Example #1
0
func (suite *ServerSuite) TestInvalidQueryParams() {

	channel := "/echo?%"
	r := router.New(log.NullLog, nil, nil)
	r.Register("/echo", &EchoHandler{log.New("echo")})
	r.Register("/bad", &BadHandler{})

	acceptErr := errors.New("accept error")
	ch := &sshmocks.MockNewChannel{
		TypeName:  channel,
		AcceptErr: acceptErr,
	}
	ch.On("ChannelType").Return(channel)
	ch.On("Reject", InvalidQueryParams, "invalid query params in channel type").Return(errors.New("unknown reason 1002"))

	conn := &sshmocks.MockConn{}
	conn.On("Close").Return(nil)
	serverConn := ssh.ServerConn{
		Conn: conn,
	}
	// Create dispatcher
	dispatcher := &UrlDispatcher{Logger: log.NullLog, Router: r}
	dispatcher.Dispatch(context.Background(), &serverConn, ch)

	// assert that the expectations were met
	ch.AssertCalled(suite.T(), "ChannelType")
	ch.AssertCalled(suite.T(), "Reject", InvalidQueryParams, "invalid query params in channel type")
	conn.AssertCalled(suite.T(), "Close")
}
Example #2
0
func (suite *ServerSuite) TestWildcard() {

	writer := log.NewConcurrentWriter(os.Stdout)
	logger := log.NewLogger(writer, "sshh_test")

	r := router.New(logger, nil, nil)
	r.Register("/echo", &EchoHandler{log.New("echo")})
	r.Register("/bad", &BadHandler{})

	acceptErr := errors.New("accept error")
	ch := &sshmocks.MockNewChannel{
		TypeName:  "*",
		AcceptErr: acceptErr,
	}
	ch.On("ChannelType").Return("*")
	ch.On("Reject", ssh.UnknownChannelType, "*").Return(errors.New("unknown reason 1000"))

	conn := &sshmocks.MockConn{}
	conn.On("Close").Return(nil)
	serverConn := ssh.ServerConn{
		Conn: conn,
	}
	// Create dispatcher
	dispatcher := &UrlDispatcher{Logger: log.NullLog, Router: r}
	dispatcher.Dispatch(context.Background(), &serverConn, ch)

	// assert that the expectations were met
	ch.AssertCalled(suite.T(), "ChannelType")
	ch.AssertCalled(suite.T(), "Reject", ssh.UnknownChannelType, "*")
	conn.AssertCalled(suite.T(), "Close")
}
Example #3
0
func (suite *ServerSuite) TestSchemeNotSupported() {

	r := router.New(log.NullLog, nil, nil)
	r.Register("/echo", &EchoHandler{log.New("echo")})
	r.Register("/bad", &BadHandler{})

	acceptErr := errors.New("accept error")
	ch := &sshmocks.MockNewChannel{
		TypeName:  "https://[email protected]/api/route",
		AcceptErr: acceptErr,
	}
	ch.On("ChannelType").Return("https://[email protected]/api/route")
	ch.On("Reject", SchemeNotSupported, "schemes are not supported in the channel URI").Return(errors.New("unknown reason 1002"))

	conn := &sshmocks.MockConn{}
	conn.On("Close").Return(nil)
	serverConn := ssh.ServerConn{
		Conn: conn,
	}

	// Create dispatcher
	dispatcher := &UrlDispatcher{Logger: log.NullLog, Router: r}
	dispatcher.Dispatch(context.Background(), &serverConn, ch)

	// assert that the expectations were met
	ch.AssertCalled(suite.T(), "ChannelType")
	ch.AssertCalled(suite.T(), "Reject", SchemeNotSupported, "schemes are not supported in the channel URI")
	conn.AssertCalled(suite.T(), "Close")
}
Example #4
0
func (suite *ServerSuite) TestInvalidChannelType() {
	// g := grim.Reaper()

	r := router.New(log.NullLog, nil, nil)
	r.Register("/echo", &EchoHandler{log.New("echo")})
	r.Register("/bad", &BadHandler{})

	acceptErr := errors.New("accept error")
	ch := &sshmocks.MockNewChannel{
		TypeName:  ":/route",
		AcceptErr: acceptErr,
	}
	ch.On("ChannelType").Return(":/route")
	ch.On("Reject", InvalidChannelType, "invalid channel URI").Return(errors.New("unknown reason 1001"))

	conn := &sshmocks.MockConn{}
	conn.On("Close").Return(nil)
	serverConn := ssh.ServerConn{
		Conn: conn,
	}

	// Create dispatcher
	dispatcher := &UrlDispatcher{Logger: log.NullLog, Router: r}
	dispatcher.Dispatch(context.Background(), &serverConn, ch)
	// g.SpawnFunc(channelHandler(g, log.NullLog, &serverConn, ch, r))
	// g.Wait()

	// assert that the expectations were met
	ch.AssertCalled(suite.T(), "ChannelType")
	ch.AssertCalled(suite.T(), "Reject", InvalidChannelType, "invalid channel URI")
	conn.AssertCalled(suite.T(), "Close")
}
Example #5
0
func (suite *ServerSuite) createConfig() Config {

