net-ssh 4.0.0.alpha1 → 4.0.0.alpha2
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- checksums.yaml.gz.sig +0 -0
- data.tar.gz.sig +0 -0
- data/.gitignore +6 -0
- data/.travis.yml +10 -7
- data/CHANGES.txt +4 -0
- data/Gemfile +2 -15
- data/README.rdoc +6 -37
- data/Rakefile +5 -57
- data/lib/net/ssh/connection/session.rb +13 -0
- data/lib/net/ssh/ruby_compat.rb +2 -24
- data/lib/net/ssh/version.rb +1 -1
- data/net-ssh.gemspec +34 -225
- metadata +26 -100
- metadata.gz.sig +0 -0
- data/test/README.txt +0 -18
- data/test/authentication/methods/common.rb +0 -28
- data/test/authentication/methods/test_abstract.rb +0 -51
- data/test/authentication/methods/test_hostbased.rb +0 -114
- data/test/authentication/methods/test_keyboard_interactive.rb +0 -121
- data/test/authentication/methods/test_none.rb +0 -41
- data/test/authentication/methods/test_password.rb +0 -95
- data/test/authentication/methods/test_publickey.rb +0 -148
- data/test/authentication/test_agent.rb +0 -224
- data/test/authentication/test_ed25519.rb +0 -77
- data/test/authentication/test_key_manager.rb +0 -240
- data/test/authentication/test_session.rb +0 -107
- data/test/common.rb +0 -109
- data/test/configs/auth_off +0 -5
- data/test/configs/auth_on +0 -4
- data/test/configs/empty +0 -0
- data/test/configs/eqsign +0 -3
- data/test/configs/exact_match +0 -8
- data/test/configs/host_plus +0 -10
- data/test/configs/multihost +0 -4
- data/test/configs/negative_match +0 -6
- data/test/configs/nohost +0 -19
- data/test/configs/numeric_host +0 -4
- data/test/configs/proxy_remote_user +0 -2
- data/test/configs/send_env +0 -2
- data/test/configs/substitutes +0 -8
- data/test/configs/wild_cards +0 -14
- data/test/connection/test_channel.rb +0 -487
- data/test/connection/test_session.rb +0 -563
- data/test/integration/README.md +0 -18
- data/test/integration/Vagrantfile +0 -12
- data/test/integration/common.rb +0 -65
- data/test/integration/playbook.yml +0 -57
- data/test/integration/test_ed25519_pkeys.rb +0 -70
- data/test/integration/test_forward.rb +0 -532
- data/test/integration/test_id_rsa_keys.rb +0 -96
- data/test/integration/test_proxy.rb +0 -93
- data/test/known_hosts/github +0 -1
- data/test/known_hosts/github_hash +0 -1
- data/test/manual/test_pageant.rb +0 -37
- data/test/start/test_connection.rb +0 -53
- data/test/start/test_options.rb +0 -57
- data/test/start/test_transport.rb +0 -28
- data/test/start/test_user_nil.rb +0 -27
- data/test/test_all.rb +0 -12
- data/test/test_buffer.rb +0 -433
- data/test/test_buffered_io.rb +0 -63
- data/test/test_config.rb +0 -268
- data/test/test_key_factory.rb +0 -191
- data/test/test_known_hosts.rb +0 -66
- data/test/transport/hmac/test_md5.rb +0 -41
- data/test/transport/hmac/test_md5_96.rb +0 -27
- data/test/transport/hmac/test_none.rb +0 -34
- data/test/transport/hmac/test_ripemd160.rb +0 -36
- data/test/transport/hmac/test_sha1.rb +0 -36
- data/test/transport/hmac/test_sha1_96.rb +0 -27
- data/test/transport/hmac/test_sha2_256.rb +0 -37
- data/test/transport/hmac/test_sha2_256_96.rb +0 -27
