0
0
Fork 0
mirror of https://github.com/atmoz/sftp.git synced 2024-11-17 12:51:33 -05:00

Generate and use host key in tests

This commit is contained in:
Adrian Dvergsdal 2020-08-19 23:25:27 +02:00
parent cd5d03295a
commit f735906a35
No known key found for this signature in database
GPG key ID: C1E9E2D9552A42D2

View file

@ -6,8 +6,12 @@ argOutput=${2:-"quiet"}
argCleanup=${3:-"cleanup"} argCleanup=${3:-"cleanup"}
testDir="$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )" testDir="$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )"
imageName="$argImage" imageName="$argImage"
sshKeyPri="/tmp/atmoz_sftp_test_rsa" tmpDir="$(mktemp -d /tmp/atmoz_sftp_XXXX)"
sshKeyPub="/tmp/atmoz_sftp_test_rsa.pub" sshKeyPri="$tmpDir/rsa"
sshKeyPub="$tmpDir/rsa.pub"
sshHostEd25519Key="$tmpDir/ssh_host_ed25519_key"
sshHostKeyMountArg="--volume=$sshHostEd25519Key:/etc/ssh/ssh_host_ed25519_key"
sshKnownHosts="$tmpDir/known_hosts"
if [ $UID != 0 ] && ! groups | grep -qw docker; then if [ $UID != 0 ] && ! groups | grep -qw docker; then
echo "Run with sudo/root or add user $USER to group 'docker'" echo "Run with sudo/root or add user $USER to group 'docker'"
@ -46,6 +50,9 @@ function oneTimeSetUp() {
# Private key can not be read by others (sshd will complain) # Private key can not be read by others (sshd will complain)
chmod go-rw "$sshKeyPri" chmod go-rw "$sshKeyPri"
# Generate host key
ssh-keygen -t ed25519 -f "$sshHostEd25519Key" < /dev/null
} }
function setUp() { function setUp() {
@ -87,6 +94,8 @@ function runSftpCommands() {
user="$2" user="$2"
shift 2 shift 2
echo "$ip $(cat "$sshHostEd25519Key.pub")" >> "$sshKnownHosts"
commands="" commands=""
for cmd in "$@"; do for cmd in "$@"; do
commands="$commands$cmd"$'\n' commands="$commands$cmd"$'\n'
@ -94,8 +103,7 @@ function runSftpCommands() {
echo "$commands" | sftp \ echo "$commands" | sftp \
-i "$sshKeyPri" \ -i "$sshKeyPri" \
-oStrictHostKeyChecking=no \ -oUserKnownHostsFile="$sshKnownHosts" \
-oUserKnownHostsFile=/dev/null \
-b - "$user@$ip" \ -b - "$user@$ip" \
> "$redirect" 2>&1 > "$redirect" 2>&1
@ -127,7 +135,7 @@ function waitForServer() {
############################################################################## ##############################################################################
function testSmallestUserConfig() { function testSmallestUserConfig() {
docker run --name "$containerName" \ docker run --name "$containerName" "$sshHostKeyMountArg" \
--entrypoint="/bin/sh" \ --entrypoint="/bin/sh" \
"$imageName" \ "$imageName" \
-c "create-sftp-user u: && id u" \ -c "create-sftp-user u: && id u" \
@ -136,7 +144,7 @@ function testSmallestUserConfig() {
} }
function testCreateUserWithDot() { function testCreateUserWithDot() {
docker run --name "$containerName" \ docker run --name "$containerName" "$sshHostKeyMountArg" \
--entrypoint="/bin/sh" \ --entrypoint="/bin/sh" \
"$imageName" \ "$imageName" \
-c "create-sftp-user user.with.dot: && id user.with.dot" \ -c "create-sftp-user user.with.dot: && id user.with.dot" \
@ -145,7 +153,7 @@ function testCreateUserWithDot() {
} }
function testUserCustomUidAndGid() { function testUserCustomUidAndGid() {
id="$(docker run --name "$containerName" \ id="$(docker run --name "$containerName" "$sshHostKeyMountArg" \
--entrypoint="/bin/sh" \ --entrypoint="/bin/sh" \
"$imageName" \ "$imageName" \
-c "create-sftp-user u::1234:4321: > /dev/null && id u" )" -c "create-sftp-user u::1234:4321: > /dev/null && id u" )"
@ -161,14 +169,14 @@ function testUserCustomUidAndGid() {
} }
function testCommandPassthrough() { function testCommandPassthrough() {
docker run --name "$containerName" \ docker run --name "$containerName" "$sshHostKeyMountArg" \
