, var, 1); \ 467 FLAG_CASE(keybase, "keys:default,no cert:*", \ 468 "all_permit", "no-" keyword, 0, var, 0); \ 469 FLAG_CASE(keybase, "keys:-*,no cert:*", \ 470 "all_permit", "restrict,no-" keyword, 1, var, 0); \ 471 \ 472 } while (0) 473 FLAG_TEST("portfwd", "port-forwarding", permit_port_forwarding_flag); 474 FLAG_TEST("agentfwd", "agent-forwarding", permit_agent_forwarding_flag); 475 FLAG_TEST("pty", "pty", permit_pty_flag); 476 FLAG_TEST("user_rc", "user-rc", permit_user_rc); 477 FLAG_TEST("x11fwd", "x11-forwarding", permit_x11_forwarding_flag); 478 #undef FLAG_TEST 479 480 PREPARE("source-address both", "sourceaddr", "from=\"127.0.0.1\""); 481 expected = default_authkey_opts(); 482 expected->required_from_host_cert = strdup("127.0.0.1/32,::1/128"); 483 ASSERT_PTR_NE(expected->required_from_host_cert, NULL); 484 expected->required_from_host_keys = strdup("127.0.0.1"); 485 ASSERT_PTR_NE(expected->required_from_host_keys, NULL); 486 CHECK_SUCCESS_AND_CLEANUP(); 487 TEST_DONE(); 488 489 PREPARE("source-address none", "all_permit", ""); 490 expected = default_authkey_opts(); 491 CHECK_SUCCESS_AND_CLEANUP(); 492 TEST_DONE(); 493 494 PREPARE("source-address keys", "all_permit", "from=\"127.0.0.1\""); 495 expected = default_authkey_opts(); 496 expected->required_from_host_keys = strdup("127.0.0.1"); 497 ASSERT_PTR_NE(expected->required_from_host_keys, NULL); 498 CHECK_SUCCESS_AND_CLEANUP(); 499 TEST_DONE(); 500 501 PREPARE("source-address cert", "sourceaddr", ""); 502 expected = default_authkey_opts(); 503 expected->required_from_host_cert = strdup("127.0.0.1/32,::1/128"); 504 ASSERT_PTR_NE(expected->required_from_host_cert, NULL); 505 CHECK_SUCCESS_AND_CLEANUP(); 506 TEST_DONE(); 507 508 PREPARE("force-command both", "force_command", "command=\"foo\""); 509 expected = default_authkey_opts(); 510 expected->force_command = strdup("foo"); 511 ASSERT_PTR_NE(expected->force_command, NULL); 512 CHECK_SUCCESS_AND_CLEANUP(); 513 TEST_DONE(); 514 515 PREPARE("force-command none", "all_permit", ""); 516 expected = default_authkey_opts(); 517 CHECK_SUCCESS_AND_CLEANUP(); 518 TEST_DONE(); 519 520 PREPARE("force-command keys", "all_permit", "command=\"bar\""); 521 expected = default_authkey_opts(); 522 expected->force_command = strdup("bar"); 523 ASSERT_PTR_NE(expected->force_command, NULL); 524 CHECK_SUCCESS_AND_CLEANUP(); 525 TEST_DONE(); 526 527 PREPARE("force-command cert", "force_command", ""); 528 expected = default_authkey_opts(); 529 expected->force_command = strdup("foo"); 530 ASSERT_PTR_NE(expected->force_command, NULL); 531 CHECK_SUCCESS_AND_CLEANUP(); 532 TEST_DONE(); 533 534 PREPARE("force-command mismatch", "force_command", "command=\"bar\""); 535 ASSERT_PTR_EQ(merge_opts, NULL); 536 CLEANUP(); 537 TEST_DONE(); 538 539 PREPARE("tunnel", "all_permit", "tunnel=\"6\""); 540 expected = default_authkey_opts(); 541 expected->force_tun_device = 6; 542 CHECK_SUCCESS_AND_CLEANUP(); 543 TEST_DONE(); 544 545 PREPARE("permitopen", "all_permit", 546 "permitopen=\"127.0.0.1:*\",permitopen=\"127.0.0.1:123\""); 547 expected = default_authkey_opts(); 548 expected->permitopen = commasplit("127.0.0.1:*,127.0.0.1:123", 549 &expected->npermitopen); 550 CHECK_SUCCESS_AND_CLEANUP(); 551 TEST_DONE(); 552 553 PREPARE("environment", "all_permit", 554 "environment=\"foo=a\",environment=\"bar=b\""); 555 expected = default_authkey_opts(); 556 expected->env = commasplit("foo=a,bar=b", &expected->nenv); 557 CHECK_SUCCESS_AND_CLEANUP(); 558 TEST_DONE(); 559 } 560 561 void 562 tests(void) 563 { 564 extern char *__progname; 565 LogLevel ll = test_is_verbose() ? 566 SYSLOG_LEVEL_DEBUG3 : SYSLOG_LEVEL_QUIET; 567 568 /* test_cert_parse() are a bit spammy to error() by default... */ 569 log_init(__progname, ll, SYSLOG_FACILITY_USER, 1); 570 571 test_authkeys_parse(); 572 test_cert_parse(); 573 test_merge(); 574 } 575