- data/test/transport/hmac/test_sha2_512.rb +0 -37
- data/test/transport/hmac/test_sha2_512_96.rb +0 -27
- data/test/transport/kex/test_diffie_hellman_group14_sha1.rb +0 -13
- data/test/transport/kex/test_diffie_hellman_group1_sha1.rb +0 -150
- data/test/transport/kex/test_diffie_hellman_group_exchange_sha1.rb +0 -96
- data/test/transport/kex/test_diffie_hellman_group_exchange_sha256.rb +0 -19
- data/test/transport/kex/test_ecdh_sha2_nistp256.rb +0 -161
- data/test/transport/kex/test_ecdh_sha2_nistp384.rb +0 -38
- data/test/transport/kex/test_ecdh_sha2_nistp521.rb +0 -38
- data/test/transport/test_algorithms.rb +0 -328
- data/test/transport/test_cipher_factory.rb +0 -324
- data/test/transport/test_hmac.rb +0 -34
- data/test/transport/test_identity_cipher.rb +0 -40
- data/test/transport/test_packet_stream.rb +0 -1186
- data/test/transport/test_server_version.rb +0 -74
- data/test/transport/test_session.rb +0 -331
- data/test/transport/test_state.rb +0 -181
- data/test/verifiers/test_secure.rb +0 -40
@@ -1,41 +0,0 @@
|
|
1
|
-
require 'common'
|
2
|
-
require 'net/ssh/authentication/methods/none'
|
3
|
-
require 'authentication/methods/common'
|
4
|
-
|
5
|
-
module Authentication; module Methods
|
6
|
-
|
7
|
-
class TestNone < Test::Unit::TestCase
|
8
|
-
include Common
|
9
|
-
|
10
|
-
def test_authenticate_should_raise_if_none_disallowed
|
11
|
-
transport.expect do |t,packet|
|
12
|
-
assert_equal USERAUTH_REQUEST, packet.type
|
13
|
-
assert_equal "jamis", packet.read_string
|
14
|
-
assert_equal "ssh-connection", packet.read_string
|
15
|
-
assert_equal "none", packet.read_string
|
16
|
-
|
17
|
-
t.return(USERAUTH_FAILURE, :string, "publickey")
|
18
|
-
end
|
19
|
-
|
20
|
-
assert_raises Net::SSH::Authentication::DisallowedMethod do
|
21
|
-
subject.authenticate("ssh-connection", "jamis", "pass")
|
22
|
-
end
|
23
|
-
end
|
24
|
-
|
25
|
-
def test_authenticate_should_return_true
|
26
|
-
transport.expect do |t,packet|
|
27
|
-
assert_equal USERAUTH_REQUEST, packet.type
|
28
|
-
t.return(USERAUTH_SUCCESS)
|
29
|
-
end
|
30
|
-
|
31
|
-
assert subject.authenticate("ssh-connection", "", "")
|
32
|
-
end
|
33
|
-
|
34
|
-
private
|
35
|
-
|
36
|
-
def subject(options={})
|
37
|
-
@subject ||= Net::SSH::Authentication::Methods::None.new(session(options), options)
|
38
|
-
end
|
39
|
-
end
|
40
|
-
|
41
|
-
end; end
|
@@ -1,95 +0,0 @@
|
|
1
|
-
require 'common'
|
2
|
-
require 'net/ssh/authentication/methods/password'
|
3
|
-
require 'net/ssh/authentication/session'
|
4
|
-
require 'authentication/methods/common'
|
5
|
-
|
6
|
-
|
7
|
-
module Authentication; module Methods
|
8
|
-
|
9
|
-
class TestPassword < Test::Unit::TestCase
|
10
|
-
include Common
|
11
|
-
|
12
|
-
def test_authenticate_should_raise_if_password_disallowed
|
13
|
-
transport.expect do |t,packet|
|
14
|
-
assert_equal USERAUTH_REQUEST, packet.type
|
15
|
-
assert_equal "jamis", packet.read_string
|
16
|
-
assert_equal "ssh-connection", packet.read_string
|
17
|
-
