2017-02-16 00:08:25 +00:00
|
|
|
package ssh
|
|
|
|
|
|
|
|
import (
|
|
|
|
"bytes"
|
|
|
|
"fmt"
|
|
|
|
"io"
|
|
|
|
"net"
|
|
|
|
"testing"
|
|
|
|
|
|
|
|
gossh "golang.org/x/crypto/ssh"
|
|
|
|
)
|
|
|
|
|
|
|
|
func (srv *Server) serveOnce(l net.Listener) error {
|
Remote forwarding (#88)
* context: fixed documentation to be more specific about ContextKeyConn being the key for a gossh.ServerConn
Signed-off-by: Jeff Lindsay <progrium@gmail.com>
* server: fixes handler setup, changed to interface based handlers, added global request handler map
* tcpip: working remote forwarding
Signed-off-by: Jeff Lindsay <progrium@gmail.com>
* context: docs typo
Signed-off-by: Jeff Lindsay <progrium@gmail.com>
* session: always reply to unblock clients trying something
Signed-off-by: Jeff Lindsay <progrium@gmail.com>
* tcpip: stop listening when ssh clients disconnect
Signed-off-by: Jeff Lindsay <progrium@gmail.com>
* Remote forwarding (#87)
* Update generateSigner key size to 2048 (#62)
Fixes #58
* Add syntax highlighting to readme (#67)
* small api updates (#69)
These updates make it easier to implement and pass custom Session and
Context implementations
No compatibilty breaking, all tests pass
* Move channelHandlers to avoid data race (#59)
* Update tests to work with go 1.10+ (#73)
Fixes #72
* Update shutdown to use a WaitGroup rather than sleeping (#74)
* Fix race condition in TestServerClose (#75)
In test server close, 3 things need to happen in order:
- Client session start
- Server.Close
- Client session exit (With io.EOF)
This fix ensures the client won't do anything until after the call to
close which ensure's we'll get io.EOF rather than a different error.
* Update circleci config to test multiple go versions
* Update CircleCI config to test 1.9 and the latest
The x/crypto/ssh library dropped support go < 1.9 as that's the first
version to have the math/bits library.
https://github.com/golang/crypto/commit/83c378c48d6ee2ca9c20551b599aa74cb7765785
* Wait for connections to finish when shutting down
PR #74 introduced a WaitGroup for listeners, but it doesn't wait for
open connections before closing the server. This patch waits until all
conns are closed before returning from Shutdown.
* Support port forwarding of literal IPv6 addresses (#85)
* Support port forwarding of literal IPv6 addresses
To disambiguate between colons as host:port separators and as IPv6 address separators, literal IPv6 addresses use square brackets around the address (https://en.wikipedia.org/wiki/IPv6_address#Literal_IPv6_addresses_in_network_resource_identifiers). So host ::1, port 22 is written as [::1]:22, and therefore a simple concatenation of host, colon, and port doesn't work. Fortunately net.JoinHostPort already implements this functionality, so with a bit of type gymnastics we can generate dest in an IPv6-safe way.
* Support port forwarding of literal IPv6 addresses
To disambiguate between colons as host:port separators and as IPv6 address separators, literal IPv6 addresses use square brackets around the address (https://en.wikipedia.org/wiki/IPv6_address#Literal_IPv6_addresses_in_network_resource_identifiers). So host ::1, port 22 is written as [::1]:22, and therefore a simple concatenation of host, colon, and port doesn't work. Fortunately net.JoinHostPort already implements this functionality, so with a bit of type gymnastics we can generate dest in an IPv6-safe way.
