func (suite *ServerSuite) TestInvalidQueryParams() { channel := "/echo?%" r := router.New(log.NullLog, nil, nil) r.Register("/echo", &EchoHandler{log.New("echo")}) r.Register("/bad", &BadHandler{}) acceptErr := errors.New("accept error") ch := &sshmocks.MockNewChannel{ TypeName: channel, AcceptErr: acceptErr, } ch.On("ChannelType").Return(channel) ch.On("Reject", InvalidQueryParams, "invalid query params in channel type").Return(errors.New("unknown reason 1002")) conn := &sshmocks.MockConn{} conn.On("Close").Return(nil) serverConn := ssh.ServerConn{ Conn: conn, } // Create dispatcher dispatcher := &UrlDispatcher{Logger: log.NullLog, Router: r} dispatcher.Dispatch(context.Background(), &serverConn, ch) // assert that the expectations were met ch.AssertCalled(suite.T(), "ChannelType") ch.AssertCalled(suite.T(), "Reject", InvalidQueryParams, "invalid query params in channel type") conn.AssertCalled(suite.T(), "Close") }
func (suite *ServerSuite) TestWildcard() { writer := log.NewConcurrentWriter(os.Stdout) logger := log.NewLogger(writer, "sshh_test") r := router.New(logger, nil, nil) r.Register("/echo", &EchoHandler{log.New("echo")}) r.Register("/bad", &BadHandler{}) acceptErr := errors.New("accept error") ch := &sshmocks.MockNewChannel{ TypeName: "*", AcceptErr: acceptErr, } ch.On("ChannelType").Return("*") ch.On("Reject", ssh.UnknownChannelType, "*").Return(errors.New("unknown reason 1000")) conn := &sshmocks.MockConn{} conn.On("Close").Return(nil) serverConn := ssh.ServerConn{ Conn: conn, } // Create dispatcher dispatcher := &UrlDispatcher{Logger: log.NullLog, Router: r} dispatcher.Dispatch(context.Background(), &serverConn, ch) // assert that the expectations were met ch.AssertCalled(suite.T(), "ChannelType") ch.AssertCalled(suite.T(), "Reject", ssh.UnknownChannelType, "*") conn.AssertCalled(suite.T(), "Close") }
func (suite *ServerSuite) TestSchemeNotSupported() { r := router.New(log.NullLog, nil, nil) r.Register("/echo", &EchoHandler{log.New("echo")}) r.Register("/bad", &BadHandler{}) acceptErr := errors.New("accept error") ch := &sshmocks.MockNewChannel{ TypeName: "https://[email protected]/api/route", AcceptErr: acceptErr, } ch.On("ChannelType").Return("https://[email protected]/api/route") ch.On("Reject", SchemeNotSupported, "schemes are not supported in the channel URI").Return(errors.New("unknown reason 1002")) conn := &sshmocks.MockConn{} conn.On("Close").Return(nil) serverConn := ssh.ServerConn{ Conn: conn, } // Create dispatcher dispatcher := &UrlDispatcher{Logger: log.NullLog, Router: r} dispatcher.Dispatch(context.Background(), &serverConn, ch) // assert that the expectations were met ch.AssertCalled(suite.T(), "ChannelType") ch.AssertCalled(suite.T(), "Reject", SchemeNotSupported, "schemes are not supported in the channel URI") conn.AssertCalled(suite.T(), "Close") }
func (suite *ServerSuite) TestInvalidChannelType() { // g := grim.Reaper() r := router.New(log.NullLog, nil, nil) r.Register("/echo", &EchoHandler{log.New("echo")}) r.Register("/bad", &BadHandler{}) acceptErr := errors.New("accept error") ch := &sshmocks.MockNewChannel{ TypeName: ":/route", AcceptErr: acceptErr, } ch.On("ChannelType").Return(":/route") ch.On("Reject", InvalidChannelType, "invalid channel URI").Return(errors.New("unknown reason 1001")) conn := &sshmocks.MockConn{} conn.On("Close").Return(nil) serverConn := ssh.ServerConn{ Conn: conn, } // Create dispatcher dispatcher := &UrlDispatcher{Logger: log.NullLog, Router: r} dispatcher.Dispatch(context.Background(), &serverConn, ch) // g.SpawnFunc(channelHandler(g, log.NullLog, &serverConn, ch, r)) // g.Wait() // assert that the expectations were met ch.AssertCalled(suite.T(), "ChannelType") ch.AssertCalled(suite.T(), "Reject", InvalidChannelType, "invalid channel URI") conn.AssertCalled(suite.T(), "Close") }
