Inicio Explorar Axuda
Rexistro Iniciar sesión
packages
/
crypto
0
0
Fork 0
Ficheiros Incidencias 0 Pull Requests 0 Wiki
Árbore: 97c15b3da8
Ramas Etiquetas
crypto
/
ssh
/
test
/
test_unix_test.go

test_unix_test.go 5.0 KB
Histórico Raw

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239 
  1. // Copyright 2012 The Go Authors. All rights reserved.
    2. 

  2. // Use of this source code is governed by a BSD-style
    3. 

  3. // license that can be found in the LICENSE file.
    4. 

  4. 

  5. // +build darwin freebsd linux netbsd openbsd
    6. 

  6. 

  7. package test
    8. 

  8. 

  9. // functional test harness for unix.
    10. 

  10. 

  11. import (
    12. 

  12. 	"bytes"
    13. 

  13. 	"crypto"
    14. 

  14. 	"crypto/dsa"
    15. 

  15. 	"crypto/rsa"
    16. 

  16. 	"crypto/x509"
    17. 

  17. 	"encoding/pem"
    18. 

  18. 	"errors"
    19. 

  19. 	"io"
    20. 

  20. 	"io/ioutil"
    21. 

  21. 	"net"
    22. 

  22. 	"os"
    23. 

  23. 	"os/exec"
    24. 

  24. 	"os/user"
    25. 

  25. 	"path/filepath"
    26. 

  26. 	"testing"
    27. 

  27. 	"text/template"
    28. 

  28. 	"time"
    29. 

  29. 

  30. 	"code.google.com/p/go.crypto/ssh"
    31. 

  31. )
    32. 

  32. 

  33. const sshd_config = `
    34. 

  34. Protocol 2
    35. 

  35. HostKey {{.Dir}}/ssh_host_rsa_key
    36. 

  36. HostKey {{.Dir}}/ssh_host_dsa_key
    37. 

  37. HostKey {{.Dir}}/ssh_host_ecdsa_key
    38. 

  38. Pidfile {{.Dir}}/sshd.pid
    39. 

  39. #UsePrivilegeSeparation no
    40. 

  40. KeyRegenerationInterval 3600
    41. 

  41. ServerKeyBits 768
    42. 

  42. SyslogFacility AUTH
    43. 

  43. LogLevel DEBUG2
    44. 

  44. LoginGraceTime 120
    45. 

  45. PermitRootLogin no
    46. 

  46. StrictModes no
    47. 

  47. RSAAuthentication yes
    48. 

  48. PubkeyAuthentication yes
    49. 

  49. AuthorizedKeysFile	{{.Dir}}/authorized_keys
    50. 

  50. IgnoreRhosts yes
    51. 

  51. RhostsRSAAuthentication no
    52. 

  52. HostbasedAuthentication no
    53. 

  53. `
    54. 

  54. 

  55. var (
    56. 

  56. 	configTmpl template.Template
    57. 

  57. 	sshd       string // path to sshd
    58. 

  58. 	rsakey     *rsa.PrivateKey
    59. 

  59. )
    60. 

  60. 

  61. func init() {
    62. 

  62. 	template.Must(configTmpl.Parse(sshd_config))
    63. 

  63. 	block, _ := pem.Decode([]byte(testClientPrivateKey))
    64. 

  64. 	rsakey, _ = x509.ParsePKCS1PrivateKey(block.Bytes)
    65. 

  65. }
    66. 

  66. 

  67. type server struct {
    68. 

  68. 	t          *testing.T
    69. 

  69. 	cleanup    func() // executed during Shutdown
    70. 

  70. 	configfile string
    71. 

  71. 	cmd        *exec.Cmd
    72. 

  72. 	output     bytes.Buffer // holds stderr from sshd process
    73. 

  73. }
    74. 

  74. 

  75. func username() string {
    76. 

  76. 	var username string
    77. 

  77. 	if user, err := user.Current(); err == nil {
    78. 

  78. 		username = user.Username
    79. 

