diff options
Diffstat (limited to 'vendor/golang.org/x/crypto/ssh/agent/server_test.go')
-rw-r--r-- | vendor/golang.org/x/crypto/ssh/agent/server_test.go | 259 |
1 files changed, 0 insertions, 259 deletions
diff --git a/vendor/golang.org/x/crypto/ssh/agent/server_test.go b/vendor/golang.org/x/crypto/ssh/agent/server_test.go deleted file mode 100644 index 038018e..0000000 --- a/vendor/golang.org/x/crypto/ssh/agent/server_test.go +++ /dev/null @@ -1,259 +0,0 @@ -// Copyright 2012 The Go Authors. All rights reserved. -// Use of this source code is governed by a BSD-style -// license that can be found in the LICENSE file. - -package agent - -import ( - "crypto" - "crypto/rand" - "fmt" - pseudorand "math/rand" - "reflect" - "strings" - "testing" - - "golang.org/x/crypto/ssh" -) - -func TestServer(t *testing.T) { - c1, c2, err := netPipe() - if err != nil { - t.Fatalf("netPipe: %v", err) - } - defer c1.Close() - defer c2.Close() - client := NewClient(c1) - - go ServeAgent(NewKeyring(), c2) - - testAgentInterface(t, client, testPrivateKeys["rsa"], nil, 0) -} - -func TestLockServer(t *testing.T) { - testLockAgent(NewKeyring(), t) -} - -func TestSetupForwardAgent(t *testing.T) { - a, b, err := netPipe() - if err != nil { - t.Fatalf("netPipe: %v", err) - } - - defer a.Close() - defer b.Close() - - _, socket, cleanup := startOpenSSHAgent(t) - defer cleanup() - - serverConf := ssh.ServerConfig{ - NoClientAuth: true, - } - serverConf.AddHostKey(testSigners["rsa"]) - incoming := make(chan *ssh.ServerConn, 1) - go func() { - conn, _, _, err := ssh.NewServerConn(a, &serverConf) - if err != nil { - t.Fatalf("Server: %v", err) - } - incoming <- conn - }() - - conf := ssh.ClientConfig{ - HostKeyCallback: ssh.InsecureIgnoreHostKey(), - } - conn, chans, reqs, err := ssh.NewClientConn(b, "", &conf) - if err != nil { - t.Fatalf("NewClientConn: %v", err) - } - client := ssh.NewClient(conn, chans, reqs) - - if err := ForwardToRemote(client, socket); err != nil { - t.Fatalf("SetupForwardAgent: %v", err) - } - - server := <-incoming - ch, reqs, err := server.OpenChannel(channelType, nil) - if err != nil { - t.Fatalf("OpenChannel(%q): %v", channelType, err) - } - go ssh.DiscardRequests(reqs) - - agentClient := NewClient(ch) - testAgentInterface(t, agentClient, testPrivateKeys["rsa"], nil, 0) - conn.Close() -} - -func TestV1ProtocolMessages(t *testing.T) { - c1, c2, err := netPipe() - if err != nil { - t.Fatalf("netPipe: %v", err) - } - defer c1.Close() - defer c2.Close() - c := NewClient(c1) - - go ServeAgent(NewKeyring(), c2) - - testV1ProtocolMessages(t, c.(*client)) -} - -func testV1ProtocolMessages(t *testing.T, c *client) { - reply, err := c.call([]byte{agentRequestV1Identities}) - if err != nil { - t.Fatalf("v1 request all failed: %v", err) - } - if msg, ok := reply.(*agentV1IdentityMsg); !ok || msg.Numkeys != 0 { - t.Fatalf("invalid request all response: %#v", reply) - } - - reply, err = c.call([]byte{agentRemoveAllV1Identities}) - if err != nil { - t.Fatalf("v1 remove all failed: %v", err) - } - if _, ok := reply.