* Reverse port forwarding callback added
* garbage removed
2018-11-13 16:04:02 +00:00
|
|
|
srv.ensureHandlers()
|
2017-03-14 19:13:03 +00:00
|
|
|
if err := srv.ensureHostSigner(); err != nil {
|
2017-02-16 00:08:25 +00:00
|
|
|
return err
|
|
|
|
}
|
|
|
|
conn, e := l.Accept()
|
|
|
|
if e != nil {
|
|
|
|
return e
|
|
|
|
}
|
2019-06-12 17:41:07 +00:00
|
|
|
srv.ChannelHandlers = map[string]ChannelHandler{
|
2019-06-19 08:24:53 +00:00
|
|
|
"session": DefaultSessionHandler,
|
|
|
|
"direct-tcpip": DirectTCPIPHandler,
|
2018-04-04 18:06:36 +00:00
|
|
|
}
|
2019-09-27 20:30:27 +00:00
|
|
|
srv.HandleConn(conn)
|
2017-02-16 00:08:25 +00:00
|
|
|
return nil
|
|
|
|
}
|
|
|
|
|
|
|
|
func newLocalListener() net.Listener {
|
|
|
|
l, err := net.Listen("tcp", "127.0.0.1:0")
|
|
|
|
if err != nil {
|
|
|
|
if l, err = net.Listen("tcp6", "[::1]:0"); err != nil {
|
|
|
|
panic(fmt.Sprintf("failed to listen on a port: %v", err))
|
|
|
|
}
|
|
|
|
}
|
|
|
|
return l
|
|
|
|
}
|
|
|
|
|
2017-04-28 22:54:12 +00:00
|
|
|
func newClientSession(t *testing.T, addr string, config *gossh.ClientConfig) (*gossh.Session, *gossh.Client, func()) {
|
2017-02-16 00:08:25 +00:00
|
|
|
if config == nil {
|
|
|
|
config = &gossh.ClientConfig{
|
|
|
|
User: "testuser",
|
|
|
|
Auth: []gossh.AuthMethod{
|
|
|
|
gossh.Password("testpass"),
|
|
|
|
},
|
|
|
|
}
|
|
|
|
}
|
2017-04-14 19:47:40 +00:00
|
|
|
if config.HostKeyCallback == nil {
|
|
|
|
config.HostKeyCallback = gossh.InsecureIgnoreHostKey()
|
|
|
|
}
|
2017-02-16 00:08:25 +00:00
|
|
|
client, err := gossh.Dial("tcp", addr, config)
|
|
|
|
if err != nil {
|
|
|
|
t.Fatal(err)
|
|
|
|
}
|
|
|
|
session, err := client.NewSession()
|
|
|
|
if err != nil {
|
|
|
|
t.Fatal(err)
|
|
|
|
}
|
2017-04-28 22:54:12 +00:00
|
|
|
return session, client, func() {
|
2017-02-16 00:08:25 +00:00
|
|
|
session.Close()
|
|
|
|
client.Close()
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2017-04-28 22:54:12 +00:00
|
|
|
func newTestSession(t *testing.T, srv *Server, cfg *gossh.ClientConfig) (*gossh.Session, *gossh.Client, func()) {
|
2017-02-16 00:08:25 +00:00
|
|
|
l := newLocalListener()
|
|
|
|
go srv.serveOnce(l)
|
|
|
|
return newClientSession(t, l.Addr().String(), cfg)
|
|
|
|
}
|
|
|
|
|
|
|
|
func TestStdout(t *testing.T) {
|
2017-03-14 19:13:03 +00:00
|
|
|
t.Parallel()
|
2017-02-16 00:08:25 +00:00
|
|
|
testBytes := []byte("Hello world\n")
|
2017-04-28 22:54:12 +00:00
|
|
|
session, _, cleanup := newTestSession(t, &Server{
|
2017-02-16 00:08:25 +00:00
|
|
|
Handler: func(s Session) {
|
|
|
|
s.Write(testBytes)
|
|
|
|
},
|
|
|
|
}, nil)
|
|
|
|
defer cleanup()
|
|
|
|
var stdout bytes.Buffer
|
|
|
|
session.Stdout = &stdout
|
|
|
|
if err := session.Run(""); err != nil {
|
|
|
|
t.Fatal(err)
|
|
|
|
}
|
|
|
|