assert_equal "password", packet.read_string
|
18
|
-
assert_equal false, packet.read_bool
|
19
|
-
assert_equal "the-password", packet.read_string
|
20
|
-
|
21
|
-
t.return(USERAUTH_FAILURE, :string, "publickey")
|
22
|
-
end
|
23
|
-
|
24
|
-
assert_raises Net::SSH::Authentication::DisallowedMethod do
|
25
|
-
subject.authenticate("ssh-connection", "jamis", "the-password")
|
26
|
-
end
|
27
|
-
end
|
28
|
-
|
29
|
-
def test_authenticate_ask_for_password_for_second_time_when_password_is_incorrect
|
30
|
-
transport.expect do |t,packet|
|
31
|
-
assert_equal USERAUTH_REQUEST, packet.type
|
32
|
-
assert_equal "jamis", packet.read_string
|
33
|
-
assert_equal "ssh-connection", packet.read_string
|
34
|
-
assert_equal "password", packet.read_string
|
35
|
-
assert_equal false, packet.read_bool
|
36
|
-
assert_equal "the-password", packet.read_string
|
37
|
-
t.return(USERAUTH_FAILURE, :string, "publickey,password")
|
38
|
-
|
39
|
-
t.expect do |t2, packet2|
|
40
|
-
assert_equal USERAUTH_REQUEST, packet2.type
|
41
|
-
assert_equal "jamis", packet2.read_string
|
42
|
-
assert_equal "ssh-connection", packet2.read_string
|
43
|
-
assert_equal "password", packet2.read_string
|
44
|
-
assert_equal false, packet2.read_bool
|
45
|
-
assert_equal "the-password-2", packet2.read_string
|
46
|
-
t.return(USERAUTH_SUCCESS)
|
47
|
-
end
|
48
|
-
end
|
49
|
-
|
50
|
-
subject.expects(:prompt).with("jamis@'s password:", false).returns("the-password-2")
|
51
|
-
subject.authenticate("ssh-connection", "jamis", "the-password")
|
52
|
-
end
|
53
|
-
|
54
|
-
def test_authenticate_ask_for_password_if_not_given
|
55
|
-
transport.expect do |t,packet|
|
56
|
-
assert_equal USERAUTH_REQUEST, packet.type
|
57
|
-
assert_equal "bill", packet.read_string
|
58
|
-
assert_equal "ssh-connection", packet.read_string
|
59
|
-
assert_equal "password", packet.read_string
|
60
|
-
assert_equal false, packet.read_bool
|
61
|
-
assert_equal "good-password", packet.read_string
|
62
|
-
t.return(USERAUTH_SUCCESS)
|
63
|
-
end
|
64
|
-
|
65
|
-
transport.instance_eval { @host='testhost' }
|
66
|
-
subject.expects(:prompt).with("bill@testhost's password:", false).returns("good-password")
|
67
|
-
subject.authenticate("ssh-connection", "bill", nil)
|
68
|
-
end
|
69
|
-
|
70
|
-
def test_authenticate_when_password_is_acceptible_should_return_true
|
71
|
-
transport.expect do |t,packet|
|
72
|
-
assert_equal USERAUTH_REQUEST, packet.type
|
73
|
-
t.return(USERAUTH_SUCCESS)
|
74
|
-
end
|
75
|
-
|
76
|
-
assert subject.authenticate("ssh-connection", "jamis", "the-password")
|
77
|
-
end
|
78
|
-
|
79
|
-
def test_authenticate_should_return_false_if_password_change_request_is_received
|
80
|
-
transport.expect do |t,packet|
|
81
|
-
assert_equal USERAUTH_REQUEST, packet.type
|
82
|
-
t.return(USERAUTH_PASSWD_CHANGEREQ, :string, "Change your password:", :string, "")
|
83
|
-
end
|
84
|
-
|
85
|
-
assert !subject.authenticate("ssh-connection", "jamis", "the-password")
|
86
|
-
end
|
87
|
-
|
88
|
-
private
|
89
|
-
|
90
|
-
