From b298a04f96eda8e2d97e79804e83106696f65542 Mon Sep 17 00:00:00 2001 From: Jakub Jelen Date: Thu, 19 Jun 2025 19:08:34 +0200 Subject: [PATCH] tests: Cleanup OpenSSL in tests when GSSAPI is built also from the fuzzer tests Signed-off-by: Jakub Jelen Reviewed-by: Andreas Schneider (cherry picked from commit 08a32ac38189e1a3b72d003e7844d7e2cb8e1386) --- tests/CMakeLists.txt | 5 +++++ tests/fuzz/CMakeLists.txt | 4 +--- tests/fuzz/fuzzer.c | 10 ++++++++++ tests/torture.c | 16 ++++++++++++---- tests/torture.h | 2 ++ 5 files changed, 30 insertions(+), 7 deletions(-) diff --git a/tests/CMakeLists.txt b/tests/CMakeLists.txt index b9eec6af..0d6aa232 100644 --- a/tests/CMakeLists.txt +++ b/tests/CMakeLists.txt @@ -23,6 +23,11 @@ if (NOT WIN32) ${TORTURE_LINK_LIBRARIES} pthread) endif(NOT WIN32) +if (WITH_GSSAPI AND GSSAPI_FOUND) + set(TORTURE_LINK_LIBRARIES + ${TORTURE_LINK_LIBRARIES} + crypto) +endif (WITH_GSSAPI AND GSSAPI_FOUND) # create test library add_library(${TORTURE_LIBRARY} diff --git a/tests/fuzz/CMakeLists.txt b/tests/fuzz/CMakeLists.txt index 1abc961e..dee39af6 100644 --- a/tests/fuzz/CMakeLists.txt +++ b/tests/fuzz/CMakeLists.txt @@ -2,9 +2,7 @@ project(fuzzing CXX) macro(fuzzer name) add_executable(${name} ${name}.c) - target_link_libraries(${name} - PRIVATE - ssh::static pthread) + target_link_libraries(${name} PRIVATE ${TORTURE_LINK_LIBRARIES}) if (CMAKE_CXX_COMPILER_ID STREQUAL "Clang") set_target_properties(${name} PROPERTIES diff --git a/tests/fuzz/fuzzer.c b/tests/fuzz/fuzzer.c index 4db6a2bc..bd7a9edb 100644 --- a/tests/fuzz/fuzzer.c +++ b/tests/fuzz/fuzzer.c @@ -1,8 +1,14 @@ /* Simpler gnu89 version of StandaloneFuzzTargetMain.c from LLVM */ +#include "config.h" + #include #include #include +#if defined(HAVE_LIBCRYPTO) || defined(WITH_GSSAPI) +/* for OPENSSL_cleanup() of GSSAPI's OpenSSL context */ +#include +#endif int LLVMFuzzerTestOneInput (const unsigned char *data, size_t size); __attribute__((weak)) int LLVMFuzzerInitialize(int *argc, char ***argv); @@ -35,5 +41,9 @@ main (int argc, char **argv) free (buf); printf ("Done!\n"); + +#if defined(HAVE_LIBCRYPTO) || defined(WITH_GSSAPI) + OPENSSL_cleanup(); +#endif return 0; } diff --git a/tests/torture.c b/tests/torture.c index 26cc68e3..6bdd6463 100644 --- a/tests/torture.c +++ b/tests/torture.c @@ -52,6 +52,11 @@ #include #endif +#ifdef WITH_GSSAPI +/* for OPENSSL_cleanup() of GSSAPI's OpenSSL context */ +#include +#endif + #define TORTURE_SSHD_SRV_IPV4 "127.0.0.10" /* socket wrapper IPv6 prefix fd00::5357:5fxx */ #define TORTURE_SSHD_SRV_IPV6 "fd00::5357:5f0a" @@ -1849,18 +1854,21 @@ __attribute__((weak)) int torture_run_tests(void) #endif /* defined(HAVE_WEAK_ATTRIBUTE) && defined(TORTURE_SHARED) */ /** - * Finalize the torture context. No-op except for OpenSSL. + * Finalize the torture context. No-op except for OpenSSL or GSSAPI * * When OpenSSL is built without the at-exit handlers, it won't call the * OPENSSL_cleanup() from destructor or at-exit handler, which means we need to * do it manually in the tests. * * It is never a good idea to call this function from the library context as we - * can not be sure the libssh is really the last one using the OpenSSL + * can not be sure the libssh is really the last one using the OpenSSL. + * + * This needs to be called at the end of the main function or any time before + * any forked process (servers) exits. */ -static void torture_finalize(void) +void torture_finalize(void) { -#ifdef HAVE_LIBCRYPTO +#if defined(HAVE_LIBCRYPTO) || defined(WITH_GSSAPI) OPENSSL_cleanup(); #endif } diff --git a/tests/torture.h b/tests/torture.h index 906c9a9f..aebdb748 100644 --- a/tests/torture.h +++ b/tests/torture.h @@ -178,4 +178,6 @@ int torture_change_dir(char *path); void torture_setenv(char const* variable, char const* value); void torture_unsetenv(char const* variable); +void torture_finalize(void); + #endif /* _TORTURE_H */