net-ssh 4.0.0.alpha1 → 4.0.0.alpha2

data/test/transport/kex/test_diffie_hellman_group_exchange_sha1.rb

@@ -1,96 +0,0 @@
-require 'common'
-require 'transport/kex/test_diffie_hellman_group1_sha1'
-require 'net/ssh/transport/kex/diffie_hellman_group_exchange_sha1'
-
-module Transport; module Kex
-
-  class TestDiffieHellmanGroupExchangeSHA1 < TestDiffieHellmanGroup1SHA1
-    KEXDH_GEX_GROUP   = 31
-    KEXDH_GEX_INIT    = 32
-    KEXDH_GEX_REPLY   = 33
-    KEXDH_GEX_REQUEST = 34
-
-    def test_exchange_with_fewer_than_minimum_bits_uses_minimum_bits
-      dh_options :need_bytes => 20
-      assert_equal 1024, need_bits
-      assert_nothing_raised { exchange! }
-    end
-
-    def test_exchange_with_fewer_than_maximum_bits_uses_need_bits
-      dh_options :need_bytes => 500
-      need_bits(8001)
-      assert_nothing_raised { exchange! }
-    end
-
-    def test_exchange_with_more_than_maximum_bits_uses_maximum_bits
-      dh_options :need_bytes => 2000
-      need_bits(8192)
-      assert_nothing_raised { exchange! }
-    end
-
-    def test_that_p_and_g_are_provided_by_the_server
-      assert_nothing_raised { exchange! :p => default_p+2, :g => 3 }
-      assert_equal default_p+2, dh.dh.p
-      assert_equal 3, dh.dh.g
-    end
-
-    private
-
-      def need_bits(bits=1024)
-        @need_bits ||= bits
-      end
-
-      def default_p
-        142326151570335518660743995281621698377057354949884468943021767573608899048361360422513557553514790045512299468953431585300812548859419857171094366358158903433167915517332113861059747425408670144201099811846875730766487278261498262568348338476437200556998366087779709990807518291581860338635288400119315130179
-      end
-
-      def exchange!(options={})
-        connection.expect do |t, buffer|
-          assert_equal KEXDH_GEX_REQUEST, buffer.type
-          assert_equal 1024, buffer.read_long
-          assert_equal need_bits, buffer.read_long
-          assert_equal 8192, buffer.read_long
-          t.return(KEXDH_GEX_GROUP, :bignum, bn(options[:p] || default_p), :bignum, bn(options[:g] || 2))
-          t.expect do |t2, buffer2|
-            assert_equal KEXDH_GEX_INIT, buffer2.type
-            assert_equal dh.dh.pub_key, buffer2.read_bignum
-            t2.return(KEXDH_GEX_REPLY, :string, b(:key, server_key), :bignum, server_dh_pubkey, :string, b(:string, options[:key_type] || "ssh-rsa", :string, signature))
-            t2.expect do |t3, buffer3|
-              assert_equal NEWKEYS, buffer3.type
-              t3.return(NEWKEYS)
-            end
-          end
-        end
-
-        dh.exchange_keys
-      end
-
-      def subject
-        Net::SSH::Transport::Kex::DiffieHellmanGroupExchangeSHA1
-      end
-
-      def digest_type
-        OpenSSL::Digest::SHA1
-      end
-
-      def session_id
-        @session_id ||= begin
-          buffer = Net::SSH::Buffer.from(:string, packet_data[:client_version_string],
-            :string, packet_data[:server_version_string],
-            :string, packet_data[:client_algorithm_packet],
-            :string, packet_data[:server_algorithm_packet],
-            :string, Net::SSH::Buffer.from(:key, server_key),
-            :long,   1024,
-            :long,   need_bits, # need bits, figure this part out,
-            :long,   8192,
-            :bignum, dh.dh.p,
-            :bignum, dh.dh.g,
-            :bignum, dh.dh.pub_key,
-            :bignum, server_dh_pubkey,
-            :bignum, shared_secret)
-          digest_type.digest(buffer.to_s)
-        end
-      end
-  end
-
-end; end

data/test/transport/kex/test_diffie_hellman_group_exchange_sha256.rb

@@ -1,19 +0,0 @@
-require 'common'
-require 'net/ssh/transport/kex/diffie_hellman_group_exchange_sha1'