def subject(options={})
|
91
|
-
@subject ||= Net::SSH::Authentication::Methods::Password.new(session(options), options)
|
92
|
-
end
|
93
|
-
end
|
94
|
-
|
95
|
-
end; end
|
@@ -1,148 +0,0 @@
|
|
1
|
-
require 'common'
|
2
|
-
require 'net/ssh/authentication/methods/publickey'
|
3
|
-
require 'authentication/methods/common'
|
4
|
-
|
5
|
-
module Authentication; module Methods
|
6
|
-
|
7
|
-
class TestPublickey < Test::Unit::TestCase
|
8
|
-
include Common
|
9
|
-
|
10
|
-
def test_authenticate_should_return_false_when_no_key_manager_has_been_set
|
11
|
-
assert_equal false, subject(:key_manager => nil).authenticate("ssh-connection", "jamis")
|
12
|
-
end
|
13
|
-
|
14
|
-
def test_authenticate_should_return_false_when_key_manager_has_no_keys
|
15
|
-
assert_equal false, subject(:keys => []).authenticate("ssh-connection", "jamis")
|
16
|
-
end
|
17
|
-
|
18
|
-
def test_authenticate_should_return_false_if_no_keys_can_authenticate
|
19
|
-
transport.expect do |t, packet|
|
20
|
-
assert_equal USERAUTH_REQUEST, packet.type
|
21
|
-
assert verify_userauth_request_packet(packet, keys.first, false)
|
22
|
-
t.return(USERAUTH_FAILURE, :string, "hostbased,password")
|
23
|
-
|
24
|
-
t.expect do |t2, packet2|
|
25
|
-
assert_equal USERAUTH_REQUEST, packet2.type
|
26
|
-
assert verify_userauth_request_packet(packet2, keys.last, false)
|
27
|
-
t2.return(USERAUTH_FAILURE, :string, "hostbased,password")
|
28
|
-
end
|
29
|
-
end
|
30
|
-
|
31
|
-
assert_equal false, subject.authenticate("ssh-connection", "jamis")
|
32
|
-
end
|
33
|
-
|
34
|
-
def test_authenticate_should_raise_if_publickey_disallowed
|
35
|
-
key_manager.expects(:sign).with(&signature_parameters(keys.first)).returns("sig-one")
|
36
|
-
|
37
|
-
transport.expect do |t, packet|
|
38
|
-
assert_equal USERAUTH_REQUEST, packet.type
|
39
|
-
assert verify_userauth_request_packet(packet, keys.first, false)
|
40
|
-
t.return(USERAUTH_PK_OK, :string, keys.first.ssh_type, :string, Net::SSH::Buffer.from(:key, keys.first))
|
41
|
-
|
42
|
-
t.expect do |t2,packet2|
|
43
|
-
assert_equal USERAUTH_REQUEST, packet2.type
|
44
|
-
assert verify_userauth_request_packet(packet2, keys.first, true)
|
45
|
-
assert_equal "sig-one", packet2.read_string
|
46
|
-
t2.return(USERAUTH_FAILURE, :string, "hostbased,password")
|
47
|
-
end
|
48
|
-
end
|
49
|
-
|
50
|
-
assert_raises Net::SSH::Authentication::DisallowedMethod do
|
51
|
-
subject.authenticate("ssh-connection", "jamis")
|
52
|
-
end
|
53
|
-
end
|
54
|
-
|
55
|
-
def test_authenticate_should_return_false_if_signature_exchange_fails
|
56
|
-
key_manager.expects(:sign).with(&signature_parameters(keys.first)).returns("sig-one")
|
57
|
-
key_manager.expects(:sign).with(&signature_parameters(keys.last)).returns("sig-two")
|
58
|
-
|
59
|
-
transport.expect do |t, packet|
|
60
|
-
assert_equal USERAUTH_REQUEST, packet.type
|
61
|
-
assert verify_userauth_request_packet(packet, keys.first, false)
|
62
|
-
t.return(USERAUTH_PK_OK, :string, keys.first.ssh_type, :string, Net::SSH::Buffer.from(:key, keys.first))
