mirror of
https://github.com/tahoe-lafs/tahoe-lafs.git
synced 2025-02-22 18:22:40 +00:00
update the integration tests to reflect removal of sftp password auth
This commit is contained in:
parent
3de481ab6b
commit
5b9997f388
@ -353,10 +353,23 @@ def storage_nodes(reactor, temp_dir, introducer, introducer_furl, flog_gatherer,
|
|||||||
nodes.append(process)
|
nodes.append(process)
|
||||||
return nodes
|
return nodes
|
||||||
|
|
||||||
|
@pytest.fixture(scope="session")
|
||||||
|
def alice_sftp_client_key_path(temp_dir):
|
||||||
|
# The client SSH key path is typically going to be somewhere else (~/.ssh,
|
||||||
|
# typically), but for convenience sake for testing we'll put it inside node.
|
||||||
|
return join(temp_dir, "alice", "private", "ssh_client_rsa_key")
|
||||||
|
|
||||||
@pytest.fixture(scope='session')
|
@pytest.fixture(scope='session')
|
||||||
@log_call(action_type=u"integration:alice", include_args=[], include_result=False)
|
@log_call(action_type=u"integration:alice", include_args=[], include_result=False)
|
||||||
def alice(reactor, temp_dir, introducer_furl, flog_gatherer, storage_nodes, request):
|
def alice(
|
||||||
|
reactor,
|
||||||
|
temp_dir,
|
||||||
|
introducer_furl,
|
||||||
|
flog_gatherer,
|
||||||
|
storage_nodes,
|
||||||
|
alice_sftp_client_key_path,
|
||||||
|
request,
|
||||||
|
):
|
||||||
process = pytest_twisted.blockon(
|
process = pytest_twisted.blockon(
|
||||||
_create_node(
|
_create_node(
|
||||||
reactor, request, temp_dir, introducer_furl, flog_gatherer, "alice",
|
reactor, request, temp_dir, introducer_furl, flog_gatherer, "alice",
|
||||||
@ -387,19 +400,13 @@ accounts.file = {accounts_path}
|
|||||||
""".format(ssh_key_path=host_ssh_key_path, accounts_path=accounts_path))
|
""".format(ssh_key_path=host_ssh_key_path, accounts_path=accounts_path))
|
||||||
generate_ssh_key(host_ssh_key_path)
|
generate_ssh_key(host_ssh_key_path)
|
||||||
|
|
||||||
# 3. Add a SFTP access file with username/password and SSH key auth.
|
# 3. Add a SFTP access file with an SSH key for auth.
|
||||||
|
generate_ssh_key(alice_sftp_client_key_path)
|
||||||
# The client SSH key path is typically going to be somewhere else (~/.ssh,
|
|
||||||
# typically), but for convenience sake for testing we'll put it inside node.
|
|
||||||
client_ssh_key_path = join(process.node_dir, "private", "ssh_client_rsa_key")
|
|
||||||
generate_ssh_key(client_ssh_key_path)
|
|
||||||
# Pub key format is "ssh-rsa <thekey> <username>". We want the key.
|
# Pub key format is "ssh-rsa <thekey> <username>". We want the key.
|
||||||
ssh_public_key = open(client_ssh_key_path + ".pub").read().strip().split()[1]
|
ssh_public_key = open(alice_sftp_client_key_path + ".pub").read().strip().split()[1]
|
||||||
with open(accounts_path, "w") as f:
|
with open(accounts_path, "w") as f:
|
||||||
f.write("""\
|
f.write("""\
|
||||||
alice password {rwcap}
|
alice-key ssh-rsa {ssh_public_key} {rwcap}
|
||||||
|
|
||||||
alice2 ssh-rsa {ssh_public_key} {rwcap}
|
|
||||||
""".format(rwcap=rwcap, ssh_public_key=ssh_public_key))
|
""".format(rwcap=rwcap, ssh_public_key=ssh_public_key))
