aboutsummaryrefslogtreecommitdiff
path: root/modules/crypto/ssh/test
diff options
context:
space:
mode:
Diffstat (limited to 'modules/crypto/ssh/test')
-rwxr-xr-xmodules/crypto/ssh/test/agent_unix_test.go59
-rwxr-xr-xmodules/crypto/ssh/test/cert_test.go47
-rwxr-xr-xmodules/crypto/ssh/test/doc.go7
-rwxr-xr-xmodules/crypto/ssh/test/forward_unix_test.go160
-rwxr-xr-xmodules/crypto/ssh/test/session_test.go340
-rwxr-xr-xmodules/crypto/ssh/test/tcpip_test.go46
-rwxr-xr-xmodules/crypto/ssh/test/test_unix_test.go261
-rwxr-xr-xmodules/crypto/ssh/test/testdata_test.go64
8 files changed, 0 insertions, 984 deletions
diff --git a/modules/crypto/ssh/test/agent_unix_test.go b/modules/crypto/ssh/test/agent_unix_test.go
deleted file mode 100755
index f481253c..00000000
--- a/modules/crypto/ssh/test/agent_unix_test.go
+++ /dev/null
@@ -1,59 +0,0 @@
-// Copyright 2014 The Go Authors. All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-
-// +build darwin dragonfly freebsd linux netbsd openbsd
-
-package test
-
-import (
- "bytes"
- "testing"
-
- "golang.org/x/crypto/ssh"
- "golang.org/x/crypto/ssh/agent"
-)
-
-func TestAgentForward(t *testing.T) {
- server := newServer(t)
- defer server.Shutdown()
- conn := server.Dial(clientConfig())
- defer conn.Close()
-
- keyring := agent.NewKeyring()
- if err := keyring.Add(agent.AddedKey{PrivateKey: testPrivateKeys["dsa"]}); err != nil {
- t.Fatalf("Error adding key: %s", err)
- }
- if err := keyring.Add(agent.AddedKey{
- PrivateKey: testPrivateKeys["dsa"],
- ConfirmBeforeUse: true,
- LifetimeSecs: 3600,
- }); err != nil {
- t.Fatalf("Error adding key with constraints: %s", err)
- }
- pub := testPublicKeys["dsa"]
-
- sess, err := conn.NewSession()
- if err != nil {
- t.Fatalf("NewSession: %v", err)
- }
- if err := agent.RequestAgentForwarding(sess); err != nil {
- t.Fatalf("RequestAgentForwarding: %v", err)
- }
-
- if err := agent.ForwardToAgent(conn, keyring); err != nil {
- t.Fatalf("SetupForwardKeyring: %v", err)
- }
- out, err := sess.CombinedOutput("ssh-add -L")
- if err != nil {
- t.Fatalf("running ssh-add: %v, out %s", err, out)
- }
- key, _, _, _, err := ssh.ParseAuthorizedKey(out)
- if err != nil {
- t.Fatalf("ParseAuthorizedKey(%q): %v", out, err)
- }
-
- if !bytes.Equal(key.Marshal(), pub.Marshal()) {
- t.Fatalf("got key %s, want %s", ssh.MarshalAuthorizedKey(key), ssh.MarshalAuthorizedKey(pub))
- }
-}
diff --git a/modules/crypto/ssh/test/cert_test.go b/modules/crypto/ssh/test/cert_test.go
deleted file mode 100755
index 364790f1..00000000
--- a/modules/crypto/ssh/test/cert_test.go
+++ /dev/null
@@ -1,47 +0,0 @@
-// Copyright 2014 The Go Authors. All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-
-// +build darwin dragonfly freebsd linux netbsd openbsd
-
-package test
-
-import (
- "crypto/rand"
- "testing"
-
- "golang.org/x/crypto/ssh"
-)
-
-func TestCertLogin(t *testing.T) {
- s := newServer(t)
- defer s.Shutdown()
-
- // Use a key different from the default.