-require 'transport/kex/test_diffie_hellman_group_exchange_sha1'
-
-module Transport; module Kex
-
-  class TestDiffieHellmanGroupExchangeSHA256 < TestDiffieHellmanGroupExchangeSHA1
-    private
-
-      def subject
-        Net::SSH::Transport::Kex::DiffieHellmanGroupExchangeSHA256
-      end
-
-      def digest_type
-        OpenSSL::Digest::SHA256
-      end
-  end
-
-end; end

data/test/transport/kex/test_ecdh_sha2_nistp256.rb

@@ -1,161 +0,0 @@
-require 'openssl'
-
-unless defined?(OpenSSL::PKey::EC)
-  puts "Skipping tests for ecdh-sha2-nistp256 key exchange"
-else
-  require 'common'
-  require 'transport/kex/test_diffie_hellman_group1_sha1'
-  require 'net/ssh/transport/kex/ecdh_sha2_nistp256'
-  require 'ostruct'
-
-  module Transport; module Kex
-
-    class TestEcdhSHA2NistP256 < Test::Unit::TestCase
-      include Net::SSH::Transport::Constants
-
-      def setup
-        @ecdh = @algorithms = @connection = @server_key = 
-          @packet_data = @shared_secret = nil
-      end
-
-      def test_exchange_keys_should_return_expected_results_when_successful
-        result = exchange!
-        assert_equal session_id, result[:session_id]
-        assert_equal server_host_key.to_blob, result[:server_key].to_blob
-        assert_equal shared_secret, result[:shared_secret]
-        assert_equal digester, result[:hashing_algorithm]
-      end
-
-      def test_exchange_keys_with_unverifiable_host_should_raise_exception
-        connection.verifier { false }
-        assert_raises(Net::SSH::Exception) { exchange! }
-      end
-
-      def test_exchange_keys_with_signature_key_type_mismatch_should_raise_exception
-        assert_raises(Net::SSH::Exception) { exchange! :key_type => "ssh-dss" }
-      end
-
-      def test_exchange_keys_with_host_key_type_mismatch_should_raise_exception
-        algorithms :host_key => "ssh-dss"
-        assert_raises(Net::SSH::Exception) { exchange! :key_type => "ssh-dss" }
-      end
-
-      def test_exchange_keys_when_server_signature_could_not_be_verified_should_raise_exception
-        @signature = "1234567890"
-        assert_raises(Net::SSH::Exception) { exchange! }
-      end
-
-      def test_exchange_keys_should_pass_expected_parameters_to_host_key_verifier
-        verified = false
-        connection.verifier do |data|
-          verified = true
-          assert_equal server_host_key.to_blob, data[:key].to_blob
-
-          blob = b(:key, data[:key]).to_s
-          fingerprint = OpenSSL::Digest::MD5.hexdigest(blob).scan(/../).join(":")
-
-          assert_equal blob, data[:key_blob]
-          assert_equal fingerprint, data[:fingerprint]
-          assert_equal connection, data[:session]
-
-          true
-        end
-
-        assert_nothing_raised { exchange! }
-        assert verified
-      end
-
-      private
-
-      def digester
-        OpenSSL::Digest::SHA256
-      end
-
-      def subject
-        Net::SSH::Transport::Kex::EcdhSHA2NistP256
-      end
-
-      def ecparam
-        "prime256v1"
-      end
-
-      def key_type
-        "ecdsa-sha2-nistp256"
-      end
-
-      def exchange!(options={})
-        connection.expect do |t, buffer|
-          assert_equal KEXECDH_INIT, buffer.type
-          assert_equal ecdh.ecdh.public_key.to_bn.to_s(2), buffer.read_string
-          t.return(KEXECDH_REPLY,
-                   :string, b(:key, server_host_key),
-                   :string, server_ecdh_pubkey.to_bn.to_s(2),
-                   :string, b(:string, options[:key_type] || key_type,
-                              :string, signature))
-          connection.expect do |t2, buffer2|
-            assert_equal NEWKEYS, buffer2.type
-            t2.return(NEWKEYS)
-          end
-        end
-        ecdh.exchange_keys
-      end
-