|
||||||
|
|
||||||
# 4. Restart the node with new SFTP config.
|
# 4. Restart the node with new SFTP config.
|
||||||
|
@ -19,6 +19,7 @@ from future.utils import PY2
|
|||||||
if PY2:
|
if PY2:
|
||||||
from future.builtins import filter, map, zip, ascii, chr, hex, input, next, oct, open, pow, round, super, bytes, dict, list, object, range, str, max, min # noqa: F401
|
from future.builtins import filter, map, zip, ascii, chr, hex, input, next, oct, open, pow, round, super, bytes, dict, list, object, range, str, max, min # noqa: F401
|
||||||
|
|
||||||
|
import os.path
|
||||||
from posixpath import join
|
from posixpath import join
|
||||||
from stat import S_ISDIR
|
from stat import S_ISDIR
|
||||||
|
|
||||||
@ -33,7 +34,7 @@ import pytest
|
|||||||
from .util import generate_ssh_key, run_in_thread
|
from .util import generate_ssh_key, run_in_thread
|
||||||
|
|
||||||
|
|
||||||
def connect_sftp(connect_args={"username": "alice", "password": "password"}):
|
def connect_sftp(connect_args):
|
||||||
"""Create an SFTP client."""
|
"""Create an SFTP client."""
|
||||||
client = SSHClient()
|
client = SSHClient()
|
||||||
client.set_missing_host_key_policy(AutoAddPolicy)
|
client.set_missing_host_key_policy(AutoAddPolicy)
|
||||||
@ -60,24 +61,24 @@ def connect_sftp(connect_args={"username": "alice", "password": "password"}):
|
|||||||
@run_in_thread
|
@run_in_thread
|
||||||
def test_bad_account_password_ssh_key(alice, tmpdir):
|
def test_bad_account_password_ssh_key(alice, tmpdir):
|
||||||
"""
|
"""
|
||||||
Can't login with unknown username, wrong password, or wrong SSH pub key.
|
Can't login with unknown username, any password, or wrong SSH pub key.
|
||||||
"""
|
"""
|
||||||
# Wrong password, wrong username:
|
# Any password, wrong username:
|
||||||
for u, p in [("alice", "wrong"), ("someuser", "password")]:
|
for u, p in [("alice-key", "wrong"), ("someuser", "password")]:
|
||||||
with pytest.raises(AuthenticationException):
|
with pytest.raises(AuthenticationException):
|
||||||
connect_sftp(connect_args={
|
connect_sftp(connect_args={
|
||||||
"username": u, "password": p,
|
"username": u, "password": p,
|
||||||
})
|
})
|
||||||
|
|
||||||
another_key = join(str(tmpdir), "ssh_key")
|
another_key = os.path.join(str(tmpdir), "ssh_key")
|
||||||
generate_ssh_key(another_key)
|
generate_ssh_key(another_key)
|
||||||
good_key = RSAKey(filename=join(alice.node_dir, "private", "ssh_client_rsa_key"))
|
good_key = RSAKey(filename=os.path.join(alice.node_dir, "private", "ssh_client_rsa_key"))
|
||||||
bad_key = RSAKey(filename=another_key)
|
bad_key = RSAKey(filename=another_key)
|
||||||
|
|
||||||
# Wrong key:
|
# Wrong key:
|
||||||
with pytest.raises(AuthenticationException):
|
with pytest.raises(AuthenticationException):
|
||||||
connect_sftp(connect_args={
|
connect_sftp(connect_args={
|
||||||
"username": "alice2", "pkey": bad_key,
|
"username": "alice-key", "pkey": bad_key,
|
||||||
})
|
})
|
||||||
|
|
||||||
# Wrong username:
|
# Wrong username:
|
||||||
@ -86,13 +87,24 @@ def test_bad_account_password_ssh_key(alice, tmpdir):
|
|||||||
"username": "someoneelse", "pkey": good_key,
|
"username": "someoneelse", "pkey": good_key,
|
||||||
})
|
})
|
||||||
|
|
||||||
|
def sftp_client_key(node):
|
||||||
|
return RSAKey(
|
||||||
|
filename=os.path.join(node.node_dir, "private", "ssh_client_rsa_key"),
|
||||||
|
)
|
||||||
|
|
||||||
|
def test_sftp_client_key_exists(alice, alice_sftp_client_key_path):
|
||||||
|
"""
|
||||||
|
Weakly validate the sftp client key fixture by asserting that *something*
|
||||||
|
exists at the supposed key path.