- clientKey := testSigners["dsa"]
- caAuthKey := testSigners["ecdsa"]
- cert := &ssh.Certificate{
- Key: clientKey.PublicKey(),
- ValidPrincipals: []string{username()},
- CertType: ssh.UserCert,
- ValidBefore: ssh.CertTimeInfinity,
- }
- if err := cert.SignCert(rand.Reader, caAuthKey); err != nil {
- t.Fatalf("SetSignature: %v", err)
- }
-
- certSigner, err := ssh.NewCertSigner(cert, clientKey)
- if err != nil {
- t.Fatalf("NewCertSigner: %v", err)
- }
-
- conf := &ssh.ClientConfig{
- User: username(),
- }
- conf.Auth = append(conf.Auth, ssh.PublicKeys(certSigner))
- client, err := s.TryDial(conf)
- if err != nil {
- t.Fatalf("TryDial: %v", err)
- }
- client.Close()
-}
diff --git a/modules/crypto/ssh/test/doc.go b/modules/crypto/ssh/test/doc.go
deleted file mode 100755
index 29ad65e9..00000000
--- a/modules/crypto/ssh/test/doc.go
+++ /dev/null
@@ -1,7 +0,0 @@
-// Copyright 2012 The Go Authors. All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-
-// This package contains integration tests for the
-// golang.org/x/crypto/ssh package.
-package test
diff --git a/modules/crypto/ssh/test/forward_unix_test.go b/modules/crypto/ssh/test/forward_unix_test.go
deleted file mode 100755
index 877a88cd..00000000
--- a/modules/crypto/ssh/test/forward_unix_test.go
+++ /dev/null
@@ -1,160 +0,0 @@
-// Copyright 2012 The Go Authors. All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-
-// +build darwin dragonfly freebsd linux netbsd openbsd
-
-package test
-
-import (
- "bytes"
- "io"
- "io/ioutil"
- "math/rand"
- "net"
- "testing"
- "time"
-)
-
-func TestPortForward(t *testing.T) {
- server := newServer(t)
- defer server.Shutdown()
- conn := server.Dial(clientConfig())
- defer conn.Close()
-
- sshListener, err := conn.Listen("tcp", "localhost:0")
- if err != nil {
- t.Fatal(err)
- }
-
- go func() {
- sshConn, err := sshListener.Accept()
- if err != nil {
- t.Fatalf("listen.Accept failed: %v", err)
- }
-
- _, err = io.Copy(sshConn, sshConn)
- if err != nil && err != io.EOF {
- t.Fatalf("ssh client copy: %v", err)
- }
- sshConn.Close()
- }()
-
- forwardedAddr := sshListener.Addr().String()
- tcpConn, err := net.Dial("tcp", forwardedAddr)
- if err != nil {
- t.Fatalf("TCP dial failed: %v", err)
- }
-
- readChan := make(chan []byte)
- go func() {
- data, _ := ioutil.ReadAll(tcpConn)
- readChan <- data
- }()
-
- // Invent some data.
- data := make([]byte, 100*1000)
- for i := range data {
- data[i] = byte(i % 255)
- }
-
- var sent []byte
- for len(sent) < 1000*1000 {
- // Send random sized chunks
- m := rand.Intn(len(data))
- n, err := tcpConn.Write(data[:m])
- if err != nil {
- break
- }
- sent = append(sent, data[:n]...)
- }
- if err := tcpConn.(*net.TCPConn).CloseWrite(); err != nil {
- t.Errorf("tcpConn.CloseWrite: %v", err)
- }
-
- read := <-readChan
-
- if len(sent) != len(read) {
- t.Fatalf("got %d bytes, want %d", len(read), len(sent))
- }
- if bytes.Compare(sent, read) != 0 {
- t.Fatalf("read back data does not match")
- }
-
- if err := sshListener.Close(); err != nil {
- t.Fatalf("sshListener.Close: %v", err)
- }
-
- // Check that the forward disappeared.
