صفحهٔ اصلی گشت‌و‌گذار راهنما
ثبت نام ورود
packages
/
crypto
0
0
انشعاب 0
پرونده‌ها مشکلات 0 درخواست واکشی 0 ویکی
درخت: 934c14ffe9
شاخه‌ها تگ‌ها
crypto
/
ssh
/
test
/
test_unix_test.go

test_unix_test.go 6.1 KB
تاريخچه خام

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284 
  1. // Copyright 2012 The Go Authors. All rights reserved.
    2. 

  2. // Use of this source code is governed by a BSD-style
    3. 

  3. // license that can be found in the LICENSE file.
    4. 

  4. 

  5. // +build darwin freebsd linux netbsd openbsd
    6. 

  6. 

  7. package test
    8. 

  8. 

  9. // functional test harness for unix.
    10. 

  10. 

  11. import (
    12. 

  12. 	"bytes"
    13. 

  13. 	"fmt"
    14. 

  14. 	"io"
    15. 

  15. 	"io/ioutil"
    16. 

  16. 	"log"
    17. 

  17. 	"net"
    18. 

  18. 	"os"
    19. 

  19. 	"os/exec"
    20. 

  20. 	"os/user"
    21. 

  21. 	"path/filepath"
    22. 

  22. 	"testing"
    23. 

  23. 	"text/template"
    24. 

  24. 

  25. 	"code.google.com/p/go.crypto/ssh"
    26. 

  26. )
    27. 

  27. 

  28. const sshd_config = `
    29. 

  29. Protocol 2
    30. 

  30. HostKey {{.Dir}}/ssh_host_rsa_key
    31. 

  31. HostKey {{.Dir}}/ssh_host_dsa_key
    32. 

  32. HostKey {{.Dir}}/ssh_host_ecdsa_key
    33. 

  33. Pidfile {{.Dir}}/sshd.pid
    34. 

  34. #UsePrivilegeSeparation no
    35. 

  35. KeyRegenerationInterval 3600
    36. 

  36. ServerKeyBits 768
    37. 

  37. SyslogFacility AUTH
    38. 

  38. LogLevel DEBUG2
    39. 

  39. LoginGraceTime 120
    40. 

  40. PermitRootLogin no
    41. 

  41. StrictModes no
    42. 

  42. RSAAuthentication yes
    43. 

  43. PubkeyAuthentication yes
    44. 

  44. AuthorizedKeysFile	{{.Dir}}/authorized_keys
    45. 

  45. IgnoreRhosts yes
    46. 

  46. RhostsRSAAuthentication no
    47. 

  47. HostbasedAuthentication no
    48. 

  48. `
    49. 

  49. 

  50. var (
    51. 

  51. 	configTmpl template.Template
    52. 

  52. 	privateKey ssh.Signer
    53. 

  53. 	hostKey    ssh.Signer
    54. 

  54. )
    55. 

  55. 

  56. func init() {
    57. 

  57. 	template.Must(configTmpl.Parse(sshd_config))
    58. 

  58. 

  59. 	var err error
    60. 

  60. 	hostKey, err = ssh.ParsePrivateKey([]byte(keys["ssh_host_rsa_key"]))
    61. 

  61. 	if err != nil {
    62. 

  62. 		panic("ParsePrivateKey: " + err.Error())
    63. 

  63. 	}
    64. 

  64. 	privateKey, err = ssh.ParsePrivateKey([]byte(testClientPrivateKey))
    65. 

  65. 	if err != nil {
    66. 

  66. 		panic("ParsePrivateKey: " + err.Error())
    67. 

  67. 	}
    68. 

  68. }
    69. 

  69. 

  70. type server struct {
    71. 

  71. 	t          *testing.T
    72. 

  72. 	cleanup    func() // executed during Shutdown
    73. 

  73. 	configfile string
    74. 

  74. 	cmd        *exec.Cmd
    75. 

  75. 	output     bytes.Buffer // holds stderr from sshd process
    76. 

  76. 

  77. 	// Client half of the network connection.
    78. 

  78. 	clientConn net.Conn
    79. 

  79. }
    80. 

  80. 

  81. func username() string {
    82. 

  82. 	var username string
    83. 

  83. 	if user, err := user.Current(); err == nil {
    84. 

  84. 		username = user.Username
    85. 

  85. 	} else {
    86. 

  86. 		// user.Current() currently requires cgo. If an error is
    87. 

  87. 		// returned attempt to get the username from the environment.
    88. 

  88. 		log.Printf("user.Current: %v; falling back on $USER", err)
    89. 

  89. 		username = os.Getenv("USER")
    90. 

  90. 	}
    91. 

  91. 	if username == "" {
    92. 

  92. 		panic("Unable to get username")
    93. 

  93. 	}
    94. 