if !bytes.Equal(stdout.Bytes(), testBytes) {
|
|
|
|
t.Fatalf("stdout = %#v; want %#v", stdout.Bytes(), testBytes)
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
func TestStderr(t *testing.T) {
|
2017-03-14 19:13:03 +00:00
|
|
|
t.Parallel()
|
2017-02-16 00:08:25 +00:00
|
|
|
testBytes := []byte("Hello world\n")
|
2017-04-28 22:54:12 +00:00
|
|
|
session, _, cleanup := newTestSession(t, &Server{
|
2017-02-16 00:08:25 +00:00
|
|
|
Handler: func(s Session) {
|
|
|
|
s.Stderr().Write(testBytes)
|
|
|
|
},
|
|
|
|
}, nil)
|
|
|
|
defer cleanup()
|
|
|
|
var stderr bytes.Buffer
|
|
|
|
session.Stderr = &stderr
|
|
|
|
if err := session.Run(""); err != nil {
|
|
|
|
t.Fatal(err)
|
|
|
|
}
|
|
|
|
if !bytes.Equal(stderr.Bytes(), testBytes) {
|
|
|
|
t.Fatalf("stderr = %#v; want %#v", stderr.Bytes(), testBytes)
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
func TestStdin(t *testing.T) {
|
2017-03-14 19:13:03 +00:00
|
|
|
t.Parallel()
|
2017-02-16 00:08:25 +00:00
|
|
|
testBytes := []byte("Hello world\n")
|
2017-04-28 22:54:12 +00:00
|
|
|
session, _, cleanup := newTestSession(t, &Server{
|
2017-02-16 00:08:25 +00:00
|
|
|
Handler: func(s Session) {
|
|
|
|
io.Copy(s, s) // stdin back into stdout
|
|
|
|
},
|
|
|
|
}, nil)
|
|
|
|
defer cleanup()
|
|
|
|
var stdout bytes.Buffer
|
|
|
|
session.Stdout = &stdout
|
|
|
|
session.Stdin = bytes.NewBuffer(testBytes)
|
|
|
|
if err := session.Run(""); err != nil {
|
|
|
|
t.Fatal(err)
|
|
|
|
}
|
|
|
|
if !bytes.Equal(stdout.Bytes(), testBytes) {
|
|
|
|
t.Fatalf("stdout = %#v; want %#v given stdin = %#v", stdout.Bytes(), testBytes, testBytes)
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
func TestUser(t *testing.T) {
|
2017-03-14 19:13:03 +00:00
|
|
|
t.Parallel()
|
2017-02-16 00:08:25 +00:00
|
|
|
testUser := []byte("progrium")
|
2017-04-28 22:54:12 +00:00
|
|
|
session, _, cleanup := newTestSession(t, &Server{
|
2017-02-16 00:08:25 +00:00
|
|
|
Handler: func(s Session) {
|
|
|
|
io.WriteString(s, s.User())
|
|
|
|
},
|
|
|
|
}, &gossh.ClientConfig{
|
|
|
|
User: string(testUser),
|
|
|
|
})
|
|
|
|
defer cleanup()
|
|
|
|
var stdout bytes.Buffer
|
|
|
|
session.Stdout = &stdout
|
|
|
|
if err := session.Run(""); err != nil {
|
|
|
|
t.Fatal(err)
|
|
|
|
}
|
|
|
|
if !bytes.Equal(stdout.Bytes(), testUser) {
|
|
|
|
t.Fatalf("stdout = %#v; want %#v given user = %#v", stdout.Bytes(), testUser, string(testUser))
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
func TestDefaultExitStatusZero(t *testing.T) {
|
2017-03-14 19:13:03 +00:00
|
|
|
t.Parallel()
|
2017-04-28 22:54:12 +00:00
|
|
|
session, _, cleanup := newTestSession(t, &Server{
|
2017-02-16 00:08:25 +00:00
|
|
|
Handler: func(s Session) {
|
|
|
|
// noop
|
|
|
|
},
|
|
|
|
}, nil)
|
|
|
|
defer cleanup()
|
|
|
|
err := session.Run("")