|
63
|
-
|
64
|
-
t.expect do |t2,packet2|
|
65
|
-
assert_equal USERAUTH_REQUEST, packet2.type
|
66
|
-
assert verify_userauth_request_packet(packet2, keys.first, true)
|
67
|
-
assert_equal "sig-one", packet2.read_string
|
68
|
-
t2.return(USERAUTH_FAILURE, :string, "publickey")
|
69
|
-
|
70
|
-
t2.expect do |t3, packet3|
|
71
|
-
assert_equal USERAUTH_REQUEST, packet3.type
|
72
|
-
assert verify_userauth_request_packet(packet3, keys.last, false)
|
73
|
-
t3.return(USERAUTH_PK_OK, :string, keys.last.ssh_type, :string, Net::SSH::Buffer.from(:key, keys.last))
|
74
|
-
|
75
|
-
t3.expect do |t4,packet4|
|
76
|
-
assert_equal USERAUTH_REQUEST, packet4.type
|
77
|
-
assert verify_userauth_request_packet(packet4, keys.last, true)
|
78
|
-
assert_equal "sig-two", packet4.read_string
|
79
|
-
t4.return(USERAUTH_FAILURE, :string, "publickey")
|
80
|
-
end
|
81
|
-
end
|
82
|
-
end
|
83
|
-
end
|
84
|
-
|
85
|
-
assert !subject.authenticate("ssh-connection", "jamis")
|
86
|
-
end
|
87
|
-
|
88
|
-
def test_authenticate_should_return_true_if_any_key_can_authenticate
|
89
|
-
key_manager.expects(:sign).with(&signature_parameters(keys.first)).returns("sig-one")
|
90
|
-
|
91
|
-
transport.expect do |t, packet|
|
92
|
-
assert_equal USERAUTH_REQUEST, packet.type
|
93
|
-
assert verify_userauth_request_packet(packet, keys.first, false)
|
94
|
-
t.return(USERAUTH_PK_OK, :string, keys.first.ssh_type, :string, Net::SSH::Buffer.from(:key, keys.first))
|
95
|
-
|
96
|
-
t.expect do |t2,packet2|
|
97
|
-
assert_equal USERAUTH_REQUEST, packet2.type
|
98
|
-
assert verify_userauth_request_packet(packet2, keys.first, true)
|
99
|
-
assert_equal "sig-one", packet2.read_string
|
100
|
-
t2.return(USERAUTH_SUCCESS)
|
101
|
-
end
|
102
|
-
end
|
103
|
-
|
104
|
-
assert subject.authenticate("ssh-connection", "jamis")
|
105
|
-
end
|
106
|
-
|
107
|
-
private
|
108
|
-
|
109
|
-
def signature_parameters(key)
|
110
|
-
Proc.new do |given_key, data|
|
111
|
-
next false unless given_key.to_blob == key.to_blob
|
112
|
-
buffer = Net::SSH::Buffer.new(data)
|
113
|
-
buffer.read_string == "abcxyz123" && # session-id
|
114
|
-
buffer.read_byte == USERAUTH_REQUEST && # type
|
115
|
-
verify_userauth_request_packet(buffer, key, true)
|
116
|
-
end
|
117
|
-
end
|
118
|
-
|
119
|
-
def verify_userauth_request_packet(packet, key, has_sig)
|
120
|
-
packet.read_string == "jamis" && # user-name
|
121
|
-
packet.read_string == "ssh-connection" && # next service
|
122
|
-
packet.read_string == "publickey" && # auth-method
|
123
|
-
packet.read_bool == has_sig && # whether a signature is appended
|
124
|
-
packet.read_string == key.ssh_type && # ssh key type
|
125
|
-
packet.read_buffer.read_key.to_blob == key.to_blob # key
|
126
|
-
end
|
127
|
-
|
128
|
-
@@keys = nil
|
129
|
-
def keys
|
130
|
-
@@keys ||= [OpenSSL::PKey::RSA.new(512), OpenSSL::PKey::DSA.new(512)]
|
131
|
-
end
|
132
|
-
|
133
|
-
def key_manager(options={})
|
134
|
-
@key_manager ||= begin
|
135
|
-
manager = stub("key_manager")