- tcpConn, err = net.Dial("tcp", forwardedAddr)
- if err == nil {
- tcpConn.Close()
- t.Errorf("still listening to %s after closing", forwardedAddr)
- }
-}
-
-func TestAcceptClose(t *testing.T) {
- server := newServer(t)
- defer server.Shutdown()
- conn := server.Dial(clientConfig())
-
- sshListener, err := conn.Listen("tcp", "localhost:0")
- if err != nil {
- t.Fatal(err)
- }
-
- quit := make(chan error, 1)
- go func() {
- for {
- c, err := sshListener.Accept()
- if err != nil {
- quit <- err
- break
- }
- c.Close()
- }
- }()
- sshListener.Close()
-
- select {
- case <-time.After(1 * time.Second):
- t.Errorf("timeout: listener did not close.")
- case err := <-quit:
- t.Logf("quit as expected (error %v)", err)
- }
-}
-
-// Check that listeners exit if the underlying client transport dies.
-func TestPortForwardConnectionClose(t *testing.T) {
- server := newServer(t)
- defer server.Shutdown()
- conn := server.Dial(clientConfig())
-
- sshListener, err := conn.Listen("tcp", "localhost:0")
- if err != nil {
- t.Fatal(err)
- }
-
- quit := make(chan error, 1)
- go func() {
- for {
- c, err := sshListener.Accept()
- if err != nil {
- quit <- err
- break
- }
- c.Close()
- }
- }()
-
- // It would be even nicer if we closed the server side, but it
- // is more involved as the fd for that side is dup()ed.
- server.clientConn.Close()
-
- select {
- case <-time.After(1 * time.Second):
- t.Errorf("timeout: listener did not close.")
- case err := <-quit:
- t.Logf("quit as expected (error %v)", err)
- }
-}
diff --git a/modules/crypto/ssh/test/session_test.go b/modules/crypto/ssh/test/session_test.go
deleted file mode 100755
index c0e714ba..00000000
--- a/modules/crypto/ssh/test/session_test.go
+++ /dev/null
@@ -1,340 +0,0 @@
-// Copyright 2012 The Go Authors. All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-
-// +build !windows
-
-package test
-
-// Session functional tests.
-
-import (
- "bytes"
- "errors"
- "io"
- "strings"
- "testing"
-
- "golang.org/x/crypto/ssh"
-)
-
-func TestRunCommandSuccess(t *testing.T) {
- server := newServer(t)
- defer server.Shutdown()
- conn := server.Dial(clientConfig())
- defer conn.Close()
-
- session, err := conn.NewSession()
- if err != nil {
- t.Fatalf("session failed: %v", err)
- }
- defer session.Close()
- err = session.Run("true")
- if err != nil {
- t.Fatalf("session failed: %v", err)
- }
-}
-
-func TestHostKeyCheck(t *testing.T) {
- server := newServer(t)
- defer server.Shutdown()
-
- conf := clientConfig()
- hostDB := hostKeyDB()
- conf.HostKeyCallback = hostDB.Check
-
- // change the keys.
- hostDB.keys[ssh.KeyAlgoRSA][25]++
- hostDB.keys[ssh.KeyAlgoDSA][25]++
- hostDB.keys[ssh.KeyAlgoECDSA256][25]++
-
- conn, err := server.TryDial(conf)
- if err == nil {
- conn.Close()
- t.Fatalf("dial should have failed.")