-      def ecdh
-        @ecdh ||= subject.new(algorithms, connection, packet_data)
-      end
-
-      def algorithms(options={})
-        @algorithms ||= OpenStruct.new(:host_key => options[:server_host_key] || "ecdsa-sha2-nistp256")
-      end
-
-      def connection
-        @connection ||= MockTransport.new
-      end
-
-      def server_key
-        @server_key ||= OpenSSL::PKey::EC.new(ecparam).generate_key
-      end
-
-      def server_host_key
-        @server_host_key ||= OpenSSL::PKey::EC.new("prime256v1").generate_key
-      end
-
-      def packet_data
-        @packet_data ||= { :client_version_string => "client version string",
-          :server_version_string => "server version string",
-          :server_algorithm_packet => "server algorithm packet",
-          :client_algorithm_packet => "client algorithm packet" }
-      end
-
-      def server_ecdh_pubkey
-        @server_ecdh_pubkey ||= server_key.public_key
-      end
-
-      def shared_secret
-        @shared_secret ||= OpenSSL::BN.new(ecdh.ecdh.dh_compute_key(server_ecdh_pubkey), 2)
-      end
-
-      def session_id
-        @session_id ||= begin
-          buffer = Net::SSH::Buffer.from(:string, packet_data[:client_version_string],
-                                         :string, packet_data[:server_version_string],
-                                         :string, packet_data[:client_algorithm_packet],
-                                         :string, packet_data[:server_algorithm_packet],
-                                         :string, Net::SSH::Buffer.from(:key, server_host_key),
-                                         :string, ecdh.ecdh.public_key.to_bn.to_s(2),
-                                         :string, server_ecdh_pubkey.to_bn.to_s(2),
-                                         :bignum, shared_secret)
-          digester.digest(buffer.to_s)
-        end
-      end
-
-      def signature
-        @signature ||= server_host_key.ssh_do_sign(session_id)
-      end
-
-      def b(*args)
-        Net::SSH::Buffer.from(*args)
-      end
-    end
-  end; end;
-end

data/test/transport/kex/test_ecdh_sha2_nistp384.rb

@@ -1,38 +0,0 @@
-require 'openssl'
-
-unless defined?(OpenSSL::PKey::EC)
-  puts "Skipping tests for ecdh-sha2-nistp384 key exchange"
-else
-  require 'transport/kex/test_ecdh_sha2_nistp256'
-  module Transport; module Kex
-    class TestEcdhSHA2NistP384 < TestEcdhSHA2NistP256
-
-      def setup
-        @ecdh = @algorithms = @connection = @server_key = 
-          @packet_data = @shared_secret = nil
-      end
-
-      def test_exchange_keys_should_return_expected_results_when_successful
-        result = exchange!
-        assert_equal session_id, result[:session_id]
-        assert_equal server_host_key.to_blob, result[:server_key].to_blob
-        assert_equal shared_secret, result[:shared_secret]
-        assert_equal digester, result[:hashing_algorithm]
-      end
-
-      private
-
-      def digester
-        OpenSSL::Digest::SHA384
-      end
-
-      def subject
-        Net::SSH::Transport::Kex::EcdhSHA2NistP384
-      end
-
-      def ecparam
-        "secp384r1"
-      end
-    end
-  end; end
-end

data/test/transport/kex/test_ecdh_sha2_nistp521.rb

@@ -1,38 +0,0 @@
-require 'openssl'
-
-unless defined?(OpenSSL::PKey::EC)
-  puts "Skipping tests for ecdh-sha2-nistp521 key exchange"
-else
-  require 'transport/kex/test_ecdh_sha2_nistp256'
-  module Transport; module Kex
-    class TestEcdhSHA2NistP521 < TestEcdhSHA2NistP256
-
-      def setup
-        @ecdh = @algorithms = @connection = @server_key = 
-          @packet_data = @shared_secret = nil
-      end
-
-      def test_exchange_keys_should_return_expected_results_when_successful
-        result = exchange!
