# Copyright (c) Twisted Matrix Laboratories. # See LICENSE for details. """ Tests for L{twisted.conch.openssh_compat}. """ import os from twisted.trial.unittest import TestCase from twisted.python.filepath import FilePath from twisted.python.reflect import requireModule if requireModule('cryptography') and requireModule('pyasn1'): from twisted.conch.openssh_compat.factory import OpenSSHFactory else: OpenSSHFactory = None from twisted.conch.ssh._kex import getDHGeneratorAndPrime from twisted.conch.test import keydata from twisted.test.test_process import MockOS class OpenSSHFactoryTests(TestCase): """ Tests for L{OpenSSHFactory}. """ if getattr(os, "geteuid", None) is None: skip = "geteuid/seteuid not available" elif OpenSSHFactory is None: skip = "Cannot run without cryptography or PyASN1" def setUp(self): self.factory = OpenSSHFactory() self.keysDir = FilePath(self.mktemp()) self.keysDir.makedirs() self.factory.dataRoot = self.keysDir.path self.moduliDir = FilePath(self.mktemp()) self.moduliDir.makedirs() self.factory.moduliRoot = self.moduliDir.path self.keysDir.child("ssh_host_foo").setContent(b"foo") self.keysDir.child("bar_key").setContent(b"foo") self.keysDir.child("ssh_host_one_key").setContent( keydata.privateRSA_openssh) self.keysDir.child("ssh_host_two_key").setContent( keydata.privateDSA_openssh) self.keysDir.child("ssh_host_three_key").setContent( b"not a key content") self.keysDir.child("ssh_host_one_key.pub").setContent( keydata.publicRSA_openssh) self.moduliDir.child("moduli").setContent(b""" # $OpenBSD: moduli,v 1.xx 2016/07/26 12:34:56 jhacker Exp $ # Time Type Tests Tries Size Generator Modulus 20030501000000 2 6 100 2047 2 FFFFFFFFFFFFFFFFC90FDAA22168C234C4C6628B80DC1CD129024E088A67CC74020BBEA63B139B22514A08798E3404DDEF9519B3CD3A431B302B0A6DF25F14374FE1356D6D51C245E485B576625E7EC6F44C42E9A637ED6B0BFF5CB6F406B7EDEE386BFB5A899FA5AE9F24117C4B1FE649286651ECE45B3DC2007CB8A163BF0598DA48361C55D39A69163FA8FD24CF5F83655D23DCA3AD961C62F356208552BB9ED529077096966D670C354E4ABC9804F1746C08CA18217C32905E462E36CE3BE39E772C180E86039B2783A2EC07A28FB5C55DF06F4C52C9DE2BCBF6955817183995497CEA956AE515D2261898FA051015728E5A8AACAA68FFFFFFFFFFFFFFFF """) self.mockos = MockOS() self.patch(os, "seteuid", self.mockos.seteuid) self.patch(os, "setegid", self.mockos.setegid) def test_getPublicKeys(self): """ L{OpenSSHFactory.getPublicKeys} should return the available public keys in the data directory """ keys = self.factory.getPublicKeys() self.assertEqual(len(keys), 1) keyTypes = keys.keys() self.assertEqual(list(keyTypes), [b'ssh-rsa']) def test_getPrivateKeys(self): """ Will return the available private keys in the data directory, ignoring key files which failed to be loaded. """ keys = self.factory.getPrivateKeys() self.assertEqual(len(keys), 2) keyTypes = keys.keys() self.assertEqual(set(keyTypes), set([b'ssh-rsa', b'ssh-dss'])) self.assertEqual(self.mockos.seteuidCalls, []) self.assertEqual(self.mockos.setegidCalls, []) def test_getPrivateKeysAsRoot(self): """ L{OpenSSHFactory.getPrivateKeys} should switch to root if the keys aren't readable by the current user. """ keyFile = self.keysDir.child("ssh_host_two_key") # Fake permission error by changing the mode keyFile.chmod(0000) self.addCleanup(keyFile.chmod, 0o777) # And restore the right mode when seteuid is called savedSeteuid = os.seteuid def seteuid(euid): keyFile.chmod(0o777) return savedSeteuid(euid) self.patch(os, "seteuid", seteuid) keys = self.factory.getPrivateKeys() self.assertEqual(len(keys), 2) keyTypes = keys.keys() self.assertEqual(set(keyTypes), set([b'ssh-rsa', b'ssh-dss'])) self.assertEqual(self.mockos.seteuidCalls, [0, os.geteuid()]) self.assertEqual(self.mockos.setegidCalls, [0, os.getegid()]) def test_getPrimes(self): """ L{OpenSSHFactory.getPrimes} should return the available primes in the moduli directory. """ primes = self.factory.getPrimes() self.assertEqual(primes, { 2048: [getDHGeneratorAndPrime(b"diffie-hellman-group14-sha1")], })
Name | Type | Size | Permission | Actions |
---|---|---|---|---|
__pycache__ | Folder | 0755 |
|
|
__init__.py | File | 14 B | 0644 |
|
keydata.py | File | 17.06 KB | 0644 |
|
loopback.py | File | 757 B | 0644 |
|
test_address.py | File | 1.59 KB | 0644 |
|
test_agent.py | File | 12.78 KB | 0644 |
|
test_cftp.py | File | 49.7 KB | 0644 |
|
test_channel.py | File | 11.82 KB | 0644 |
|
test_checkers.py | File | 30.76 KB | 0644 |
|
test_ckeygen.py | File | 19.8 KB | 0644 |
|
test_conch.py | File | 24.55 KB | 0644 |
|
test_connection.py | File | 27.49 KB | 0644 |
|
test_default.py | File | 11.31 KB | 0644 |
|
test_endpoints.py | File | 51.96 KB | 0644 |
|
test_filetransfer.py | File | 26.65 KB | 0644 |
|
test_forwarding.py | File | 2.16 KB | 0644 |
|
test_helper.py | File | 20.01 KB | 0644 |
|
test_insults.py | File | 32.79 KB | 0644 |
|
test_keys.py | File | 53.57 KB | 0644 |
|
test_knownhosts.py | File | 48.26 KB | 0644 |
|
test_manhole.py | File | 12.52 KB | 0644 |
|
test_manhole_tap.py | File | 4.14 KB | 0644 |
|
test_mixin.py | File | 1.03 KB | 0644 |
|
test_openssh_compat.py | File | 4.52 KB | 0644 |
|
test_recvline.py | File | 24.81 KB | 0644 |
|
test_scripts.py | File | 1.84 KB | 0644 |
|
test_session.py | File | 38.54 KB | 0644 |
|
test_ssh.py | File | 31.62 KB | 0644 |
|
test_tap.py | File | 4.83 KB | 0644 |
|
test_telnet.py | File | 25.9 KB | 0644 |
|
test_text.py | File | 3.85 KB | 0644 |
|
test_transport.py | File | 89.71 KB | 0644 |
|
test_unix.py | File | 2.47 KB | 0644 |
|
test_userauth.py | File | 31.84 KB | 0644 |
|
test_window.py | File | 2.07 KB | 0644 |
|