|
136
|
-
manager.stubs(:each_identity).multiple_yields(*(options[:keys] || keys))
|
137
|
-
manager
|
138
|
-
end
|
139
|
-
end
|
140
|
-
|
141
|
-
def subject(options={})
|
142
|
-
options[:key_manager] = key_manager(options) unless options.key?(:key_manager)
|
143
|
-
@subject ||= Net::SSH::Authentication::Methods::Publickey.new(session(options), options)
|
144
|
-
end
|
145
|
-
|
146
|
-
end
|
147
|
-
|
148
|
-
end; end
|
@@ -1,224 +0,0 @@
|
|
1
|
-
require 'common'
|
2
|
-
require 'net/ssh/authentication/agent'
|
3
|
-
|
4
|
-
module Authentication
|
5
|
-
|
6
|
-
class TestAgent < Test::Unit::TestCase
|
7
|
-
|
8
|
-
SSH2_AGENT_REQUEST_VERSION = 1
|
9
|
-
SSH2_AGENT_REQUEST_IDENTITIES = 11
|
10
|
-
SSH2_AGENT_IDENTITIES_ANSWER = 12
|
11
|
-
SSH2_AGENT_SIGN_REQUEST = 13
|
12
|
-
SSH2_AGENT_SIGN_RESPONSE = 14
|
13
|
-
SSH2_AGENT_FAILURE = 30
|
14
|
-
SSH2_AGENT_VERSION_RESPONSE = 103
|
15
|
-
|
16
|
-
SSH_COM_AGENT2_FAILURE = 102
|
17
|
-
|
18
|
-
SSH_AGENT_REQUEST_RSA_IDENTITIES = 1
|
19
|
-
SSH_AGENT_RSA_IDENTITIES_ANSWER = 2
|
20
|
-
SSH_AGENT_FAILURE = 5
|
21
|
-
|
22
|
-
def setup
|
23
|
-
@original, ENV['SSH_AUTH_SOCK'] = ENV['SSH_AUTH_SOCK'], "/path/to/ssh.agent.sock"
|
24
|
-
end
|
25
|
-
|
26
|
-
def teardown
|
27
|
-
ENV['SSH_AUTH_SOCK'] = @original
|
28
|
-
end
|
29
|
-
|
30
|
-
def test_connect_should_use_agent_factory_to_determine_connection_type
|
31
|
-
factory.expects(:open).with("/path/to/ssh.agent.sock").returns(socket)
|
32
|
-
agent(false).connect!
|
33
|
-
end
|
34
|
-
|
35
|
-
def test_connect_should_raise_error_if_connection_could_not_be_established
|
36
|
-
factory.expects(:open).raises(SocketError)
|
37
|
-
assert_raises(Net::SSH::Authentication::AgentNotAvailable) { agent(false).connect! }
|
38
|
-
end
|
39
|
-
|
40
|
-
def test_negotiate_should_raise_error_if_ssh2_agent_response_recieved
|
41
|
-
socket.expect do |s, type, buffer|
|
42
|
-
assert_equal SSH2_AGENT_REQUEST_VERSION, type
|
43
|
-
assert_equal Net::SSH::Transport::ServerVersion::PROTO_VERSION, buffer.read_string
|
44
|
-
s.return(SSH2_AGENT_VERSION_RESPONSE)
|
45
|
-
end
|
46
|
-
assert_raises(Net::SSH::Authentication::AgentNotAvailable) { agent.negotiate! }
|
47
|
-
end
|
48
|
-
|
49
|
-
def test_negotiate_should_raise_error_if_response_was_unexpected
|
50
|
-
socket.expect do |s, type, buffer|
|
51
|
-
assert_equal SSH2_AGENT_REQUEST_VERSION, type
|
52
|
-
s.return(255)
|
53
|
-
end
|
54
|
-
assert_raises(Net::SSH::Authentication::AgentNotAvailable) { agent.negotiate! }
|
55
|
-
end
|
56
|
-
|
57
|
-
def test_negotiate_should_be_successful_with_expected_response
|
58
|
-
socket.expect do |s, type, buffer|
|
59
|
-
assert_equal SSH2_AGENT_REQUEST_VERSION, type
|
60
|
-
s.return(SSH_AGENT_RSA_IDENTITIES_ANSWER)
|
61
|
-
end
|
62
|
-
assert_nothing_raised { agent(:connect).negotiate! }
|
63
|
-
end
|
64
|
-
|
65
|
-
def test_identities_should_fail_if_SSH_AGENT_FAILURE_recieved
|
66
|
-
socket.expect do |s, type, buffer|
|
67
|
-
assert_equal SSH2_AGENT_REQUEST_IDENTITIES, type
