From ceb7cfd84df62730bd0b8d1d62ed44087c23f9a9 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Mikl=C3=B3s=20Fazekas?= Date: Wed, 22 Mar 2023 10:06:49 +0100 Subject: fix: integration test should use legacy PEM format for private keys if ED25519 is not loaded --- test/integration/common.rb | 13 +++++++++++++ test/integration/test_cert_user_auth.rb | 12 ++++-------- test/integration/test_channel.rb | 3 +-- test/integration/test_ed25519_pkeys.rb | 9 +++------ test/integration/test_forward.rb | 3 +-- test/integration/test_http_proxy.rb | 3 +-- test/integration/test_id_rsa_keys.rb | 15 +++++---------- test/integration/test_proxy.rb | 6 ++---- 8 files changed, 30 insertions(+), 34 deletions(-) diff --git a/test/integration/common.rb b/test/integration/common.rb index fb29d7a..c166aa0 100644 --- a/test/integration/common.rb +++ b/test/integration/common.rb @@ -24,6 +24,19 @@ module IntegrationTestHelpers !!(`sshd -v 2>&1 |grep 'OpenSSH_'` =~ /OpenSSH_8./) end + def ssh_keygen(file, type = 'rsa', password = '') + sh "rm -rf #{file} #{file}.pub" + sh "ssh-keygen #{ssh_keygen_format} -q -f #{file} -t #{type} -N '#{password}'" + end + + def ssh_keygen_format + if Net::SSH::Authentication::ED25519Loader::LOADED + "" + else + "-m PEM" + end + end + def set_authorized_key(user, pubkey) authorized_key = "/home/#{user}/.ssh/authorized_keys" sh "sudo cp #{pubkey} #{authorized_key}" diff --git a/test/integration/test_cert_user_auth.rb b/test/integration/test_cert_user_auth.rb index 596d150..a4962d2 100644 --- a/test/integration/test_cert_user_auth.rb +++ b/test/integration/test_cert_user_auth.rb @@ -12,8 +12,7 @@ unless ENV['NET_SSH_NO_ED25519'] def test_ed25519_with_implicit_cert Dir.mktmpdir do |dir| - sh "rm -rf #{dir}/id_rsa_ed25519 #{dir}/id_rsa_ed25519.pub" - sh "ssh-keygen -q -f #{dir}/id_rsa_ed25519 -t ed25519 -N ''" + ssh_keygen "#{dir}/id_rsa_ed25519", "ed25519" sign_user_key('net_ssh_1', "#{dir}/id_rsa_ed25519.pub") ret = Net::SSH.start("localhost", "net_ssh_1", keys: "#{dir}/id_rsa_ed25519") do |ssh| @@ -25,8 +24,7 @@ unless ENV['NET_SSH_NO_ED25519'] def test_ed25519_with_explicit_cert Dir.mktmpdir do |dir| - sh "rm -rf #{dir}/id_rsa_ed25519 #{dir}/id_rsa_ed25519.pub" - sh "ssh-keygen -q -f #{dir}/id_rsa_ed25519 -t ed25519 -N ''" + ssh_keygen "#{dir}/id_rsa_ed25519", "ed25519" sign_user_key('net_ssh_1', "#{dir}/id_rsa_ed25519.pub") sh "mv #{dir}/id_rsa_ed25519-cert.pub #{dir}/cert" @@ -40,8 +38,7 @@ unless ENV['NET_SSH_NO_ED25519'] def test_ed25519_with_cert_in_agent Dir.mktmpdir do |dir| with_agent do - sh "rm -rf #{dir}/id_rsa_ed25519 #{dir}/id_rsa_ed25519.pub" - sh "ssh-keygen -q -f #{dir}/id_rsa_ed25519 -t ed25519 -N 'pwd'" + ssh_keygen "#{dir}/id_rsa_ed25519", "ed25519", "pwd" sign_user_key('net_ssh_1', "#{dir}/id_rsa_ed25519.pub") ssh_add("#{dir}/id_rsa_ed25519", "pwd") sh "rm -rf #{dir}/id_rsa_ed25519 #{dir}/id_rsa_ed25519.pub #{dir}/id_rsa_ed25519-cert.pub" @@ -57,8 +54,7 @@ unless ENV['NET_SSH_NO_ED25519'] def test_ed25519_with_key_in_agent_and_explicit_cert Dir.mktmpdir do |dir| with_agent do - sh "rm -rf #{dir}/id_rsa_ed25519 #{dir}/id_rsa_ed25519.pub" - sh "ssh-keygen -q -f #{dir}/id_rsa_ed25519 -t ed25519 -N ''" + ssh_keygen "#{dir}/id_rsa_ed25519", "ed25519" # add key before signing cert ssh_add("#{dir}/id_rsa_ed25519", "pwd") sign_user_key('net_ssh_1', "#{dir}/id_rsa_ed25519.pub") diff --git a/test/integration/test_channel.rb b/test/integration/test_channel.rb index cd23c9e..12529ae 100644 --- a/test/integration/test_channel.rb +++ b/test/integration/test_channel.rb @@ -23,8 +23,7 @@ class TestChannel < NetSSHTest def setup_ssh_env(&block) tmpdir do |dir| @key_id_rsa = "#{dir}/id_rsa" - sh "rm -rf #{@key_id_rsa} #{@key_id_rsa}.pub" - sh "ssh-keygen -q -f #{@key_id_rsa} -t rsa -N ''" + ssh_keygen @key_id_rsa, "rsa" set_authorized_key(user, "#{@key_id_rsa}.pub") yield end diff --git a/test/integration/test_ed25519_pkeys.rb b/test/integration/test_ed25519_pkeys.rb index 0017801..0fee8b0 100644 --- a/test/integration/test_ed25519_pkeys.rb +++ b/test/integration/test_ed25519_pkeys.rb @@ -13,8 +13,7 @@ unless ENV['NET_SSH_NO_ED25519'] def test_in_file_no_password Dir.mktmpdir do |dir| - sh "rm -rf #{dir}/id_rsa_ed25519 #{dir}/id_rsa_ed25519.pub" - sh "ssh-keygen -q -f #{dir}/id_rsa_ed25519 -t ed25519 -N ''" + ssh_keygen "#{dir}/id_rsa_ed25519", "ed25519" set_authorized_key('net_ssh_1', "#{dir}/id_rsa_ed25519.pub") ret = Net::SSH.start("localhost", "net_ssh_1", { keys: "#{dir}/id_rsa_ed25519" }) do |ssh| @@ -27,8 +26,7 @@ unless ENV['NET_SSH_NO_ED25519'] def test_ssh_agent Dir.mktmpdir do |dir| with_agent do - sh "rm -rf #{dir}/id_rsa_ed25519 #{dir}/id_rsa_ed25519.pub" - sh "ssh-keygen -q -f #{dir}/id_rsa_ed25519 -t ed25519 -N 'pwd'" + ssh_keygen "#{dir}/id_rsa_ed25519", "ed25519" set_authorized_key('net_ssh_1', "#{dir}/id_rsa_ed25519.pub") ssh_add("#{dir}/id_rsa_ed25519", "pwd") @@ -45,8 +43,7 @@ unless ENV['NET_SSH_NO_ED25519'] def test_in_file_with_password Dir.mktmpdir do |dir| - sh "rm -rf #{dir}/id_rsa_ed25519 #{dir}/id_rsa_ed25519.pub" - sh "ssh-keygen -q -f #{dir}/id_rsa_ed25519 -t ed25519 -N 'pwd'" + ssh_keygen "#{dir}/id_rsa_ed25519", "ed25519" set_authorized_key('net_ssh_1', "#{dir}/id_rsa_ed25519.pub") # TODO: fix bug in net ssh which reads public key even if private key is there diff --git a/test/integration/test_forward.rb b/test/integration/test_forward.rb index f006e2d..4fcbe12 100644 --- a/test/integration/test_forward.rb +++ b/test/integration/test_forward.rb @@ -39,8 +39,7 @@ class ForwardTestBase < NetSSHTest def setup_ssh_env(&block) tmpdir do |dir| @key_id_rsa = "#{dir}/id_rsa" - sh "rm -rf #{@key_id_rsa} #{@key_id_rsa}.pub" - sh "ssh-keygen -q -f #{@key_id_rsa} -t rsa -N ''" + ssh_keygen @key_id_rsa, "rsa" set_authorized_key(user, "#{@key_id_rsa}.pub") yield end diff --git a/test/integration/test_http_proxy.rb b/test/integration/test_http_proxy.rb index a59eb60..f963d4f 100644 --- a/test/integration/test_http_proxy.rb +++ b/test/integration/test_http_proxy.rb @@ -29,8 +29,7 @@ class TestHTTPProxy < NetSSHTest def setup_ssh_env(&block) tmpdir do |dir| @key_id_rsa = "#{dir}/id_rsa" - sh "rm -rf #{@key_id_rsa} #{@key_id_rsa}.pub" - sh "ssh-keygen -q -f #{@key_id_rsa} -t rsa -N ''" + ssh_keygen @key_id_rsa, "rsa" set_authorized_key(user, "#{@key_id_rsa}.pub") yield end diff --git a/test/integration/test_id_rsa_keys.rb b/test/integration/test_id_rsa_keys.rb index 44894cc..b9ae4a2 100644 --- a/test/integration/test_id_rsa_keys.rb +++ b/test/integration/test_id_rsa_keys.rb @@ -12,8 +12,7 @@ class TestIDRSAPKeys < NetSSHTest def test_in_file_no_password tmpdir do |dir| - sh "rm -rf #{dir}/id_rsa #{dir}/id_rsa.pub" - sh "ssh-keygen -q -f #{dir}/id_rsa -t rsa -N ''" + ssh_keygen "#{dir}/id_rsa", "rsa" set_authorized_key('net_ssh_1', "#{dir}/id_rsa.pub") ret = Net::SSH.start("localhost", "net_ssh_1", { keys: "#{dir}/id_rsa" }) do |ssh| @@ -27,8 +26,7 @@ class TestIDRSAPKeys < NetSSHTest def test_ssh_agent tmpdir do |dir| with_agent do - sh "rm -rf #{dir}/id_rsa #{dir}/id_rsa.pub" - sh "ssh-keygen -q -f #{dir}/id_rsa -t rsa -N 'pwd123'" + ssh_keygen "#{dir}/id_rsa", "rsa", 'pwd123' set_authorized_key('net_ssh_1', "#{dir}/id_rsa.pub") ssh_add("#{dir}/id_rsa", "pwd123") @@ -43,8 +41,7 @@ class TestIDRSAPKeys < NetSSHTest def test_ssh_agent_ignores_if_already_in_agent tmpdir do |dir| with_agent do - sh "rm -rf #{dir}/id_rsa #{dir}/id_rsa.pub" - sh "ssh-keygen -q -f #{dir}/id_rsa -t rsa -N 'pwd123'" + ssh_keygen "#{dir}/id_rsa", "rsa", 'pwd123' set_authorized_key('net_ssh_1', "#{dir}/id_rsa.pub") ssh_add("#{dir}/id_rsa", "pwd123") @@ -58,8 +55,7 @@ class TestIDRSAPKeys < NetSSHTest def test_in_file_with_password tmpdir do |dir| - sh "rm -rf #{dir}/id_rsa #{dir}/id_rsa.pub" - sh "ssh-keygen -q -f #{dir}/id_rsa -t rsa -N 'pwd12'" + ssh_keygen "#{dir}/id_rsa", "rsa", 'pwd12' set_authorized_key('net_ssh_1', "#{dir}/id_rsa.pub") ret = Net::SSH.start("localhost", "net_ssh_1", { keys: "#{dir}/id_rsa", passphrase: 'pwd12' }) do |ssh| @@ -72,8 +68,7 @@ class TestIDRSAPKeys < NetSSHTest def test_asks_for_passwords_when_read_from_memory tmpdir do |dir| - sh "rm -rf #{dir}/id_rsa #{dir}/id_rsa.pub" - sh "ssh-keygen -q -f #{dir}/id_rsa -t rsa -N 'pwd12'" + ssh_keygen "#{dir}/id_rsa", "rsa", 'pwd12' set_authorized_key('net_ssh_1', "#{dir}/id_rsa.pub") private_key = File.read("#{dir}/id_rsa") diff --git a/test/integration/test_proxy.rb b/test/integration/test_proxy.rb index 6572c42..0c9ea52 100644 --- a/test/integration/test_proxy.rb +++ b/test/integration/test_proxy.rb @@ -25,8 +25,7 @@ class TestProxy < NetSSHTest def setup_ssh_env(&block) tmpdir do |dir| @key_id_rsa = "#{dir}/id_rsa" - sh "rm -rf #{@key_id_rsa} #{@key_id_rsa}.pub" - sh "ssh-keygen -q -f #{@key_id_rsa} -t rsa -N ''" + ssh_keygen @key_id_rsa, "rsa" set_authorized_key(user, "#{@key_id_rsa}.pub") yield end @@ -37,8 +36,7 @@ class TestProxy < NetSSHTest gwuser = 'net_ssh_2' tmpdir do |dir| @gwkey_id_rsa = "#{dir}/id_rsa" - sh "rm -rf #{@gwkey_id_rsa} #{@gwkey_id_rsa}.pub" - sh "ssh-keygen -q -f #{@gwkey_id_rsa} -t rsa -N ''" + ssh_keygen @gwkey_id_rsa, "rsa" set_authorized_key(gwuser, "#{@gwkey_id_rsa}.pub") config = "Host #{gwhost} IdentityFile #{@gwkey_id_rsa} -- cgit v1.2.1