- } else if !strings.Contains(err.Error(), "host key mismatch") {
- t.Fatalf("'host key mismatch' not found in %v", err)
- }
-}
-
-func TestRunCommandStdin(t *testing.T) {
- server := newServer(t)
- defer server.Shutdown()
- conn := server.Dial(clientConfig())
- defer conn.Close()
-
- session, err := conn.NewSession()
- if err != nil {
- t.Fatalf("session failed: %v", err)
- }
- defer session.Close()
-
- r, w := io.Pipe()
- defer r.Close()
- defer w.Close()
- session.Stdin = r
-
- err = session.Run("true")
- if err != nil {
- t.Fatalf("session failed: %v", err)
- }
-}
-
-func TestRunCommandStdinError(t *testing.T) {
- server := newServer(t)
- defer server.Shutdown()
- conn := server.Dial(clientConfig())
- defer conn.Close()
-
- session, err := conn.NewSession()
- if err != nil {
- t.Fatalf("session failed: %v", err)
- }
- defer session.Close()
-
- r, w := io.Pipe()
- defer r.Close()
- session.Stdin = r
- pipeErr := errors.New("closing write end of pipe")
- w.CloseWithError(pipeErr)
-
- err = session.Run("true")
- if err != pipeErr {
- t.Fatalf("expected %v, found %v", pipeErr, err)
- }
-}
-
-func TestRunCommandFailed(t *testing.T) {
- server := newServer(t)
- defer server.Shutdown()
- conn := server.Dial(clientConfig())
- defer conn.Close()
-
- session, err := conn.NewSession()
- if err != nil {
- t.Fatalf("session failed: %v", err)
- }
- defer session.Close()
- err = session.Run(`bash -c "kill -9 $$"`)
- if err == nil {
- t.Fatalf("session succeeded: %v", err)
- }
-}
-
-func TestRunCommandWeClosed(t *testing.T) {
- server := newServer(t)
- defer server.Shutdown()
- conn := server.Dial(clientConfig())
- defer conn.Close()
-
- session, err := conn.NewSession()
- if err != nil {
- t.Fatalf("session failed: %v", err)
- }
- err = session.Shell()
- if err != nil {
- t.Fatalf("shell failed: %v", err)
- }
- err = session.Close()
- if err != nil {
- t.Fatalf("shell failed: %v", err)
- }
-}
-
-func TestFuncLargeRead(t *testing.T) {
- server := newServer(t)
- defer server.Shutdown()
- conn := server.Dial(clientConfig())
- defer conn.Close()
-
- session, err := conn.NewSession()
- if err != nil {
- t.Fatalf("unable to create new session: %s", err)
- }
-
- stdout, err := session.StdoutPipe()
- if err != nil {
- t.Fatalf("unable to acquire stdout pipe: %s", err)
- }
-
- err = session.Start("dd if=/dev/urandom bs=2048 count=1024")
- if err != nil {
- t.Fatalf("unable to execute remote command: %s", err)
- }
-
- buf := new(bytes.Buffer)
- n, err := io.Copy(buf, stdout)
- if err != nil {
- t.Fatalf("error reading from remote stdout: %s", err)
- }
-
- if n != 2048*1024 {
- t.Fatalf("Expected %d bytes but read only %d from remote command", 2048, n)
- }
-}
-
-func TestKeyChange(t *testing.T) {
- server := newServer(t)
- defer server.Shutdown()
- conf := clientConfig()
- hostDB := hostKeyDB()
- conf.HostKeyCallback = hostDB.Check
- conf.RekeyThreshold = 1024
- conn := server.Dial(conf)
- defer conn.Close()
-
- for i := 0; i < 4; i++ {
- session, err := conn.NewSession()
- if err != nil {
- t.Fatalf("unable to create new session: %s", err)
- }
-
- stdout, err := session.StdoutPipe()
- if err != nil {
- t.Fatalf("unable to acquire stdout pipe: %s", err)
- }
-
- err = session.Start("dd if=/dev/urandom bs=1024 count=1")
- if err != nil {
- t.Fatalf("unable to execute remote command: %s", err)
- }
- buf := new(bytes.Buffer)