	// Create logger
	writer := log.NewConcurrentWriter(os.Stdout)
	// writer := log.NewConcurrentWriter(ioutil.Discard)
	logger := log.NewLogger(writer, "sshh")
	// logger := log.DefaultLog

	// Get signer
	signer, err := ssh.ParsePrivateKey([]byte(serverKey))
	if err != nil {
		suite.Fail("Private key could not be parsed", err.Error())
	}

	// Create config
	cfg := Config{
		Deadline: time.Second,
		Handlers: map[string]SSHHandler{
			"echo": &EchoHandler{log.New("echo")},
			"bad":  &BadHandler{},
		},
		Logger:            logger,
		Bind:              ":9022",
		PrivateKey:        signer,
		PasswordCallback:  passwordCallback,
		PublicKeyCallback: publicKeyCallback,
	}
	return cfg
}
Example #6
0
func TestConfig(t *testing.T) {
	var authLogCalled bool
	var authLogCallback = func(conn ssh.ConnMetadata, method string, err error) {
		authLogCalled = true
	}

	// Create logger
	writer := log.NewConcurrentWriter(ioutil.Discard)
	logger := log.NewLogger(writer, "sshh")

	// Get signer
	signer, err := ssh.ParsePrivateKey([]byte(serverKey))
	if err != nil {
		t.Fatalf("Private key could not be parsed", err.Error())
	}

	r := router.New(logger, nil, nil)
	r.Register("/echo", &EchoHandler{log.New("echo")})

	cfg := Config{
		Deadline: time.Second,
		Dispatcher: &UrlDispatcher{
			Router: r,
			Logger: logger,
		},
		// Handlers: map[string]SSHHandler{
		// 	"echo": &EchoHandler{log.New("echo")},
		// },
		Logger:            logger,
		Bind:              ":9022",
		PrivateKey:        signer,
		AuthLogCallback:   authLogCallback,
		PasswordCallback:  passwordCallback,
		PublicKeyCallback: publicKeyCallback,
	}

	// Assertions
	assert.Equal(t, time.Second, cfg.Deadline, "Deadline should be 1s")
	assert.Equal(t, ":9022", cfg.Bind, "Bind should be :9022")

	// Create SSH config
	c := cfg.SSHConfig()
	assert.NotNil(t, c, "SSH config should not be nil")
	assert.Equal(t, passwordCallback, c.PasswordCallback, "PasswordCallback should use the one we passed in")
	assert.Equal(t, publicKeyCallback, c.PublicKeyCallback, "PublicKeyCallback should use the one we passed in")
	assert.Equal(t, authLogCallback, c.AuthLogCallback, "AuthLogCallback should use the one we passed in")

	// // Test Handlers
	// h, ok := cfg.Handler("echo")
	// assert.True(t, ok, "Echo handler should be registered")
	// assert.NotNil(t, h, "Echo handler should not be nil")

	// h, ok = cfg.Handler("shell")
	// assert.False(t, ok, "Shell handler should not be registered")
	// assert.Nil(t, h, "Shell handler should be nil")
}
Example #7
0
// NewExpirationManager creates a new ExpirationManager that is backed
// using a given view, and uses the provided router for revocation.
func NewExpirationManager(router *Router, view *BarrierView, ts *TokenStore, logger log.Logger) *ExpirationManager {
	if logger == nil {
		logger = log.New("expiration_manager")

	}
	exp := &ExpirationManager{
		router:     router,
		idView:     view.SubView(leaseViewPrefix),
		tokenView:  view.SubView(tokenViewPrefix),
		tokenStore: ts,
		logger:     logger,
		pending:    make(map[string]*time.Timer),
	}
	return exp
}
Example #8
0
func (suite *ServerSuite) createConfig() Config {

	// Create logger
	writer := log.NewConcurrentWriter(os.Stdout)
	// writer := log.NewConcurrentWriter(ioutil.Discard)
	logger := log.NewLogger(writer, "sshh")
	// logger := log.DefaultLog

	// Get signer
	signer, err := ssh.ParsePrivateKey([]byte(serverKey))
	if err != nil {
		suite.Fail("Private key could not be parsed", err.Error())
	}

	r := router.New(logger, nil, nil)
	r.Register("/echo", &EchoHandler{log.New("echo")})
	r.Register("/bad", &BadHandler{})

	// Create config
	cfg := Config{
		Context:  context.Background(),
		Deadline: time.Second,
		Dispatcher: &UrlDispatcher{
			Router: r,
			Logger: logger,
		},
		// Handlers: map[string]SSHHandler{
		// 	"echo": &EchoHandler{log.New("echo")},
		// 	"bad":  &BadHandler{},
		// },
		Logger:            logger,
		Bind:              ":9022",
		PrivateKey:        signer,
		PasswordCallback:  passwordCallback,
		PublicKeyCallback: publicKeyCallback,
	}
	return cfg
}
Example #9
0
// NewVaultLogger creates a new logger with the specified level and a Vault
// formatter
func NewVaultLogger(level int) log.Logger {
	logger := log.New("vault")
	return setLevelFormatter(logger, level, createVaultFormatter())
}