|
68
|
-
s.return(SSH_AGENT_FAILURE)
|
69
|
-
end
|
70
|
-
assert_raises(Net::SSH::Authentication::AgentError) { agent.identities }
|
71
|
-
end
|
72
|
-
|
73
|
-
def test_identities_should_fail_if_SSH2_AGENT_FAILURE_recieved
|
74
|
-
socket.expect do |s, type, buffer|
|
75
|
-
assert_equal SSH2_AGENT_REQUEST_IDENTITIES, type
|
76
|
-
s.return(SSH2_AGENT_FAILURE)
|
77
|
-
end
|
78
|
-
assert_raises(Net::SSH::Authentication::AgentError) { agent.identities }
|
79
|
-
end
|
80
|
-
|
81
|
-
def test_identities_should_fail_if_SSH_COM_AGENT2_FAILURE_recieved
|
82
|
-
socket.expect do |s, type, buffer|
|
83
|
-
assert_equal SSH2_AGENT_REQUEST_IDENTITIES, type
|
84
|
-
s.return(SSH_COM_AGENT2_FAILURE)
|
85
|
-
end
|
86
|
-
assert_raises(Net::SSH::Authentication::AgentError) { agent.identities }
|
87
|
-
end
|
88
|
-
|
89
|
-
def test_identities_should_fail_if_response_is_not_SSH2_AGENT_IDENTITIES_ANSWER
|
90
|
-
socket.expect do |s, type, buffer|
|
91
|
-
assert_equal SSH2_AGENT_REQUEST_IDENTITIES, type
|
92
|
-
s.return(255)
|
93
|
-
end
|
94
|
-
assert_raises(Net::SSH::Authentication::AgentError) { agent.identities }
|
95
|
-
end
|
96
|
-
|
97
|
-
def test_identities_should_augment_identities_with_comment_field
|
98
|
-
key1 = key
|
99
|
-
key2 = OpenSSL::PKey::DSA.new(512)
|
100
|
-
|
101
|
-
socket.expect do |s, type, buffer|
|
102
|
-
assert_equal SSH2_AGENT_REQUEST_IDENTITIES, type
|
103
|
-
s.return(SSH2_AGENT_IDENTITIES_ANSWER, :long, 2, :string, Net::SSH::Buffer.from(:key, key1), :string, "My favorite key", :string, Net::SSH::Buffer.from(:key, key2), :string, "Okay, but not the best")
|
104
|
-
end
|
105
|
-
|
106
|
-
result = agent.identities
|
107
|
-
assert_equal key1.to_blob, result.first.to_blob
|
108
|
-
assert_equal key2.to_blob, result.last.to_blob
|
109
|
-
assert_equal "My favorite key", result.first.comment
|
110
|
-
assert_equal "Okay, but not the best", result.last.comment
|
111
|
-
end
|
112
|
-
|
113
|
-
def test_identities_should_ignore_unimplemented_ones
|
114
|
-
key1 = key
|
115
|
-
key2 = OpenSSL::PKey::DSA.new(512)
|
116
|
-
key2.to_blob[0..5]='badkey'
|
117
|
-
key3 = OpenSSL::PKey::DSA.new(512)
|
118
|
-
|
119
|
-
socket.expect do |s, type, buffer|
|
120
|
-
assert_equal SSH2_AGENT_REQUEST_IDENTITIES, type
|
121
|
-
s.return(SSH2_AGENT_IDENTITIES_ANSWER, :long, 3, :string, Net::SSH::Buffer.from(:key, key1), :string, "My favorite key", :string, Net::SSH::Buffer.from(:key, key2), :string, "bad", :string, Net::SSH::Buffer.from(:key, key3), :string, "Okay, but not the best")
|
122
|
-
end
|
123
|
-
|
124
|
-
result = agent.identities
|
125
|
-
assert_equal 2,result.size
|
126
|
-
assert_equal key1.to_blob, result.first.to_blob
|
127
|
-
assert_equal key3.to_blob, result.last.to_blob
|
128
|
-
assert_equal "My favorite key", result.first.comment
|
129
|
-
assert_equal "Okay, but not the best", result.last.comment
|
130
|
-
end
|
131
|
-
|
132
|
-
def test_close_should_close_socket
|
133
|
-
socket.expects(:close)
|
134
|
-
agent.close
|
135
|
-
end
|
136