(*successAgentMsg); !ok { - t.Fatalf("invalid remove all response: %#v", reply) - } -} - -func verifyKey(sshAgent Agent) error { - keys, err := sshAgent.List() - if err != nil { - return fmt.Errorf("listing keys: %v", err) - } - - if len(keys) != 1 { - return fmt.Errorf("bad number of keys found. expected 1, got %d", len(keys)) - } - - buf := make([]byte, 128) - if _, err := rand.Read(buf); err != nil { - return fmt.Errorf("rand: %v", err) - } - - sig, err := sshAgent.Sign(keys[0], buf) - if err != nil { - return fmt.Errorf("sign: %v", err) - } - - if err := keys[0].Verify(buf, sig); err != nil { - return fmt.Errorf("verify: %v", err) - } - return nil -} - -func addKeyToAgent(key crypto.PrivateKey) error { - sshAgent := NewKeyring() - if err := sshAgent.Add(AddedKey{PrivateKey: key}); err != nil { - return fmt.Errorf("add: %v", err) - } - return verifyKey(sshAgent) -} - -func TestKeyTypes(t *testing.T) { - for k, v := range testPrivateKeys { - if err := addKeyToAgent(v); err != nil { - t.Errorf("error adding key type %s, %v", k, err) - } - if err := addCertToAgentSock(v, nil); err != nil { - t.Errorf("error adding key type %s, %v", k, err) - } - } -} - -func addCertToAgentSock(key crypto.PrivateKey, cert *ssh.Certificate) error { - a, b, err := netPipe() - if err != nil { - return err - } - agentServer := NewKeyring() - go ServeAgent(agentServer, a) - - agentClient := NewClient(b) - if err := agentClient.Add(AddedKey{PrivateKey: key, Certificate: cert}); err != nil { - return fmt.Errorf("add: %v", err) - } - return verifyKey(agentClient) -} - -func addCertToAgent(key crypto.PrivateKey, cert *ssh.Certificate) error { - sshAgent := NewKeyring() - if err := sshAgent.Add(AddedKey{PrivateKey: key, Certificate: cert}); err != nil { - return fmt.Errorf("add: %v", err) - } - return verifyKey(sshAgent) -} - -func TestCertTypes(t *testing.T) { - for keyType, key := range testPublicKeys { - cert := &ssh.Certificate{ - ValidPrincipals: []string{"gopher1"}, - ValidAfter: 0, - ValidBefore: ssh.CertTimeInfinity, - Key: key, - Serial: 1, - CertType: ssh.UserCert, - SignatureKey: testPublicKeys["rsa"], - Permissions: ssh.Permissions{ - CriticalOptions: map[string]string{}, - Extensions: map[string]string{}, - }, - } - if err := cert.SignCert(rand.Reader, testSigners["rsa"]); err != nil { - t.Fatalf("signcert: %v", err) - } - if err := addCertToAgent(testPrivateKeys[keyType], cert); err != nil { - t.Fatalf("%v", err) - } - if err := addCertToAgentSock(testPrivateKeys[keyType], cert); err != nil { - t.Fatalf("%v", err) - } - } -} - -func TestParseConstraints(t *testing.T) { - // Test LifetimeSecs - var msg = constrainLifetimeAgentMsg{pseudorand.Uint32()} - lifetimeSecs, _, _, err := parseConstraints(ssh.Marshal(msg)) - if err != nil { - t.Fatalf("parseConstraints: %v", err) - } - if lifetimeSecs != msg.LifetimeSecs { - t.Errorf("got lifetime %v, want %v", lifetimeSecs, msg.LifetimeSecs) - } - - // Test ConfirmBeforeUse - _, confirmBeforeUse, _, err := parseConstraints([]byte{agentConstrainConfirm}) - if err != nil { - t.Fatalf("%v", err) - } - if !confirmBeforeUse { - t.Error("got comfirmBeforeUse == false") - } - - // Test ConstraintExtensions - var data []byte - var expect []ConstraintExtension - for i := 0; i < 10; i++ { - var ext = ConstraintExtension{ - ExtensionName: fmt.Sprintf("name%d", i), - ExtensionDetails: []byte(fmt.Sprintf("details: %d", i)), - } - expect = append(expect, ext) - data = append(data, agentConstrainExtension) - data = append(data, ssh.Marshal(ext)...) - } - _, _, extensions, err := parseConstraints(data) - if err != nil { - t.Fatalf("%v", err) - } - if !reflect.DeepEqual(expect, extensions) { - t.Errorf("got extension %v, want %v", extensions, expect) - } - - // Test Unknown Constraint - _, _, _, err = parseConstraints([]byte{128}) - if err == nil || !strings.Contains(err.Error(), "unknown constraint") { - t.Errorf("unexpected error: %v", err) - } -} |