-        assert_equal session_id, result[:session_id]
-        assert_equal server_host_key.to_blob, result[:server_key].to_blob
-        assert_equal shared_secret, result[:shared_secret]
-        assert_equal digester, result[:hashing_algorithm]
-      end
-
-      private
-
-      def digester
-        OpenSSL::Digest::SHA512
-      end
-
-      def subject
-        Net::SSH::Transport::Kex::EcdhSHA2NistP521
-      end
-
-      def ecparam
-        "secp521r1"
-      end
-    end
-  end; end
-end

data/test/transport/test_algorithms.rb

@@ -1,328 +0,0 @@
-require 'common'
-require 'net/ssh/transport/algorithms'
-
-module Transport
-
-  class TestAlgorithms < Test::Unit::TestCase
-    include Net::SSH::Transport::Constants
-
-    def test_allowed_packets
-      (0..255).each do |type|
-        packet = stub("packet", :type => type)
-        case type
-        when 1..4, 6..19, 21..49 then assert(Net::SSH::Transport::Algorithms.allowed_packet?(packet), "#{type} should be allowed during key exchange")
-        else assert(!Net::SSH::Transport::Algorithms.allowed_packet?(packet), "#{type} should not be allowed during key exchange")
-        end
-      end
-    end
-
-    def test_constructor_should_build_default_list_of_preferred_algorithms
-      assert_equal %w(ssh-rsa ssh-dss ssh-rsa-cert-v01@openssh.com ssh-rsa-cert-v00@openssh.com)+ec_host_keys, algorithms[:host_key]
-      assert_equal %w(diffie-hellman-group-exchange-sha1 diffie-hellman-group1-sha1 diffie-hellman-group14-sha1 diffie-hellman-group-exchange-sha256)+ec_kex, algorithms[:kex]
-      assert_equal %w(aes128-cbc 3des-cbc blowfish-cbc cast128-cbc aes192-cbc aes256-cbc rijndael-cbc@lysator.liu.se idea-cbc none arcfour128 arcfour256 arcfour aes128-ctr aes192-ctr aes256-ctr cast128-ctr blowfish-ctr 3des-ctr), algorithms[:encryption]
-      if defined?(OpenSSL::Digest::SHA256)
-        assert_equal %w(hmac-sha1 hmac-md5 hmac-sha1-96 hmac-md5-96 hmac-ripemd160 hmac-ripemd160@openssh.com hmac-sha2-256 hmac-sha2-512 hmac-sha2-256-96 hmac-sha2-512-96 none), algorithms[:hmac]
-      else
-        assert_equal %w(hmac-sha1 hmac-md5 hmac-sha1-96 hmac-md5-96 hmac-ripemd160 hmac-ripemd160@openssh.com none umac-128-etm@openssh.com), algorithms[:hmac] end
-      assert_equal %w(none zlib@openssh.com zlib), algorithms[:compression]
-      assert_equal %w(), algorithms[:language]
-    end
-
-    def test_constructor_should_set_client_and_server_prefs_identically
-      %w(encryption hmac compression language).each do |key|
-        assert_equal algorithms[key.to_sym], algorithms[:"#{key}_client"], key
-        assert_equal algorithms[key.to_sym], algorithms[:"#{key}_server"], key
-      end
-    end
-
-    def test_constructor_with_preferred_host_key_type_should_put_preferred_host_key_type_first
-      assert_equal %w(ssh-dss ssh-rsa ssh-rsa-cert-v01@openssh.com ssh-rsa-cert-v00@openssh.com)+ec_host_keys, algorithms(:host_key => "ssh-dss", :append_all_supported_algorithms => true)[:host_key]
-    end
-
-    def test_constructor_with_known_hosts_reporting_known_host_key_should_use_that_host_key_type
-      Net::SSH::KnownHosts.expects(:search_for).with("net.ssh.test,127.0.0.1", {}).returns([stub("key", :ssh_type => "ssh-dss")])
-      assert_equal %w(ssh-dss ssh-rsa ssh-rsa-cert-v01@openssh.com ssh-rsa-cert-v00@openssh.com )+ec_host_keys, algorithms[:host_key]
-    end
-