  94. 	return username
    95. 

  95. }
    96. 

  96. 

  97. type storedHostKey struct {
    98. 

  98. 	// keys map from an algorithm string to binary key data.
    99. 

  99. 	keys map[string][]byte
    100. 

  100. }
    101. 

  101. 

  102. func (k *storedHostKey) Add(key ssh.PublicKey) {
    103. 

  103. 	if k.keys == nil {
    104. 

  104. 		k.keys = map[string][]byte{}
    105. 

  105. 	}
    106. 

  106. 	k.keys[key.PublicKeyAlgo()] = append([]byte(nil), ssh.MarshalPublicKey(key)...)
    107. 

  107. }
    108. 

  108. 

  109. func (k *storedHostKey) Check(addr string, remote net.Addr, algo string, key []byte) error {
    110. 

  110. 	if k.keys == nil || bytes.Compare(key, k.keys[algo]) != 0 {
    111. 

  111. 		return fmt.Errorf("host key mismatch. Got %q, want %q", key, k.keys[algo])
    112. 

  112. 	}
    113. 

  113. 	return nil
    114. 

  114. }
    115. 

  115. 

  116. func clientConfig() *ssh.ClientConfig {
    117. 

  117. 	keyChecker := storedHostKey{}
    118. 

  118. 	keyChecker.Add(hostKey.PublicKey())
    119. 

  119. 

  120. 	kc := new(keychain)
    121. 

  121. 	kc.keys = append(kc.keys, privateKey)
    122. 

  122. 	config := &ssh.ClientConfig{
    123. 

  123. 		User: username(),
    124. 

  124. 		Auth: []ssh.ClientAuth{
    125. 

  125. 			ssh.ClientAuthKeyring(kc),
    126. 

  126. 		},
    127. 

  127. 		HostKeyChecker: &keyChecker,
    128. 

  128. 	}
    129. 

  129. 	return config
    130. 

  130. }
    131. 

  131. 

  132. // unixConnection creates two halves of a connected net.UnixConn.  It
    133. 

  133. // is used for connecting the Go SSH client with sshd without opening
    134. 

  134. // ports.
    135. 

  135. func unixConnection() (*net.UnixConn, *net.UnixConn, error) {
    136. 

  136. 	dir, err := ioutil.TempDir("", "unixConnection")
    137. 

  137. 	if err != nil {
    138. 

  138. 		return nil, nil, err
    139. 

  139. 	}
    140. 

  140. 	defer os.Remove(dir)
    141. 

  141. 

  142. 	addr := filepath.Join(dir, "ssh")
    143. 

  143. 	listener, err := net.Listen("unix", addr)
    144. 

  144. 	if err != nil {
    145. 

  145. 		return nil, nil, err
    146. 

  146. 	}
    147. 

  147. 	defer listener.Close()
    148. 

  148. 	c1, err := net.Dial("unix", addr)
    149. 

  149. 	if err != nil {
    150. 

  150. 		return nil, nil, err
    151. 

  151. 	}
    152. 

  152. 

  153. 	c2, err := listener.Accept()
    154. 

  154. 	if err != nil {
    155. 

  155. 		c1.Close()
    156. 

  156. 		return nil, nil, err
    157. 

  157. 	}
    158. 

  158. 

  159. 	return c1.(*net.UnixConn), c2.(*net.UnixConn), nil
    160. 

  160. }
    161. 

  161. 

  162. func (s *server) TryDial(config *ssh.ClientConfig) (*ssh.ClientConn, error) {
    163. 

  163. 	sshd, err := exec.LookPath("sshd")
    164. 

  164. 	if err != nil {
    165. 

  165. 		s.t.Skipf("skipping test: %v", err)
    166. 

  166. 	}
    167. 

  167. 

  168. 	c1, c2, err := unixConnection()
    169. 

  169. 	if err != nil {
    170. 

  170. 		s.t.Fatalf("unixConnection: %v", err)
    171. 

  171. 	}
    172. 

  172. 

  173. 	s.cmd = exec.Command(sshd, "-f", s.configfile, "-i", "-e")
    174. 

  174. 	f, err := c2.File()
    175. 

  175. 	if err != nil {
    176. 

  176. 		s.t.Fatalf("UnixConn.File: %v", err)
    177. 

  177. 	}
    178. 

  178. 	defer f.Close()
    179. 

  179. 	s.cmd.Stdin = f
    180. 

  180. 	s.cmd.Stdout = f
    181. 

  181. 	s.cmd.Stderr = &s.output
    182. 

  182. 	if err := s.cmd.Start(); err != nil {
    183. 

  183. 		s.t.Fail()
    184. 

  184. 		s.Shutdown()
    185. 

  185. 		s.t.Fatalf("s.cmd.Start: %v", err)
    186. 