- n, err := io.Copy(buf, stdout)
- if err != nil {
- t.Fatalf("error reading from remote stdout: %s", err)
- }
-
- want := int64(1024)
- if n != want {
- t.Fatalf("Expected %d bytes but read only %d from remote command", want, n)
- }
- }
-
- if changes := hostDB.checkCount; changes < 4 {
- t.Errorf("got %d key changes, want 4", changes)
- }
-}
-
-func TestInvalidTerminalMode(t *testing.T) {
- server := newServer(t)
- defer server.Shutdown()
- conn := server.Dial(clientConfig())
- defer conn.Close()
-
- session, err := conn.NewSession()
- if err != nil {
- t.Fatalf("session failed: %v", err)
- }
- defer session.Close()
-
- if err = session.RequestPty("vt100", 80, 40, ssh.TerminalModes{255: 1984}); err == nil {
- t.Fatalf("req-pty failed: successful request with invalid mode")
- }
-}
-
-func TestValidTerminalMode(t *testing.T) {
- server := newServer(t)
- defer server.Shutdown()
- conn := server.Dial(clientConfig())
- defer conn.Close()
-
- session, err := conn.NewSession()
- if err != nil {
- t.Fatalf("session failed: %v", err)
- }
- defer session.Close()
-
- stdout, err := session.StdoutPipe()
- if err != nil {
- t.Fatalf("unable to acquire stdout pipe: %s", err)
- }
-
- stdin, err := session.StdinPipe()
- if err != nil {
- t.Fatalf("unable to acquire stdin pipe: %s", err)
- }
-
- tm := ssh.TerminalModes{ssh.ECHO: 0}
- if err = session.RequestPty("xterm", 80, 40, tm); err != nil {
- t.Fatalf("req-pty failed: %s", err)
- }
-
- err = session.Shell()
- if err != nil {
- t.Fatalf("session failed: %s", err)
- }
-
- stdin.Write([]byte("stty -a && exit\n"))
-
- var buf bytes.Buffer
- if _, err := io.Copy(&buf, stdout); err != nil {
- t.Fatalf("reading failed: %s", err)
- }
-
- if sttyOutput := buf.String(); !strings.Contains(sttyOutput, "-echo ") {
- t.Fatalf("terminal mode failure: expected -echo in stty output, got %s", sttyOutput)
- }
-}
-
-func TestCiphers(t *testing.T) {
- var config ssh.Config
- config.SetDefaults()
- cipherOrder := config.Ciphers
- // This cipher will not be tested when commented out in cipher.go it will
- // fallback to the next available as per line 292.
- cipherOrder = append(cipherOrder, "aes128-cbc")
-
- for _, ciph := range cipherOrder {
- server := newServer(t)
- defer server.Shutdown()
- conf := clientConfig()
- conf.Ciphers = []string{ciph}
- // Don't fail if sshd doesnt have the cipher.
- conf.Ciphers = append(conf.Ciphers, cipherOrder...)
- conn, err := server.TryDial(conf)
- if err == nil {
- conn.Close()
- } else {
- t.Fatalf("failed for cipher %q", ciph)
- }
- }
-}
-
-func TestMACs(t *testing.T) {
- var config ssh.Config
- config.SetDefaults()
- macOrder := config.MACs
-
- for _, mac := range macOrder {
- server := newServer(t)
- defer server.Shutdown()
- conf := clientConfig()
- conf.MACs = []string{mac}
- // Don't fail if sshd doesnt have the MAC.
- conf.MACs = append(conf.MACs, macOrder...)
- if conn, err := server.TryDial(conf); err == nil {
- conn.Close()
- } else {
- t.Fatalf("failed for MAC %q", mac)
- }
- }
-}
-
-func TestKeyExchanges(t *testing.T) {
- var config ssh.Config
- config.SetDefaults()
- kexOrder := config.KeyExchanges
- for _, kex := range kexOrder {
- server := newServer(t)
- defer server.Shutdown()
- conf := clientConfig()
- // Don't fail if sshd doesnt have the kex.
- conf.KeyExchanges = append([]string{kex}, kexOrder...)
