mirrors
/
jgit
mirror of https://github.com/eclipse/jgit.git
Watch 1
Star 0
Fork 0
Code Issues 0 Releases 204 Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
7868 Commits
49 Branches
Tree: 3a499606b1
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from '3a499606b1'
${ noResults }
jgit/org.eclipse.jgit.ssh.apache.../tst/org/eclipse/jgit/transport/sshd/NoFilesSshTest.java

NoFilesSshTest.java 5.6KB
Raw Blame History

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187 
  1. /*

  2.  * Copyright (C) 2019 Thomas Wolf <thomas.wolf@paranor.ch> and others

  3.  *

  4.  * This program and the accompanying materials are made available under the

  5.  * terms of the Eclipse Distribution License v. 1.0 which is available at

  6.  * https://www.eclipse.org/org/documents/edl-v10.php.

  7.  *

  8.  * SPDX-License-Identifier: BSD-3-Clause

  9.  */

  10. package org.eclipse.jgit.transport.sshd;

  11. 

  12. import static org.junit.Assert.assertNotNull;

  13. import static org.junit.Assert.assertTrue;

  14. 

  15. import java.io.File;

  16. import java.io.IOException;

  17. import java.io.InputStream;

  18. import java.io.UncheckedIOException;

  19. import java.net.InetSocketAddress;

  20. import java.nio.file.Files;

  21. import java.nio.file.Path;

  22. import java.security.GeneralSecurityException;

  23. import java.security.KeyPair;

  24. import java.security.PublicKey;

  25. import java.util.Arrays;

  26. import java.util.Collections;

  27. import java.util.Iterator;

  28. import java.util.List;

  29. 

  30. import org.apache.sshd.common.NamedResource;

  31. import org.apache.sshd.common.config.keys.KeyUtils;

  32. import org.apache.sshd.common.keyprovider.KeyIdentityProvider;

  33. import org.apache.sshd.common.session.SessionContext;

  34. import org.apache.sshd.common.util.net.SshdSocketAddress;

  35. import org.apache.sshd.common.util.security.SecurityUtils;

  36. import org.eclipse.jgit.lib.Constants;

  37. import org.eclipse.jgit.transport.CredentialsProvider;

  38. import org.eclipse.jgit.transport.SshSessionFactory;

  39. import org.eclipse.jgit.transport.ssh.SshTestHarness;

  40. import org.eclipse.jgit.util.FS;

  41. import org.junit.After;

  42. import org.junit.Test;

  43. 

  44. /**

  45.  * Test for using the SshdSessionFactory without files in ~/.ssh but with an

  46.  * in-memory setup.

  47.  */

  48. public class NoFilesSshTest extends SshTestHarness {

  49. 

  50. 	private PublicKey testServerKey;

  51. 

  52. 	private KeyPair testUserKey;

  53. 

  54. 	@Override

  55. 	protected SshSessionFactory createSessionFactory() {

  56. 		SshdSessionFactory result = new SshdSessionFactory(new JGitKeyCache(),

  57. 				null) {

  58. 

  59. 			@Override

  60. 			protected File getSshConfig(File dir) {

  61. 				return null;

  62. 			}

  63. 

  64. 			@Override

  65. 			protected ServerKeyDatabase getServerKeyDatabase(File homeDir,

  66. 					File dir) {

  67. 				return new ServerKeyDatabase() {

  68. 

  69. 					@Override

  70. 					public List<PublicKey> lookup(String connectAddress,

  71. 							InetSocketAddress remoteAddress,

  72. 							Configuration config) {

  73. 						return Collections.singletonList(testServerKey);

  74. 					}

  75. 

  76. 					@Override

  77. 					public boolean accept(String connectAddress,

  78. 							InetSocketAddress remoteAddress,

  79. 							PublicKey serverKey, Configuration config,

  80. 							CredentialsProvider provider) {

  81. 						return KeyUtils.compareKeys(serverKey, testServerKey);

  82. 					}

  83. 

  84. 				};

  85. 			}

  86. 

  87. 			@Override

  88. 			protected Iterable<KeyPair> getDefaultKeys(File dir) {

  89. 				// This would work for this simple test case:

  90. 				// return Collections.singletonList(testUserKey);

  91. 				// But let's see if we can check the host and username that's used.