  186. 	}
    187. 

  187. 	s.clientConn = c1
    188. 

  188. 	return ssh.Client(c1, config)
    189. 

  189. }
    190. 

  190. 

  191. func (s *server) Dial(config *ssh.ClientConfig) *ssh.ClientConn {
    192. 

  192. 	conn, err := s.TryDial(config)
    193. 

  193. 	if err != nil {
    194. 

  194. 		s.t.Fail()
    195. 

  195. 		s.Shutdown()
    196. 

  196. 		s.t.Fatalf("ssh.Client: %v", err)
    197. 

  197. 	}
    198. 

  198. 	return conn
    199. 

  199. }
    200. 

  200. 

  201. func (s *server) Shutdown() {
    202. 

  202. 	if s.cmd != nil && s.cmd.Process != nil {
    203. 

  203. 		// Don't check for errors; if it fails it's most
    204. 

  204. 		// likely "os: process already finished", and we don't
    205. 

  205. 		// care about that. Use os.Interrupt, so child
    206. 

  206. 		// processes are killed too.
    207. 

  207. 		s.cmd.Process.Signal(os.Interrupt)
    208. 

  208. 		s.cmd.Wait()
    209. 

  209. 	}
    210. 

  210. 	if s.t.Failed() {
    211. 

  211. 		// log any output from sshd process
    212. 

  212. 		s.t.Logf("sshd: %s", s.output.String())
    213. 

  213. 	}
    214. 

  214. 	s.cleanup()
    215. 

  215. }
    216. 

  216. 

  217. // newServer returns a new mock ssh server.
    218. 

  218. func newServer(t *testing.T) *server {
    219. 

  219. 	dir, err := ioutil.TempDir("", "sshtest")
    220. 

  220. 	if err != nil {
    221. 

  221. 		t.Fatal(err)
    222. 

  222. 	}
    223. 

  223. 	f, err := os.Create(filepath.Join(dir, "sshd_config"))
    224. 

  224. 	if err != nil {
    225. 

  225. 		t.Fatal(err)
    226. 

  226. 	}
    227. 

  227. 	err = configTmpl.Execute(f, map[string]string{
    228. 

  228. 		"Dir": dir,
    229. 

  229. 	})
    230. 

  230. 	if err != nil {
    231. 

  231. 		t.Fatal(err)
    232. 

  232. 	}
    233. 

  233. 	f.Close()
    234. 

  234. 

  235. 	for k, v := range keys {
    236. 

  236. 		f, err := os.OpenFile(filepath.Join(dir, k), os.O_WRONLY|os.O_TRUNC|os.O_CREATE, 0600)
    237. 

  237. 		if err != nil {
    238. 

  238. 			t.Fatal(err)
    239. 

  239. 		}
    240. 

  240. 		if _, err := f.Write([]byte(v)); err != nil {
    241. 

  241. 			t.Fatal(err)
    242. 

  242. 		}
    243. 

  243. 		f.Close()
    244. 

  244. 	}
    245. 

  245. 

  246. 	return &server{
    247. 

  247. 		t:          t,
    248. 

  248. 		configfile: f.Name(),
    249. 

  249. 		cleanup: func() {
    250. 

  250. 			if err := os.RemoveAll(dir); err != nil {
    251. 

  251. 				t.Error(err)
    252. 

  252. 			}
    253. 

  253. 		},
    254. 

  254. 	}
    255. 

  255. }
    256. 

  256. 

  257. // keychain implements the ClientKeyring interface.
    258. 

  258. type keychain struct {
    259. 

  259. 	keys []ssh.Signer
    260. 

  260. }
    261. 

  261. 

  262. func (k *keychain) Key(i int) (ssh.PublicKey, error) {
    263. 

  263. 	if i < 0 || i >= len(k.keys) {
    264. 

  264. 		return nil, nil
    265. 

  265. 	}
    266. 

  266. 	return k.keys[i].PublicKey(), nil
    267. 

  267. }
    268. 

  268. 

  269. func (k *keychain) Sign(i int, rand io.Reader, data []byte) (sig []byte, err error) {
    270. 

  270. 	return k.keys[i].Sign(rand, data)
    271. 

  271. }
    272. 

  272. 

  273. func (k *keychain) loadPEM(file string) error {
    274. 

  274. 	buf, err := ioutil.ReadFile(file)
    275. 

  275. 	if err != nil {
    276. 

  276. 		return err
    277. 

  277. 	}
    278. 

  278. 	key, err := ssh.ParsePrivateKey(buf)
    279. 

  279. 	if err != nil {
    280. 

  280. 		return err
    281. 

  281. 	}
    282. 

  282. 	k.keys = append(k.keys, key)
    283. 

  283. 	return nil
    284. 

  284. }
    285.