- conn, err := server.TryDial(conf)
- if err == nil {
- conn.Close()
- } else {
- t.Errorf("failed for kex %q", kex)
- }
- }
-}
diff --git a/modules/crypto/ssh/test/tcpip_test.go b/modules/crypto/ssh/test/tcpip_test.go
deleted file mode 100755
index a2eb9358..00000000
--- a/modules/crypto/ssh/test/tcpip_test.go
+++ /dev/null
@@ -1,46 +0,0 @@
-// Copyright 2012 The Go Authors. All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-
-// +build !windows
-
-package test
-
-// direct-tcpip functional tests
-
-import (
- "io"
- "net"
- "testing"
-)
-
-func TestDial(t *testing.T) {
- server := newServer(t)
- defer server.Shutdown()
- sshConn := server.Dial(clientConfig())
- defer sshConn.Close()
-
- l, err := net.Listen("tcp", "127.0.0.1:0")
- if err != nil {
- t.Fatalf("Listen: %v", err)
- }
- defer l.Close()
-
- go func() {
- for {
- c, err := l.Accept()
- if err != nil {
- break
- }
-
- io.WriteString(c, c.RemoteAddr().String())
- c.Close()
- }
- }()
-
- conn, err := sshConn.Dial("tcp", l.Addr().String())
- if err != nil {
- t.Fatalf("Dial: %v", err)
- }
- defer conn.Close()
-}
diff --git a/modules/crypto/ssh/test/test_unix_test.go b/modules/crypto/ssh/test/test_unix_test.go
deleted file mode 100755
index f1fc50b2..00000000
--- a/modules/crypto/ssh/test/test_unix_test.go
+++ /dev/null
@@ -1,261 +0,0 @@
-// Copyright 2012 The Go Authors. All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-
-// +build darwin dragonfly freebsd linux netbsd openbsd plan9
-
-package test
-
-// functional test harness for unix.
-
-import (
- "bytes"
- "fmt"
- "io/ioutil"
- "log"
- "net"
- "os"
- "os/exec"
- "os/user"
- "path/filepath"
- "testing"
- "text/template"
-
- "golang.org/x/crypto/ssh"
- "golang.org/x/crypto/ssh/testdata"
-)
-
-const sshd_config = `
-Protocol 2
-HostKey {{.Dir}}/id_rsa
-HostKey {{.Dir}}/id_dsa
-HostKey {{.Dir}}/id_ecdsa
-Pidfile {{.Dir}}/sshd.pid
-#UsePrivilegeSeparation no
-KeyRegenerationInterval 3600
-ServerKeyBits 768
-SyslogFacility AUTH
-LogLevel DEBUG2
-LoginGraceTime 120
-PermitRootLogin no
-StrictModes no
-RSAAuthentication yes
-PubkeyAuthentication yes
-AuthorizedKeysFile {{.Dir}}/id_user.pub
-TrustedUserCAKeys {{.Dir}}/id_ecdsa.pub
-IgnoreRhosts yes
-RhostsRSAAuthentication no
-HostbasedAuthentication no
-`
-
-var configTmpl = template.Must(template.New("").Parse(sshd_config))
-
-type server struct {
- t *testing.T
- cleanup func() // executed during Shutdown
- configfile string
- cmd *exec.Cmd
- output bytes.Buffer // holds stderr from sshd process
-
- // Client half of the network connection.
- clientConn net.Conn
-}
-
-func username() string {
- var username string
- if user, err := user.Current(); err == nil {
- username = user.Username
- } else {
- // user.Current() currently requires cgo. If an error is
- // returned attempt to get the username from the environment.
- log.Printf("user.Current: %v; falling back on $USER", err)
- username = os.Getenv("USER")
- }
- if username == "" {
- panic("Unable to get username")
- }
- return username
-}
-
-type storedHostKey struct {
- // keys map from an algorithm string to binary key data.
- keys map[string][]byte
-
- // checkCount counts the Check calls. Used for testing
- // rekeying.
