Skip to content

Commit

Permalink
Add tests against new API
Browse files Browse the repository at this point in the history
  • Loading branch information
stevapple committed Aug 24, 2024
1 parent 6562d3d commit ceaa01a
Show file tree
Hide file tree
Showing 5 changed files with 90 additions and 15 deletions.
10 changes: 2 additions & 8 deletions fixtures/config.toml
Original file line number Diff line number Diff line change
Expand Up @@ -19,14 +19,8 @@ base64 = "LS0tLS1CRUdJTiBPUEVOU1NIIFBSSVZBVEUgS0VZLS0tLS0KYjNCbGJuTnphQzFyWlhrdG
path = "fixtures/ssh_host_rsa_key"

[auth]
endpoint = "http://127.0.0.1:5000/ssh"
version = "legacy"
# Legacy settings
token = "token"
all-username-nopassword = true
usernames-nopassword = ["vlab", "ubuntu", "root"]
invalid-usernames = ["用户名"]
invalid-username-message = "Invalid username %s. Please check https://vlab.ustc.edu.cn/docs/login/ssh/#username for more information."
endpoint = "http://127.0.0.1:5000"
version = "v1"

[logger]
enabled = true
Expand Down
43 changes: 43 additions & 0 deletions fixtures/legacy.toml
Original file line number Diff line number Diff line change
@@ -0,0 +1,43 @@

address = "0.0.0.0:8022"

[ssh]
banner = "Welcome to Vlab\n"
[[ssh.host-keys]]
content = """
-----BEGIN OPENSSH PRIVATE KEY-----
b3BlbnNzaC1rZXktdjEAAAAABG5vbmUAAAAEbm9uZQAAAAAAAAABAAAAaAAAABNlY2RzYS
1zaGEyLW5pc3RwMjU2AAAACG5pc3RwMjU2AAAAQQQNVE69PKFYERMMmQVUDdmz6cP6i44e
6LhN5091KWPVToekpMKvPYxMgfQWPFkmRSB1t2eMCrI9Vr9vfEZCaM/tAAAAmCtjMwcrYz
MHAAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBA1UTr08oVgREwyZ
BVQN2bPpw/qLjh7ouE3nT3UpY9VOh6Skwq89jEyB9BY8WSZFIHW3Z4wKsj1Wv298RkJoz+
0AAAAgHkhPmtcUZwSkQAjy8QtHjdJ7AM4eGXhJWBp9icCRvWUAAAAA
-----END OPENSSH PRIVATE KEY-----
"""
[[ssh.host-keys]]
base64 = "LS0tLS1CRUdJTiBPUEVOU1NIIFBSSVZBVEUgS0VZLS0tLS0KYjNCbGJuTnphQzFyWlhrdGRqRUFBQUFBQkc1dmJtVUFBQUFFYm05dVpRQUFBQUFBQUFBQkFBQUFhQUFBQUJObFkyUnpZUwoxemFHRXlMVzVwYzNSd01qVTJBQUFBQ0c1cGMzUndNalUyQUFBQVFRUU5WRTY5UEtGWUVSTU1tUVZVRGRtejZjUDZpNDRlCjZMaE41MDkxS1dQVlRvZWtwTUt2UFl4TWdmUVdQRmttUlNCMXQyZU1Dckk5VnI5dmZFWkNhTS90QUFBQW1DdGpNd2NyWXoKTUhBQUFBRTJWalpITmhMWE5vWVRJdGJtbHpkSEF5TlRZQUFBQUlibWx6ZEhBeU5UWUFBQUJCQkExVVRyMDhvVmdSRXd5WgpCVlFOMmJQcHcvcUxqaDdvdUUzblQzVXBZOVZPaDZTa3dxODlqRXlCOUJZOFdTWkZJSFczWjR3S3NqMVd2Mjk4UmtKb3orCjBBQUFBZ0hraFBtdGNVWndTa1FBank4UXRIamRKN0FNNGVHWGhKV0JwOWljQ1J2V1VBQUFBQQotLS0tLUVORCBPUEVOU1NIIFBSSVZBVEUgS0VZLS0tLS0K"
[[ssh.host-keys]]
path = "fixtures/ssh_host_rsa_key"

[auth]
endpoint = "http://127.0.0.1:5000/ssh"
version = "legacy"
# Legacy settings
token = "token"
all-username-nopassword = true
usernames-nopassword = ["vlab", "ubuntu", "root"]
invalid-usernames = ["用户名"]
invalid-username-message = "Invalid username %s. Please check https://vlab.ustc.edu.cn/docs/login/ssh/#username for more information."