  79. 	} else {
    80. 

  80. 		// user.Current() currently requires cgo. If an error is
    81. 

  81. 		// returned attempt to get the username from the environment.
    82. 

  82. 		username = os.Getenv("USER")
    83. 

  83. 	}
    84. 

  84. 	if username == "" {
    85. 

  85. 		panic("Unable to get username")
    86. 

  86. 	}
    87. 

  87. 	return username
    88. 

  88. }
    89. 

  89. 

  90. func clientConfig() *ssh.ClientConfig {
    91. 

  91. 	kc := new(keychain)
    92. 

  92. 	kc.keys = append(kc.keys, rsakey)
    93. 

  93. 	config := &ssh.ClientConfig{
    94. 

  94. 		User: username(),
    95. 

  95. 		Auth: []ssh.ClientAuth{
    96. 

  96. 			ssh.ClientAuthKeyring(kc),
    97. 

  97. 		},
    98. 

  98. 	}
    99. 

  99. 	return config
    100. 

  100. }
    101. 

  101. 

  102. func (s *server) Dial(config *ssh.ClientConfig) *ssh.ClientConn {
    103. 

  103. 	s.cmd = exec.Command("sshd", "-f", s.configfile, "-i")
    104. 

  104. 	stdin, err := s.cmd.StdinPipe()
    105. 

  105. 	if err != nil {
    106. 

  106. 		s.t.Fatal(err)
    107. 

  107. 	}
    108. 

  108. 	stdout, err := s.cmd.StdoutPipe()
    109. 

  109. 	if err != nil {
    110. 

  110. 		s.t.Fatal(err)
    111. 

  111. 	}
    112. 

  112. 	s.cmd.Stderr = os.Stderr // &s.output
    113. 

  113. 	err = s.cmd.Start()
    114. 

  114. 	if err != nil {
    115. 

  115. 		s.t.FailNow()
    116. 

  116. 		s.Shutdown()
    117. 

  117. 		s.t.Fatal(err)
    118. 

  118. 	}
    119. 

  119. 	conn, err := ssh.Client(&client{stdin, stdout}, config)
    120. 

  120. 	if err != nil {
    121. 

  121. 		s.t.FailNow()
    122. 

  122. 		s.Shutdown()
    123. 

  123. 		s.t.Fatal(err)
    124. 

  124. 	}
    125. 

  125. 	return conn
    126. 

  126. }
    127. 

  127. 

  128. func (s *server) Shutdown() {
    129. 

  129. 	if s.cmd.Process != nil {
    130. 

  130. 		if err := s.cmd.Process.Kill(); err != nil {
    131. 

  131. 			s.t.Error(err)
    132. 

  132. 		}
    133. 

  133. 	}
    134. 

  134. 	if s.t.Failed() {
    135. 

  135. 		// log any output from sshd process
    136. 

  136. 		s.t.Log(s.output.String())
    137. 

  137. 	}
    138. 

  138. 	s.cleanup()
    139. 

  139. }
    140. 

  140. 

  141. // client wraps a pair of Reader/WriteClosers to implement the
    142. 

  142. // net.Conn interface.
    143. 

  143. type client struct {
    144. 

  144. 	io.WriteCloser
    145. 

  145. 	io.Reader
    146. 

  146. }
    147. 

  147. 

  148. func (c *client) LocalAddr() net.Addr              { return nil }
    149. 

  149. func (c *client) RemoteAddr() net.Addr             { return nil }
    150. 

  150. func (c *client) SetDeadline(time.Time) error      { return nil }
    151. 

  151. func (c *client) SetReadDeadline(time.Time) error  { return nil }
    152. 

  152. func (c *client) SetWriteDeadline(time.Time) error { return nil }
    153. 

  153. 

  154. // newServer returns a new mock ssh server.
    155. 

  155. func newServer(t *testing.T) *server {
    156. 

  156. 	dir, err := ioutil.TempDir("", "sshtest")
    157. 

  157. 	if err != nil {
    158. 