"$imageName" test 1 -eq 1 \ "$imageName" test 1 -eq 1 \
> "$redirect" 2>&1 > "$redirect" 2>&1
assertTrue "command passthrough" $? assertTrue "command passthrough" $?
} }
function testUsersConf() { function testUsersConf() {
docker run --name "$containerName" -d \ docker run --name "$containerName" "$sshHostKeyMountArg" -d \
-v "$testDir/files/users.conf:/etc/sftp/users.conf:ro" \ -v "$testDir/files/users.conf:/etc/sftp/users.conf:ro" \
"$imageName" \ "$imageName" \
> "$redirect" 2>&1 > "$redirect" 2>&1
@ -190,7 +198,7 @@ function testUsersConf() {
} }
function testLegacyUsersConf() { function testLegacyUsersConf() {
docker run --name "$containerName" -d \ docker run --name "$containerName" "$sshHostKeyMountArg" -d \
-v "$testDir/files/users.conf:/etc/sftp-users.conf:ro" \ -v "$testDir/files/users.conf:/etc/sftp-users.conf:ro" \
"$imageName" \ "$imageName" \
> "$redirect" 2>&1 > "$redirect" 2>&1
@ -203,7 +211,7 @@ function testLegacyUsersConf() {
} }
function testCreateUsersUsingEnv() { function testCreateUsersUsingEnv() {
docker run --name "$containerName" -d \ docker run --name "$containerName" "$sshHostKeyMountArg" -d \
-e "SFTP_USERS=user-from-env: user-from-env-2:" \ -e "SFTP_USERS=user-from-env: user-from-env-2:" \
"$imageName" \ "$imageName" \
> "$redirect" 2>&1 > "$redirect" 2>&1
@ -219,7 +227,7 @@ function testCreateUsersUsingEnv() {
} }
function testCreateUsersUsingCombo() { function testCreateUsersUsingCombo() {
docker run --name "$containerName" -d \ docker run --name "$containerName" "$sshHostKeyMountArg" -d \
-v "$testDir/files/users.conf:/etc/sftp-users.conf:ro" \ -v "$testDir/files/users.conf:/etc/sftp-users.conf:ro" \
-e "SFTP_USERS=user-from-env:" \ -e "SFTP_USERS=user-from-env:" \
"$imageName" \ "$imageName" \
@ -240,7 +248,7 @@ function testCreateUsersUsingCombo() {
} }
function testWriteAccessToAutocreatedDirs() { function testWriteAccessToAutocreatedDirs() {
docker run --name "$containerName" -d \ docker run --name "$containerName" "$sshHostKeyMountArg" -d \
-v "$sshKeyPub":/home/test/.ssh/keys/id_rsa.pub:ro \ -v "$sshKeyPub":/home/test/.ssh/keys/id_rsa.pub:ro \
"$imageName" "test::::testdir,dir with spaces" \ "$imageName" "test::::testdir,dir with spaces" \
> "$redirect" 2>&1 > "$redirect" 2>&1
@ -278,7 +286,7 @@ chmod 755 /home/*/sftp
EOF EOF
chmod +x "$tmpScript" chmod +x "$tmpScript"
docker run --name "$containerName" -d \ docker run --name "$containerName" "$sshHostKeyMountArg" -d \
-v "$sshKeyPub":/home/test/.ssh/keys/id_rsa.pub:ro \ -v "$sshKeyPub":/home/test/.ssh/keys/id_rsa.pub:ro \
-v "$tmpConfig:/etc/ssh/sshd_config" \ -v "$tmpConfig:/etc/ssh/sshd_config" \
-v "$tmpScript:/etc/sftp.d/limited_home_dir" \ -v "$tmpScript:/etc/sftp.d/limited_home_dir" \
@ -306,7 +314,7 @@ function testBindmountDirScript() {
> "$containerTmpDir/mount.sh" > "$containerTmpDir/mount.sh"
chmod +x "$containerTmpDir/mount.sh" chmod +x "$containerTmpDir/mount.sh"
docker run --name "$containerName" -d \ docker run --name "$containerName" "$sshHostKeyMountArg" -d \
--privileged=true \ --privileged=true \
-v "$sshKeyPub":/home/custom/.ssh/keys/id_rsa.pub:ro \ -v "$sshKeyPub":/home/custom/.ssh/keys/id_rsa.pub:ro \
-v "$containerTmpDir/custom/bindmount":/custom \ -v "$containerTmpDir/custom/bindmount":/custom \
@ -328,7 +336,7 @@ function testBindmountDirScript() {
} }
function testDuplicateSshKeys() { function testDuplicateSshKeys() {
docker run --name "$containerName" -d \ docker run --name "$containerName" "$sshHostKeyMountArg" -d \
-v "$sshKeyPub":/home/user/.ssh/keys/key1.pub:ro \ -v "$sshKeyPub":/home/user/.ssh/keys/key1.pub:ro \
-v "$sshKeyPub":/home/user/.ssh/keys/key2.pub:ro \ -v "$sshKeyPub":/home/user/.ssh/keys/key2.pub:ro \
"$imageName" "user:" \ "$imageName" "user:" \