- checkCount int
-}
-
-func (k *storedHostKey) Add(key ssh.PublicKey) {
- if k.keys == nil {
- k.keys = map[string][]byte{}
- }
- k.keys[key.Type()] = key.Marshal()
-}
-
-func (k *storedHostKey) Check(addr string, remote net.Addr, key ssh.PublicKey) error {
- k.checkCount++
- algo := key.Type()
-
- if k.keys == nil || bytes.Compare(key.Marshal(), k.keys[algo]) != 0 {
- return fmt.Errorf("host key mismatch. Got %q, want %q", key, k.keys[algo])
- }
- return nil
-}
-
-func hostKeyDB() *storedHostKey {
- keyChecker := &storedHostKey{}
- keyChecker.Add(testPublicKeys["ecdsa"])
- keyChecker.Add(testPublicKeys["rsa"])
- keyChecker.Add(testPublicKeys["dsa"])
- return keyChecker
-}
-
-func clientConfig() *ssh.ClientConfig {
- config := &ssh.ClientConfig{
- User: username(),
- Auth: []ssh.AuthMethod{
- ssh.PublicKeys(testSigners["user"]),
- },
- HostKeyCallback: hostKeyDB().Check,
- }
- return config
-}
-
-// unixConnection creates two halves of a connected net.UnixConn. It
-// is used for connecting the Go SSH client with sshd without opening
-// ports.
-func unixConnection() (*net.UnixConn, *net.UnixConn, error) {
- dir, err := ioutil.TempDir("", "unixConnection")
- if err != nil {
- return nil, nil, err
- }
- defer os.Remove(dir)
-
- addr := filepath.Join(dir, "ssh")
- listener, err := net.Listen("unix", addr)
- if err != nil {
- return nil, nil, err
- }
- defer listener.Close()
- c1, err := net.Dial("unix", addr)
- if err != nil {
- return nil, nil, err
- }
-
- c2, err := listener.Accept()
- if err != nil {
- c1.Close()
- return nil, nil, err
- }
-
- return c1.(*net.UnixConn), c2.(*net.UnixConn), nil
-}
-
-func (s *server) TryDial(config *ssh.ClientConfig) (*ssh.Client, error) {
- sshd, err := exec.LookPath("sshd")
- if err != nil {
- s.t.Skipf("skipping test: %v", err)
- }
-
- c1, c2, err := unixConnection()
- if err != nil {
- s.t.Fatalf("unixConnection: %v", err)
- }
-
- s.cmd = exec.Command(sshd, "-f", s.configfile, "-i", "-e")
- f, err := c2.File()
- if err != nil {
- s.t.Fatalf("UnixConn.File: %v", err)
- }
- defer f.Close()
- s.cmd.Stdin = f
- s.cmd.Stdout = f
- s.cmd.Stderr = &s.output
- if err := s.cmd.Start(); err != nil {
- s.t.Fail()
- s.Shutdown()
- s.t.Fatalf("s.cmd.Start: %v", err)
- }
- s.clientConn = c1
- conn, chans, reqs, err := ssh.NewClientConn(c1, "", config)
- if err != nil {
- return nil, err
- }
- return ssh.NewClient(conn, chans, reqs), nil
-}
-
-func (s *server) Dial(config *ssh.ClientConfig) *ssh.Client {
- conn, err := s.TryDial(config)
- if err != nil {
- s.t.Fail()
- s.Shutdown()
- s.t.Fatalf("ssh.Client: %v", err)
- }
- return conn
-}
-
-func (s *server) Shutdown() {
- if s.cmd != nil && s.cmd.Process != nil {
- // Don't check for errors; if it fails it's most
- // likely "os: process already finished", and we don't
- // care about that. Use os.Interrupt, so child
- // processes are killed too.
- s.cmd.Process.Signal(os.Interrupt)
- s.cmd.Wait()
- }
- if s.t.Failed() {
- // log any output from sshd process
- s.t.Logf("sshd: %s", s.output.String())
- }
- s.cleanup()
-}
-
-func writeFile(path string, contents []byte) {
- f, err := os.OpenFile(path, os.O_WRONLY|os.O_TRUNC|os.O_CREATE, 0600)
- if err != nil {
- panic(err)
- }
- defer f.Close()
- if _, err := f.Write(contents); err != nil {
- panic(err)
- }
-}
-
-// newServer returns a new mock ssh server.