[logger]
enabled = true
endpoint = "udp://127.0.0.1:5556"

[proxy-protocol]
enabled = true
hosts = ["127.0.0.22"]

[recovery]
address = "172.30.0.101:2222"
usernames = ["recovery", "console", "serial"]
token = "token"
6 changes: 3 additions & 3 deletions go.mod
Original file line number Diff line number Diff line change
Expand Up @@ -10,8 +10,8 @@ require github.com/pires/go-proxyproto v0.7.0

require github.com/pelletier/go-toml/v2 v2.2.2

require (
golang.org/x/sys v0.21.0 // indirect
)
require github.com/julienschmidt/httprouter v1.3.0

require golang.org/x/sys v0.21.0 // indirect

replace golang.org/x/crypto => ./crypto
2 changes: 2 additions & 0 deletions go.sum
Original file line number Diff line number Diff line change
@@ -1,5 +1,7 @@
github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
github.com/julienschmidt/httprouter v1.3.0 h1:U0609e9tgbseu3rBINet9P48AI/D3oJs4dN7jwJOQ1U=
github.com/julienschmidt/httprouter v1.3.0/go.mod h1:JR6WtHb+2LUe8TCKY3cZOxFyyO8IZAc4RVcycCCAKdM=
github.com/libp2p/go-reuseport v0.4.0 h1:nR5KU7hD0WxXCJbmw7r2rhRYruNRl2koHw8fQscQm2s=
github.com/libp2p/go-reuseport v0.4.0/go.mod h1:ZtI03j/wO5hZVDFo2jKywN6bYKWLOy8Se6DrI2E1cLU=
github.com/pelletier/go-toml/v2 v2.2.2 h1:aYUidT7k73Pcl9nb2gScu7NSrKCSHIDE89b3+6Wq+LM=
Expand Down
44 changes: 40 additions & 4 deletions sshmux_test.go
Original file line number Diff line number Diff line change
Expand Up @@ -13,6 +13,7 @@ import (
"testing"
"time"

"github.com/julienschmidt/httprouter"
"github.com/pires/go-proxyproto"
)

Expand All @@ -32,7 +33,7 @@ func localhostTCPAddr(port int) *net.TCPAddr {
var enableProxy bool

func initHttp(sshPrivateKey []byte) {
sshAPIHandler := func(w http.ResponseWriter, r *http.Request) {
sshAPIHandler := func(w http.ResponseWriter, r *http.Request, _ httprouter.Params) {
body, err := io.ReadAll(r.Body)
if err != nil {
http.Error(w, "Cannot read body", http.StatusBadRequest)
Expand Down Expand Up @@ -65,9 +66,44 @@ func initHttp(sshPrivateKey []byte) {
w.Write(jsonRes)
}

http.HandleFunc("/ssh", sshAPIHandler)
authAPIHandler := func(w http.ResponseWriter, r *http.Request, _ httprouter.Params) {
body, err := io.ReadAll(r.Body)
if err != nil {
http.Error(w, "Cannot read body", http.StatusBadRequest)
return
}
var dat map[string]interface{}
if err := json.Unmarshal(body, &dat); err != nil {
http.Error(w, "Not JSON", http.StatusBadRequest)
return
}

upstream := AuthUpstream{
PrivateKey: string(sshPrivateKey),
}
if enableProxy {
upstream.Host = sshdProxiedAddr.IP.String()
upstream.Port = uint16(sshdProxiedAddr.Port)
upstream.ProxyProtocol = 2
} else {
upstream.Host = sshdServerAddr.IP.String()
upstream.Port = uint16(sshdServerAddr.Port)
}

jsonRes, err := json.Marshal(AuthResponse{Upstream: &upstream})
if err != nil {
http.Error(w, "Cannot encode JSON", http.StatusInternalServerError)
return
}
w.Header().Set("Content-Type", "application/json")
w.Write(jsonRes)
}

router := httprouter.New()
router.POST("/ssh", sshAPIHandler)
router.POST("/v1/auth/:name", authAPIHandler)

if err := http.ListenAndServe(apiServerAddr.String(), nil); err != nil {
if err := http.ListenAndServe(apiServerAddr.String(), router); err != nil {
log.Fatal(err)
}
}
Expand Down Expand Up @@ -229,7 +265,7 @@ func testWithSSHClient(t *testing.T, address *net.TCPAddr, description string, p

func TestSSHClientConnection(t *testing.T) {
initEnv(t)
configFiles := []string{"config.toml", "config.json"}
configFiles := []string{"config.toml", "legacy.toml", "config.json"}

for _, configFile := range configFiles {
// start sshmux server
Expand Down

0 comments on commit ceaa01a

Please sign in to comment.