  158. 		t.Fatal(err)
    159. 

  159. 	}
    160. 

  160. 	f, err := os.Create(filepath.Join(dir, "sshd_config"))
    161. 

  161. 	if err != nil {
    162. 

  162. 		t.Fatal(err)
    163. 

  163. 	}
    164. 

  164. 	err = configTmpl.Execute(f, map[string]string{
    165. 

  165. 		"Dir": dir,
    166. 

  166. 	})
    167. 

  167. 	if err != nil {
    168. 

  168. 		t.Fatal(err)
    169. 

  169. 	}
    170. 

  170. 	f.Close()
    171. 

  171. 

  172. 	for k, v := range keys {
    173. 

  173. 		f, err := os.OpenFile(filepath.Join(dir, k), os.O_WRONLY|os.O_TRUNC|os.O_CREATE, 0600)
    174. 

  174. 		if err != nil {
    175. 

  175. 			t.Fatal(err)
    176. 

  176. 		}
    177. 

  177. 		if _, err := f.Write([]byte(v)); err != nil {
    178. 

  178. 			t.Fatal(err)
    179. 

  179. 		}
    180. 

  180. 		f.Close()
    181. 

  181. 	}
    182. 

  182. 

  183. 	return &server{
    184. 

  184. 		t:          t,
    185. 

  185. 		configfile: f.Name(),
    186. 

  186. 		cleanup: func() {
    187. 

  187. 			if err := os.RemoveAll(dir); err != nil {
    188. 

  188. 				t.Error(err)
    189. 

  189. 			}
    190. 

  190. 		},
    191. 

  191. 	}
    192. 

  192. }
    193. 

  193. 

  194. // keychain implements the ClientKeyring interface
    195. 

  195. type keychain struct {
    196. 

  196. 	keys []interface{}
    197. 

  197. }
    198. 

  198. 

  199. func (k *keychain) Key(i int) (interface{}, error) {
    200. 

  200. 	if i < 0 || i >= len(k.keys) {
    201. 

  201. 		return nil, nil
    202. 

  202. 	}
    203. 

  203. 	switch key := k.keys[i].(type) {
    204. 

  204. 	case *rsa.PrivateKey:
    205. 

  205. 		return &key.PublicKey, nil
    206. 

  206. 	case *dsa.PrivateKey:
    207. 

  207. 		return &key.PublicKey, nil
    208. 

  208. 	}
    209. 

  209. 	panic("unknown key type")
    210. 

  210. }
    211. 

  211. 

  212. func (k *keychain) Sign(i int, rand io.Reader, data []byte) (sig []byte, err error) {
    213. 

  213. 	hashFunc := crypto.SHA1
    214. 

  214. 	h := hashFunc.New()
    215. 

  215. 	h.Write(data)
    216. 

  216. 	digest := h.Sum(nil)
    217. 

  217. 	switch key := k.keys[i].(type) {
    218. 

  218. 	case *rsa.PrivateKey:
    219. 

  219. 		return rsa.SignPKCS1v15(rand, key, hashFunc, digest)
    220. 

  220. 	}
    221. 

  221. 	return nil, errors.New("ssh: unknown key type")
    222. 

  222. }
    223. 

  223. 

  224. func (k *keychain) loadPEM(file string) error {
    225. 

  225. 	buf, err := ioutil.ReadFile(file)
    226. 

  226. 	if err != nil {
    227. 

  227. 		return err
    228. 

  228. 	}
    229. 

  229. 	block, _ := pem.Decode(buf)
    230. 

  230. 	if block == nil {
    231. 

  231. 		return errors.New("ssh: no key found")
    232. 

  232. 	}
    233. 

  233. 	r, err := x509.ParsePKCS1PrivateKey(block.Bytes)
    234. 

  234. 	if err != nil {
    235. 

  235. 		return err
    236. 

  236. 	}
    237. 

  237. 	k.keys = append(k.keys, r)
    238. 

  238. 	return nil
    239. 

  239. }
    240.