  92. 				// For that, we need access to the sshd SessionContext:

  93. 				return new KeyAuthenticator();

  94. 			}

  95. 

  96. 			@Override

  97. 			protected String getDefaultPreferredAuthentications() {

  98. 				return "publickey";

  99. 			}

  100. 		};

  101. 

  102. 		// The home directory is mocked at this point!

  103. 		result.setHomeDirectory(FS.DETECTED.userHome());

  104. 		result.setSshDirectory(sshDir);

  105. 		return result;

  106. 	}

  107. 

  108. 	private class KeyAuthenticator implements KeyIdentityProvider, Iterable<KeyPair> {

  109. 

  110. 		@Override

  111. 		public Iterator<KeyPair> iterator() {

  112. 			// Should not be called. The use of the Iterable interface in

  113. 			// SshdSessionFactory.getDefaultKeys() made sense in sshd 2.0.0,

  114. 			// but sshd 2.2.0 added the SessionContext, which although good

  115. 			// (without it we couldn't check here) breaks the Iterable analogy.

  116. 			// But we're stuck now with that interface for getDefaultKeys, and

  117. 			// so this override throwing an exception is unfortunately needed.

  118. 			throw new UnsupportedOperationException();

  119. 		}

  120. 

  121. 		@Override

  122. 		public Iterable<KeyPair> loadKeys(SessionContext session)

  123. 				throws IOException, GeneralSecurityException {

  124. 			if (!TEST_USER.equals(session.getUsername())) {

  125. 				return Collections.emptyList();

  126. 			}

  127. 			SshdSocketAddress remoteAddress = SshdSocketAddress

  128. 					.toSshdSocketAddress(session.getRemoteAddress());

  129. 			switch (remoteAddress.getHostName()) {

  130. 			case "localhost":

  131. 			case "127.0.0.1":

  132. 				return Collections.singletonList(testUserKey);

  133. 			default:

  134. 				return Collections.emptyList();

  135. 			}

  136. 		}

  137. 	}

  138. 

  139. 	@After

  140. 	public void cleanUp() {

  141. 		testServerKey = null;

  142. 		testUserKey = null;

  143. 	}

  144. 

  145. 	@Override

  146. 	protected void installConfig(String... config) {

  147. 		File configFile = new File(sshDir, Constants.CONFIG);

  148. 		if (config != null) {

  149. 			try {

  150. 				Files.write(configFile.toPath(), Arrays.asList(config));

  151. 			} catch (IOException e) {

  152. 				throw new UncheckedIOException(e);

  153. 			}

  154. 		}

  155. 	}

  156. 

  157. 	private KeyPair load(Path path) throws Exception {

  158. 		try (InputStream in = Files.newInputStream(path)) {

  159. 			return SecurityUtils

  160. 					.loadKeyPairIdentities(null,

  161. 							NamedResource.ofName(path.toString()), in, null)

  162. 					.iterator().next();

  163. 		}

  164. 	}

  165. 

  166. 	@Test

  167. 	public void testCloneWithBuiltInKeys() throws Exception {

  168. 		// This test should fail unless our in-memory setup is taken: no

  169. 		// known_hosts file, and a config that specifies a non-existing key.

  170. 		File newHostKey = new File(getTemporaryDirectory(), "newhostkey");

  171. 		copyTestResource("id_ed25519", newHostKey);

  172. 		server.addHostKey(newHostKey.toPath(), true);

  173. 		testServerKey = load(newHostKey.toPath()).getPublic();

  174. 		assertTrue(newHostKey.delete());

  175. 		testUserKey = load(privateKey1.getAbsoluteFile().toPath());

  176. 		assertNotNull(testServerKey);

  177. 		assertNotNull(testUserKey);

  178. 		cloneWith(

  179. 				"ssh://" + TEST_USER + "@localhost:" + testPort

  180. 						+ "/doesntmatter",

  181. 				new File(getTemporaryDirectory(), "cloned"), null, //

  182. 				"Host localhost", //

  183. 				"IdentityFile "

  184. 						+ new File(sshDir, "does_not_exist").getAbsolutePath());

  185. 	}

  186. 

  187. }