|
|
|
|
if err != nil {
|
|
|
|
t.Fatalf("expected nil but got %v", err)
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
func TestExplicitExitStatusZero(t *testing.T) {
|
2017-03-14 19:13:03 +00:00
|
|
|
t.Parallel()
|
2017-04-28 22:54:12 +00:00
|
|
|
session, _, cleanup := newTestSession(t, &Server{
|
2017-02-16 00:08:25 +00:00
|
|
|
Handler: func(s Session) {
|
|
|
|
s.Exit(0)
|
|
|
|
},
|
|
|
|
}, nil)
|
|
|
|
defer cleanup()
|
|
|
|
err := session.Run("")
|
|
|
|
if err != nil {
|
|
|
|
t.Fatalf("expected nil but got %v", err)
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
func TestExitStatusNonZero(t *testing.T) {
|
2017-03-14 19:13:03 +00:00
|
|
|
t.Parallel()
|
2017-04-28 22:54:12 +00:00
|
|
|
session, _, cleanup := newTestSession(t, &Server{
|
2017-02-16 00:08:25 +00:00
|
|
|
Handler: func(s Session) {
|
|
|
|
s.Exit(1)
|
|
|
|
},
|
|
|
|
}, nil)
|
|
|
|
defer cleanup()
|
|
|
|
err := session.Run("")
|
|
|
|
e, ok := err.(*gossh.ExitError)
|
|
|
|
if !ok {
|
|
|
|
t.Fatalf("expected ExitError but got %T", err)
|
|
|
|
}
|
|
|
|
if e.ExitStatus() != 1 {
|
|
|
|
t.Fatalf("exit-status = %#v; want %#v", e.ExitStatus(), 1)
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
func TestPty(t *testing.T) {
|
2017-03-14 19:13:03 +00:00
|
|
|
t.Parallel()
|
2017-02-16 00:08:25 +00:00
|
|
|
term := "xterm"
|
|
|
|
winWidth := 40
|
|
|
|
winHeight := 80
|
|
|
|
done := make(chan bool)
|
2017-04-28 22:54:12 +00:00
|
|
|
session, _, cleanup := newTestSession(t, &Server{
|
2017-02-16 00:08:25 +00:00
|
|
|
Handler: func(s Session) {
|
|
|
|
ptyReq, _, isPty := s.Pty()
|
|
|
|
if !isPty {
|
|
|
|
t.Fatalf("expected pty but none requested")
|
|
|
|
}
|
|
|
|
if ptyReq.Term != term {
|
|
|
|
t.Fatalf("expected term %#v but got %#v", term, ptyReq.Term)
|
|
|
|
}
|
|
|
|
if ptyReq.Window.Width != winWidth {
|
|
|
|
t.Fatalf("expected window width %#v but got %#v", winWidth, ptyReq.Window.Width)
|
|
|
|
}
|
|
|
|
if ptyReq.Window.Height != winHeight {
|
|
|
|
t.Fatalf("expected window height %#v but got %#v", winHeight, ptyReq.Window.Height)
|
|
|
|
}
|
|
|
|
close(done)
|
|
|
|
},
|
|
|
|
}, nil)
|
|
|
|
defer cleanup()
|
|
|
|
if err := session.RequestPty(term, winHeight, winWidth, gossh.TerminalModes{}); err != nil {
|
2018-04-17 00:16:34 +00:00
|
|
|
t.Fatalf("expected nil but got %v", err)
|
2017-02-16 00:08:25 +00:00
|
|
|
}
|
|
|
|
if err := session.Shell(); err != nil {
|
|
|
|
t.Fatalf("expected nil but got %v", err)
|
|
|
|
}
|
|
|
|
<-done
|
|
|
|
}
|
|
|
|
|
|
|
|
func TestPtyResize(t *testing.T) {
|
2017-03-14 19:13:03 +00:00
|
|
|
t.Parallel()
|
2017-02-16 00:08:25 +00:00
|
|
|
winch0 := Window{40, 80}
|
|
|
|
winch1 := Window{80, 160}
|
|
|
|
winch2 := Window{20, 40}
|
|
|
|
winches := make(chan Window)
|
|
|
|
done := make(chan bool)