-    def ec_host_keys
-      if defined?(OpenSSL::PKey::EC)
-        %w(ecdsa-sha2-nistp256 ecdsa-sha2-nistp384 ecdsa-sha2-nistp521)
-      else
-        []
-      end
-    end
-
-    def test_constructor_with_unrecognized_host_key_type_should_return_whats_supported
-      assert_equal %w(ssh-rsa ssh-dss ssh-rsa-cert-v01@openssh.com ssh-rsa-cert-v00@openssh.com )+ec_host_keys, algorithms(:host_key => "bogus ssh-rsa",:append_all_supported_algorithms => true)[:host_key]
-    end
-
-    def ec_kex
-      if defined?(OpenSSL::PKey::EC)
-        %w(ecdh-sha2-nistp256 ecdh-sha2-nistp384 ecdh-sha2-nistp521)
-      else
-        []
-      end
-    end
-
-    def test_constructor_with_preferred_kex_should_put_preferred_kex_first
-      assert_equal %w(diffie-hellman-group1-sha1 diffie-hellman-group-exchange-sha1 diffie-hellman-group14-sha1 diffie-hellman-group-exchange-sha256)+ec_kex, algorithms(:kex => "diffie-hellman-group1-sha1", :append_all_supported_algorithms => true)[:kex]
-    end
-
-    def test_constructor_with_unrecognized_kex_should_not_raise_exception
-      assert_equal %w(diffie-hellman-group1-sha1 diffie-hellman-group-exchange-sha1 diffie-hellman-group14-sha1 diffie-hellman-group-exchange-sha256)+ec_kex, algorithms(
-        :kex => %w(bogus diffie-hellman-group1-sha1),:append_all_supported_algorithms => true)[:kex]
-    end
-
-    def test_constructor_with_preferred_encryption_should_put_preferred_encryption_first
-      assert_equal %w(aes256-cbc aes128-cbc 3des-cbc blowfish-cbc cast128-cbc aes192-cbc rijndael-cbc@lysator.liu.se idea-cbc none arcfour128 arcfour256 arcfour aes128-ctr aes192-ctr aes256-ctr cast128-ctr blowfish-ctr 3des-ctr), algorithms(:encryption => "aes256-cbc",
-      :append_all_supported_algorithms => true)[:encryption]
-    end
-
-    def test_constructor_with_multiple_preferred_encryption_should_put_all_preferred_encryption_first
-      assert_equal %w(aes256-cbc 3des-cbc idea-cbc aes128-cbc blowfish-cbc cast128-cbc aes192-cbc rijndael-cbc@lysator.liu.se none arcfour128 arcfour256 arcfour aes128-ctr aes192-ctr aes256-ctr cast128-ctr blowfish-ctr 3des-ctr), algorithms(:encryption => %w(aes256-cbc 3des-cbc idea-cbc), :append_all_supported_algorithms => true)[:encryption]
-    end
-
-    def test_constructor_with_unrecognized_encryption_should_keep_whats_supported
-      assert_equal %w(aes256-cbc aes128-cbc 3des-cbc blowfish-cbc cast128-cbc aes192-cbc rijndael-cbc@lysator.liu.se idea-cbc none arcfour128 arcfour256 arcfour aes128-ctr aes192-ctr aes256-ctr cast128-ctr blowfish-ctr 3des-ctr), algorithms(:encryption => %w(bogus aes256-cbc), :append_all_supported_algorithms => true)[:encryption]
-    end
-
-    def test_constructor_with_preferred_hmac_should_put_preferred_hmac_first
-      assert_equal %w(hmac-md5-96 hmac-sha1 hmac-md5 hmac-sha1-96 hmac-ripemd160 hmac-ripemd160@openssh.com hmac-sha2-256 hmac-sha2-512 hmac-sha2-256-96 hmac-sha2-512-96 none), algorithms(:hmac => "hmac-md5-96", :append_all_supported_algorithms => true)[:hmac]
-    end
-
-    def test_constructor_with_multiple_preferred_hmac_should_put_all_preferred_hmac_first
-      assert_equal %w(hmac-md5-96 hmac-sha1-96 hmac-sha1 hmac-md5 hmac-ripemd160 hmac-ripemd160@openssh.com hmac-sha2-256 hmac-sha2-512 hmac-sha2-256-96 hmac-sha2-512-96 none), algorithms(:hmac => %w(hmac-md5-96 hmac-sha1-96), :append_all_supported_algorithms => true)[:hmac]