-func newServer(t *testing.T) *server {
- if testing.Short() {
- t.Skip("skipping test due to -short")
- }
- dir, err := ioutil.TempDir("", "sshtest")
- if err != nil {
- t.Fatal(err)
- }
- f, err := os.Create(filepath.Join(dir, "sshd_config"))
- if err != nil {
- t.Fatal(err)
- }
- err = configTmpl.Execute(f, map[string]string{
- "Dir": dir,
- })
- if err != nil {
- t.Fatal(err)
- }
- f.Close()
-
- for k, v := range testdata.PEMBytes {
- filename := "id_" + k
- writeFile(filepath.Join(dir, filename), v)
- writeFile(filepath.Join(dir, filename+".pub"), ssh.MarshalAuthorizedKey(testPublicKeys[k]))
- }
-
- return &server{
- t: t,
- configfile: f.Name(),
- cleanup: func() {
- if err := os.RemoveAll(dir); err != nil {
- t.Error(err)
- }
- },
- }
-}
diff --git a/modules/crypto/ssh/test/testdata_test.go b/modules/crypto/ssh/test/testdata_test.go
deleted file mode 100755
index ae48c751..00000000
--- a/modules/crypto/ssh/test/testdata_test.go
+++ /dev/null
@@ -1,64 +0,0 @@
-// Copyright 2014 The Go Authors. All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-
-// IMPLEMENTOR NOTE: To avoid a package loop, this file is in three places:
-// ssh/, ssh/agent, and ssh/test/. It should be kept in sync across all three
-// instances.
-
-package test
-
-import (
- "crypto/rand"
- "fmt"
-
- "golang.org/x/crypto/ssh"
- "golang.org/x/crypto/ssh/testdata"
-)
-
-var (
- testPrivateKeys map[string]interface{}
- testSigners map[string]ssh.Signer
- testPublicKeys map[string]ssh.PublicKey
-)
-
-func init() {
- var err error
-
- n := len(testdata.PEMBytes)
- testPrivateKeys = make(map[string]interface{}, n)
- testSigners = make(map[string]ssh.Signer, n)
- testPublicKeys = make(map[string]ssh.PublicKey, n)
- for t, k := range testdata.PEMBytes {
- testPrivateKeys[t], err = ssh.ParseRawPrivateKey(k)
- if err != nil {
- panic(fmt.Sprintf("Unable to parse test key %s: %v", t, err))
- }
- testSigners[t], err = ssh.NewSignerFromKey(testPrivateKeys[t])
- if err != nil {
- panic(fmt.Sprintf("Unable to create signer for test key %s: %v", t, err))
- }
- testPublicKeys[t] = testSigners[t].PublicKey()
- }
-
- // Create a cert and sign it for use in tests.
- testCert := &ssh.Certificate{
- Nonce: []byte{}, // To pass reflect.DeepEqual after marshal & parse, this must be non-nil
- ValidPrincipals: []string{"gopher1", "gopher2"}, // increases test coverage
- ValidAfter: 0, // unix epoch
- ValidBefore: ssh.CertTimeInfinity, // The end of currently representable time.
- Reserved: []byte{}, // To pass reflect.DeepEqual after marshal & parse, this must be non-nil
- Key: testPublicKeys["ecdsa"],
- SignatureKey: testPublicKeys["rsa"],
- Permissions: ssh.Permissions{
- CriticalOptions: map[string]string{},
- Extensions: map[string]string{},
- },
- }
- testCert.SignCert(rand.Reader, testSigners["rsa"])
- testPrivateKeys["cert"] = testPrivateKeys["ecdsa"]
- testSigners["cert"], err = ssh.NewCertSigner(testCert, testSigners["ecdsa"])
- if err != nil {
- panic(fmt.Sprintf("Unable to create certificate signer: %v", err))
- }
-}
Powered by cgit, Themed by Ted Yin.