|
||||||
|
"""
|
||||||
|
assert os.path.exists(alice_sftp_client_key_path)
|
||||||
|
|
||||||
@run_in_thread
|
@run_in_thread
|
||||||
def test_ssh_key_auth(alice):
|
def test_ssh_key_auth(alice):
|
||||||
"""It's possible to login authenticating with SSH public key."""
|
"""It's possible to login authenticating with SSH public key."""
|
||||||
key = RSAKey(filename=join(alice.node_dir, "private", "ssh_client_rsa_key"))
|
key = sftp_client_key(alice)
|
||||||
sftp = connect_sftp(connect_args={
|
sftp = connect_sftp(connect_args={
|
||||||
"username": "alice2", "pkey": key
|
"username": "alice-key", "pkey": key
|
||||||
})
|
})
|
||||||
assert sftp.listdir() == []
|
assert sftp.listdir() == []
|
||||||
|
|
||||||
@ -100,7 +112,10 @@ def test_ssh_key_auth(alice):
|
|||||||
@run_in_thread
|
@run_in_thread
|
||||||
def test_read_write_files(alice):
|
def test_read_write_files(alice):
|
||||||
"""It's possible to upload and download files."""
|
"""It's possible to upload and download files."""
|
||||||
sftp = connect_sftp()
|
sftp = connect_sftp(connect_args={
|
||||||
|
"username": "alice-key",
|
||||||
|
"pkey": sftp_client_key(alice),
|
||||||
|
})
|
||||||
with sftp.file("myfile", "wb") as f:
|
with sftp.file("myfile", "wb") as f:
|
||||||
f.write(b"abc")
|
f.write(b"abc")
|
||||||
f.write(b"def")
|
f.write(b"def")
|
||||||
@ -117,7 +132,10 @@ def test_directories(alice):
|
|||||||
It's possible to create, list directories, and create and remove files in
|
It's possible to create, list directories, and create and remove files in
|
||||||
them.
|
them.
|
||||||
"""
|
"""
|
||||||
sftp = connect_sftp()
|
sftp = connect_sftp(connect_args={
|
||||||
|
"username": "alice-key",
|
||||||
|
"pkey": sftp_client_key(alice),
|
||||||
|
})
|
||||||
assert sftp.listdir() == []
|
assert sftp.listdir() == []
|
||||||
|
|
||||||
sftp.mkdir("childdir")
|
sftp.mkdir("childdir")
|
||||||
@ -148,7 +166,10 @@ def test_directories(alice):
|
|||||||
@run_in_thread
|
@run_in_thread
|
||||||
def test_rename(alice):
|
def test_rename(alice):
|
||||||
"""Directories and files can be renamed."""
|
"""Directories and files can be renamed."""
|
||||||
sftp = connect_sftp()
|
sftp = connect_sftp(connect_args={
|
||||||
|
"username": "alice-key",
|
||||||
|
"pkey": sftp_client_key(alice),
|
||||||
|
})
|
||||||
sftp.mkdir("dir")
|
sftp.mkdir("dir")
|
||||||
|
|
||||||
filepath = join("dir", "file")
|
filepath = join("dir", "file")
|
||||||
|
Loading…
x
Reference in New Issue
Block a user