-    end
-
-    def test_constructor_with_unrecognized_hmac_should_ignore_those
-      assert_equal %w(hmac-md5-96 hmac-sha1 hmac-md5 hmac-sha1-96 hmac-ripemd160 hmac-ripemd160@openssh.com hmac-sha2-256 hmac-sha2-512 hmac-sha2-256-96 hmac-sha2-512-96 none), 
-        algorithms(:hmac => "hmac-md5-96", :append_all_supported_algorithms => true)[:hmac]
-    end
-
-    def test_constructor_with_preferred_compression_should_put_preferred_compression_first
-      assert_equal %w(zlib none zlib@openssh.com), algorithms(:compression => "zlib", :append_all_supported_algorithms => true)[:compression]
-    end
-
-    def test_constructor_with_multiple_preferred_compression_should_put_all_preferred_compression_first
-      assert_equal %w(zlib@openssh.com zlib none), algorithms(:compression => %w(zlib@openssh.com zlib),
-         :append_all_supported_algorithms => true)[:compression]
-    end
-
-    def test_constructor_with_general_preferred_compression_should_put_none_last
-      assert_equal %w(zlib@openssh.com zlib none), algorithms(
-        :compression => true, :append_all_supported_algorithms => true)[:compression]
-    end
-
-    def test_constructor_with_unrecognized_compression_should_return_whats_supported
-      assert_equal %w(none zlib zlib@openssh.com), algorithms(:compression => %w(bogus none zlib), :append_all_supported_algorithms => true)[:compression]
-    end
-
-    def test_initial_state_should_be_neither_pending_nor_initialized
-      assert !algorithms.pending?
-      assert !algorithms.initialized?
-    end
-
-    def test_key_exchange_when_initiated_by_server
-      transport.expect do |t, buffer|
-        assert_kexinit(buffer)
-        install_mock_key_exchange(buffer)
-      end
-
-      install_mock_algorithm_lookups
-      algorithms.accept_kexinit(kexinit)
-
-      assert_exchange_results
-    end
-
-    def test_key_exchange_when_initiated_by_client
-      state = nil
-      transport.expect do |t, buffer|
-        assert_kexinit(buffer)
-        state = :sent_kexinit
-        install_mock_key_exchange(buffer)
-      end
-
-      algorithms.rekey!
-      assert_equal state, :sent_kexinit
-      assert algorithms.pending?
-
-      install_mock_algorithm_lookups
-      algorithms.accept_kexinit(kexinit)
-
-      assert_exchange_results
-    end
-
-    def test_key_exchange_when_server_does_not_support_preferred_kex_should_fallback_to_secondary
-      kexinit :kex => "diffie-hellman-group1-sha1"
-      transport.expect do |t,buffer|
-        assert_kexinit(buffer)
-        install_mock_key_exchange(buffer, :kex => Net::SSH::Transport::Kex::DiffieHellmanGroup1SHA1)
-      end
-      algorithms.accept_kexinit(kexinit)
-    end
-
-    def test_key_exchange_when_server_does_not_support_any_preferred_kex_should_raise_error
-      kexinit :kex => "something-obscure"
-      transport.expect { |t,buffer| assert_kexinit(buffer) }
-      assert_raises(Net::SSH::Exception) { algorithms.accept_kexinit(kexinit) }
-    end
-
-    def test_allow_when_not_pending_should_be_true_for_all_packets
-      (0..255).each do |type|
-        packet = stub("packet", :type => type)
-        assert algorithms.allow?(packet), type.to_s
-      end
-    end
-
-    def test_allow_when_pending_should_be_true_only_for_packets_valid_during_key_exchange
-      transport.expect!
-      algorithms.rekey!
-      assert algorithms.pending?