|
-
|
137
|
-
def test_sign_should_fail_if_response_is_SSH_AGENT_FAILURE
|
138
|
-
socket.expect { |s,| s.return(SSH_AGENT_FAILURE) }
|
139
|
-
assert_raises(Net::SSH::Authentication::AgentError) { agent.sign(key, "hello world") }
|
140
|
-
end
|
141
|
-
|
142
|
-
def test_sign_should_fail_if_response_is_SSH2_AGENT_FAILURE
|
143
|
-
socket.expect { |s,| s.return(SSH2_AGENT_FAILURE) }
|
144
|
-
assert_raises(Net::SSH::Authentication::AgentError) { agent.sign(key, "hello world") }
|
145
|
-
end
|
146
|
-
|
147
|
-
def test_sign_should_fail_if_response_is_SSH_COM_AGENT2_FAILURE
|
148
|
-
socket.expect { |s,| s.return(SSH_COM_AGENT2_FAILURE) }
|
149
|
-
assert_raises(Net::SSH::Authentication::AgentError) { agent.sign(key, "hello world") }
|
150
|
-
end
|
151
|
-
|
152
|
-
def test_sign_should_fail_if_response_is_not_SSH2_AGENT_SIGN_RESPONSE
|
153
|
-
socket.expect { |s,| s.return(255) }
|
154
|
-
assert_raises(Net::SSH::Authentication::AgentError) { agent.sign(key, "hello world") }
|
155
|
-
end
|
156
|
-
|
157
|
-
def test_sign_should_return_signed_data_from_agent
|
158
|
-
socket.expect do |s,type,buffer|
|
159
|
-
assert_equal SSH2_AGENT_SIGN_REQUEST, type
|
160
|
-
assert_equal key.to_blob, Net::SSH::Buffer.new(buffer.read_string).read_key.to_blob
|
161
|
-
assert_equal "hello world", buffer.read_string
|
162
|
-
assert_equal 0, buffer.read_long
|
163
|
-
|
164
|
-
s.return(SSH2_AGENT_SIGN_RESPONSE, :string, "abcxyz123")
|
165
|
-
end
|
166
|
-
|
167
|
-
assert_equal "abcxyz123", agent.sign(key, "hello world")
|
168
|
-
end
|
169
|
-
|
170
|
-
private
|
171
|
-
|
172
|
-
class MockSocket
|
173
|
-
def initialize
|
174
|
-
@expectation = nil
|
175
|
-
@buffer = Net::SSH::Buffer.new
|
176
|
-
end
|
177
|
-
|
178
|
-
def expect(&block)
|
179
|
-
@expectation = block
|
180
|
-
end
|
181
|
-
|
182
|
-
def return(type, *args)
|
183
|
-
data = Net::SSH::Buffer.from(*args)
|
184
|
-
@buffer.append([data.length+1, type, data.to_s].pack("NCA*"))
|
185
|
-
end
|
186
|
-
|
187
|
-
def send(data, flags)
|
188
|
-
raise "got #{data.inspect} but no packet was expected" unless @expectation
|
189
|
-
buffer = Net::SSH::Buffer.new(data)
|
190
|
-
buffer.read_long # skip the length
|
191
|
-
type = buffer.read_byte
|
192
|
-
@expectation.call(self, type, buffer)
|
193
|
-
@expectation = nil
|
194
|
-
end
|
195
|
-
|
196
|
-
def read(length)
|
197
|
-
@buffer.read(length)
|
198
|
-
end
|
199
|
-
end
|
200
|
-
|
201
|
-
def key
|
202
|
-
@key ||= OpenSSL::PKey::RSA.new(512)
|
203
|
-
end
|
204
|
-
|
205
|
-
def socket
|
206
|
-
@socket ||= MockSocket.new
|
207
|
-
end
|
208
|
-
|
209
|
-
def factory
|
210
|
-
@factory ||= stub("socket factory", :open => socket)
|
211
|
-
end
|
212
|
-
|
213
|
-
def agent(auto=:connect)
|
214
|
-
@agent ||= begin
|
215
|
-
agent = Net::SSH::Authentication::Agent.new
|
216
|
-
agent.stubs(:agent_socket_factory).returns(factory)
|
217
|
-
agent.connect! if auto == :connect
|
218
|
-
agent
|
219
|
-
end
|
220
|
-
end
|
221
|
-
|
222
|
-
end
|
223
|
-
|
224
|
-
end
|