func (suite *ServerSuite) createConfig() Config { // Create logger writer := log.NewConcurrentWriter(os.Stdout) // writer := log.NewConcurrentWriter(ioutil.Discard) logger := log.NewLogger(writer, "sshh") // logger := log.DefaultLog // Get signer signer, err := ssh.ParsePrivateKey([]byte(serverKey)) if err != nil { suite.Fail("Private key could not be parsed", err.Error()) } // Create config cfg := Config{ Deadline: time.Second, Handlers: map[string]SSHHandler{ "echo": &EchoHandler{log.New("echo")}, "bad": &BadHandler{}, }, Logger: logger, Bind: ":9022", PrivateKey: signer, PasswordCallback: passwordCallback, PublicKeyCallback: publicKeyCallback, } return cfg }
func TestConfig(t *testing.T) { var authLogCalled bool var authLogCallback = func(conn ssh.ConnMetadata, method string, err error) { authLogCalled = true } // Create logger writer := log.NewConcurrentWriter(ioutil.Discard) logger := log.NewLogger(writer, "sshh") // Get signer signer, err := ssh.ParsePrivateKey([]byte(serverKey)) if err != nil { t.Fatalf("Private key could not be parsed", err.Error()) } r := router.New(logger, nil, nil) r.Register("/echo", &EchoHandler{log.New("echo")}) cfg := Config{ Deadline: time.Second, Dispatcher: &UrlDispatcher{ Router: r, Logger: logger, }, // Handlers: map[string]SSHHandler{ // "echo": &EchoHandler{log.New("echo")}, // }, Logger: logger, Bind: ":9022", PrivateKey: signer, AuthLogCallback: authLogCallback, PasswordCallback: passwordCallback, PublicKeyCallback: publicKeyCallback, } // Assertions assert.Equal(t, time.Second, cfg.Deadline, "Deadline should be 1s") assert.Equal(t, ":9022", cfg.Bind, "Bind should be :9022") // Create SSH config c := cfg.SSHConfig() assert.NotNil(t, c, "SSH config should not be nil") assert.Equal(t, passwordCallback, c.PasswordCallback, "PasswordCallback should use the one we passed in") assert.Equal(t, publicKeyCallback, c.PublicKeyCallback, "PublicKeyCallback should use the one we passed in") assert.Equal(t, authLogCallback, c.AuthLogCallback, "AuthLogCallback should use the one we passed in") // // Test Handlers // h, ok := cfg.Handler("echo") // assert.True(t, ok, "Echo handler should be registered") // assert.NotNil(t, h, "Echo handler should not be nil") // h, ok = cfg.Handler("shell") // assert.False(t, ok, "Shell handler should not be registered") // assert.Nil(t, h, "Shell handler should be nil") }
// NewExpirationManager creates a new ExpirationManager that is backed // using a given view, and uses the provided router for revocation. func NewExpirationManager(router *Router, view *BarrierView, ts *TokenStore, logger log.Logger) *ExpirationManager { if logger == nil { logger = log.New("expiration_manager") } exp := &ExpirationManager{ router: router, idView: view.SubView(leaseViewPrefix), tokenView: view.SubView(tokenViewPrefix), tokenStore: ts, logger: logger, pending: make(map[string]*time.Timer), } return exp }
func (suite *ServerSuite) createConfig() Config { // Create logger writer := log.NewConcurrentWriter(os.Stdout) // writer := log.NewConcurrentWriter(ioutil.Discard) logger := log.NewLogger(writer, "sshh") // logger := log.DefaultLog // Get signer signer, err := ssh.ParsePrivateKey([]byte(serverKey)) if err != nil { suite.Fail("Private key could not be parsed", err.Error()) } r := router.New(logger, nil, nil) r.Register("/echo", &EchoHandler{log.New("echo")}) r.Register("/bad", &BadHandler{}) // Create config cfg := Config{ Context: context.Background(), Deadline: time.Second, Dispatcher: &UrlDispatcher{ Router: r, Logger: logger, }, // Handlers: map[string]SSHHandler{ // "echo": &EchoHandler{log.New("echo")}, // "bad": &BadHandler{}, // }, Logger: logger, Bind: ":9022", PrivateKey: signer, PasswordCallback: passwordCallback, PublicKeyCallback: publicKeyCallback, } return cfg }
// NewVaultLogger creates a new logger with the specified level and a Vault // formatter func NewVaultLogger(level int) log.Logger { logger := log.New("vault") return setLevelFormatter(logger, level, createVaultFormatter()) }