-
-      (0..255).each do |type|
-        packet = stub("packet", :type => type)
-        case type
-        when 1..4, 6..19, 21..49 then assert(algorithms.allow?(packet), "#{type} should be allowed during key exchange")
-        else assert(!algorithms.allow?(packet), "#{type} should not be allowed during key exchange")
-        end
-      end
-    end
-
-    def test_exchange_with_zlib_compression_enabled_sets_compression_to_standard
-      algorithms :compression => "zlib", :append_all_supported_algorithms => true
-
-      transport.expect do |t, buffer|
-        assert_kexinit(buffer, :compression_client => "zlib,none,zlib@openssh.com", :compression_server => "zlib,none,zlib@openssh.com")
-        install_mock_key_exchange(buffer)
-      end
-
-      install_mock_algorithm_lookups
-      algorithms.accept_kexinit(kexinit)
-
-      assert_equal :standard, transport.client_options[:compression]
-      assert_equal :standard, transport.server_options[:compression]
-    end
-
-    def test_exchange_with_zlib_at_openssh_dot_com_compression_enabled_sets_compression_to_delayed
-      algorithms :compression => "zlib@openssh.com", :append_all_supported_algorithms => true
-
-      transport.expect do |t, buffer|
-        assert_kexinit(buffer, :compression_client => "zlib@openssh.com,none,zlib", :compression_server => "zlib@openssh.com,none,zlib")
-        install_mock_key_exchange(buffer)
-      end
-
-      install_mock_algorithm_lookups
-      algorithms.accept_kexinit(kexinit)
-
-      assert_equal :delayed, transport.client_options[:compression]
-      assert_equal :delayed, transport.server_options[:compression]
-    end
-
-    private
-
-      def install_mock_key_exchange(buffer, options={})
-        kex = options[:kex] || Net::SSH::Transport::Kex::DiffieHellmanGroupExchangeSHA1
-
-        Net::SSH::Transport::Kex::MAP.each do |name, klass|
-          next if klass == kex
-          klass.expects(:new).never
-        end
-
-        kex.expects(:new).
-          with(algorithms, transport,
-            :client_version_string => Net::SSH::Transport::ServerVersion::PROTO_VERSION,
-            :server_version_string => transport.server_version.version,
-            :server_algorithm_packet => kexinit.to_s,
-            :client_algorithm_packet => buffer.to_s,
-            :need_bytes => 20,
-            :logger => nil).
-          returns(stub("kex", :exchange_keys => { :shared_secret => shared_secret, :session_id => session_id, :hashing_algorithm => hashing_algorithm }))
-      end
-
-      def install_mock_algorithm_lookups(options={})
-        params = { :shared => shared_secret.to_ssh, :hash => session_id, :digester => hashing_algorithm }
-        Net::SSH::Transport::CipherFactory.expects(:get).
-          with(options[:client_cipher] || "aes128-cbc", params.merge(:iv => key("A"), :key => key("C"), :encrypt => true)).
-          returns(:client_cipher)
-
-        Net::SSH::Transport::CipherFactory.expects(:get).
-          with(options[:server_cipher] || "aes128-cbc", params.merge(:iv => key("B"), :key => key("D"), :decrypt => true)).