|
2017-04-28 22:54:12 +00:00
|
|
|
session, _, cleanup := newTestSession(t, &Server{
|
2017-02-16 00:08:25 +00:00
|
|
|
Handler: func(s Session) {
|
|
|
|
ptyReq, winCh, isPty := s.Pty()
|
|
|
|
if !isPty {
|
|
|
|
t.Fatalf("expected pty but none requested")
|
|
|
|
}
|
|
|
|
if ptyReq.Window != winch0 {
|
|
|
|
t.Fatalf("expected window %#v but got %#v", winch0, ptyReq.Window)
|
|
|
|
}
|
|
|
|
for win := range winCh {
|
|
|
|
winches <- win
|
|
|
|
}
|
|
|
|
close(done)
|
|
|
|
},
|
|
|
|
}, nil)
|
|
|
|
defer cleanup()
|
|
|
|
// winch0
|
|
|
|
if err := session.RequestPty("xterm", winch0.Height, winch0.Width, gossh.TerminalModes{}); err != nil {
|
2018-04-17 00:16:34 +00:00
|
|
|
t.Fatalf("expected nil but got %v", err)
|
2017-02-16 00:08:25 +00:00
|
|
|
}
|
|
|
|
if err := session.Shell(); err != nil {
|
|
|
|
t.Fatalf("expected nil but got %v", err)
|
|
|
|
}
|
|
|
|
gotWinch := <-winches
|
|
|
|
if gotWinch != winch0 {
|
|
|
|
t.Fatalf("expected window %#v but got %#v", winch0, gotWinch)
|
|
|
|
}
|
|
|
|
// winch1
|
|
|
|
winchMsg := struct{ w, h uint32 }{uint32(winch1.Width), uint32(winch1.Height)}
|
|
|
|
ok, err := session.SendRequest("window-change", true, gossh.Marshal(&winchMsg))
|
|
|
|
if err == nil && !ok {
|
|
|
|
t.Fatalf("unexpected error or bad reply on send request")
|
|
|
|
}
|
|
|
|
gotWinch = <-winches
|
|
|
|
if gotWinch != winch1 {
|
|
|
|
t.Fatalf("expected window %#v but got %#v", winch1, gotWinch)
|
|
|
|
}
|
|
|
|
// winch2
|
|
|
|
winchMsg = struct{ w, h uint32 }{uint32(winch2.Width), uint32(winch2.Height)}
|
|
|
|
ok, err = session.SendRequest("window-change", true, gossh.Marshal(&winchMsg))
|
|
|
|
if err == nil && !ok {
|
|
|
|
t.Fatalf("unexpected error or bad reply on send request")
|
|
|
|
}
|
|
|
|
gotWinch = <-winches
|
|
|
|
if gotWinch != winch2 {
|
|
|
|
t.Fatalf("expected window %#v but got %#v", winch2, gotWinch)
|
|
|
|
}
|
|
|
|
session.Close()
|
|
|
|
<-done
|
|
|
|
}
|
2017-11-01 23:03:54 +00:00
|
|
|
|
|
|
|
func TestSignals(t *testing.T) {
|
|
|
|
t.Parallel()
|
|
|
|
|
|
|
|
session, _, cleanup := newTestSession(t, &Server{
|
|
|
|
Handler: func(s Session) {
|
|
|
|
signals := make(chan Signal)
|
|
|
|
s.Signals(signals)
|
|
|
|
if sig := <-signals; sig != SIGINT {
|
|
|
|
t.Fatalf("expected signal %v but got %v", SIGINT, sig)
|
|
|
|
}
|
|
|
|
exiter := make(chan bool)
|
|
|
|
go func() {
|
|
|
|
if sig := <-signals; sig == SIGKILL {
|
|
|
|
close(exiter)
|
|
|
|
}
|
|
|
|
}()
|
|
|
|
<-exiter
|
|
|
|
},
|
|
|
|
}, nil)
|
|
|
|
defer cleanup()
|
|
|
|
|
|
|
|
go func() {
|
|
|
|
session.Signal(gossh.SIGINT)
|
|
|
|
session.Signal(gossh.SIGKILL)
|
|
|
|
}()
|
|
|
|
|
|
|
|
err := session.Run("")
|
|
|
|
if err != nil {
|
|
|
|
t.Fatalf("expected nil but got %v", err)
|
|
|
|
}
|
|
|
|
}
|