-          returns(:server_cipher)
-
-        Net::SSH::Transport::HMAC.expects(:get).with(options[:client_hmac] || "hmac-sha1", key("E"), params).returns(:client_hmac)
-        Net::SSH::Transport::HMAC.expects(:get).with(options[:server_hmac] || "hmac-sha1", key("F"), params).returns(:server_hmac)
-      end
-
-      def shared_secret
-        @shared_secret ||= OpenSSL::BN.new("1234567890", 10)
-      end
-
-      def session_id
-        @session_id ||= "this is the session id"
-      end
-
-      def hashing_algorithm
-        OpenSSL::Digest::SHA1
-      end
-
-      def key(salt)
-        hashing_algorithm.digest(shared_secret.to_ssh + session_id + salt + session_id)
-      end
-
-      def cipher(type, options={})
-        Net::SSH::Transport::CipherFactory.get(type, options)
-      end
-
-      def kexinit(options={})
-        @kexinit ||= P(:byte, KEXINIT,
-          :long, rand(0xFFFFFFFF), :long, rand(0xFFFFFFFF), :long, rand(0xFFFFFFFF), :long, rand(0xFFFFFFFF),
-          :string, options[:kex] || "diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1,diffie-hellman-group-exchange-sha256",
-          :string, options[:host_key] || "ssh-rsa,ssh-dss",
-          :string, options[:encryption_client] || "aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,aes192-cbc,aes256-cbc,rijndael-cbc@lysator.liu.se,idea-cbc",
-          :string, options[:encryption_server] || "aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,aes192-cbc,aes256-cbc,rijndael-cbc@lysator.liu.se,idea-cbc",
-          :string, options[:hmac_client] || "hmac-sha1,hmac-md5,hmac-sha1-96,hmac-md5-96",
-          :string, options[:hmac_server] || "hmac-sha1,hmac-md5,hmac-sha1-96,hmac-md5-96",
-          :string, options[:compression_client] || "none,zlib@openssh.com,zlib",
-          :string, options[:compression_server] || "none,zlib@openssh.com,zlib",
-          :string, options[:language_client] || "",
-          :string, options[:langauge_server] || "",
-          :bool, options[:first_kex_follows])
-      end
-
-      def assert_kexinit(buffer, options={})
-        assert_equal KEXINIT, buffer.type
-        assert_equal 16, buffer.read(16).length
-        assert_equal options[:kex] || (%w(diffie-hellman-group-exchange-sha1 diffie-hellman-group1-sha1 diffie-hellman-group14-sha1 diffie-hellman-group-exchange-sha256)+ec_kex).join(','), buffer.read_string
-        assert_equal options[:host_key] || (%w(ssh-rsa ssh-dss ssh-rsa-cert-v01@openssh.com ssh-rsa-cert-v00@openssh.com)+ec_host_keys).join(','), buffer.read_string
-        assert_equal options[:encryption_client] || "aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,aes192-cbc,aes256-cbc,rijndael-cbc@lysator.liu.se,idea-cbc,none,arcfour128,arcfour256,arcfour,aes128-ctr,aes192-ctr,aes256-ctr,cast128-ctr,blowfish-ctr,3des-ctr", buffer.read_string
-        assert_equal options[:encryption_server] || "aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,aes192-cbc,aes256-cbc,rijndael-cbc@lysator.liu.se,idea-cbc,none,arcfour128,arcfour256,arcfour,aes128-ctr,aes192-ctr,aes256-ctr,cast128-ctr,blowfish-ctr,3des-ctr", buffer.read_string
-        assert_equal options[:hmac_client] || "hmac-sha1,hmac-md5,hmac-sha1-96,hmac-md5-96,hmac-ripemd160,hmac-ripemd160@openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-sha2-256-96,hmac-sha2-512-96,none", buffer.read_string
-        assert_equal options[:hmac_server] || "hmac-sha1,hmac-md5,hmac-sha1-96,hmac-md5-96,hmac-ripemd160,hmac-ripemd160@openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-sha2-256-96,hmac-sha2-512-96,none", buffer.read_string
-        assert_equal options[:compression_client] || "none,zlib@openssh.com,zlib", buffer.read_string
-        assert_equal options[:compression_server] || "none,zlib@openssh.com,zlib", buffer.read_string
-        assert_equal options[:language_client] || "", buffer.read_string
-        assert_equal options[:language_server] || "", buffer.read_string
-        assert_equal options[:first_kex_follows] || false, buffer.read_bool
-      end
-
-      def assert_exchange_results
-        assert algorithms.initialized?
-        assert !algorithms.pending?
-        assert !transport.client_options[:compression]
-        assert !transport.server_options[:compression]
-        assert_equal :client_cipher, transport.client_options[:cipher]
-        assert_equal :server_cipher, transport.server_options[:cipher]
-        assert_equal :client_hmac, transport.client_options[:hmac]
-        assert_equal :server_hmac, transport.server_options[:hmac]
-      end
-
-      def algorithms(options={})
-        @algorithms ||= Net::SSH::Transport::Algorithms.new(transport, options)
-      end
-
-      def transport
-        @transport ||= MockTransport.new
-      end
-  end
-
-end