| /* |
| * Copyright (C) 2008, 2017 Google Inc. and others |
| * |
| * This program and the accompanying materials are made available under the |
| * terms of the Eclipse Distribution License v. 1.0 which is available at |
| * https://www.eclipse.org/org/documents/edl-v10.php. |
| * |
| * SPDX-License-Identifier: BSD-3-Clause |
| */ |
| |
| //TODO(ms): move to org.eclipse.jgit.ssh.jsch in 6.0 |
| package org.eclipse.jgit.transport; |
| |
| import static java.nio.charset.StandardCharsets.UTF_8; |
| import static org.junit.Assert.assertArrayEquals; |
| import static org.junit.Assert.assertEquals; |
| import static org.junit.Assert.assertFalse; |
| import static org.junit.Assert.assertNotNull; |
| import static org.junit.Assert.assertNotSame; |
| import static org.junit.Assert.assertNull; |
| import static org.junit.Assert.assertTrue; |
| |
| import java.io.File; |
| import java.io.FileOutputStream; |
| import java.io.IOException; |
| import java.io.OutputStreamWriter; |
| import java.time.Instant; |
| import java.util.concurrent.TimeUnit; |
| |
| import org.eclipse.jgit.junit.RepositoryTestCase; |
| import org.eclipse.jgit.lib.Constants; |
| import org.eclipse.jgit.transport.OpenSshConfig.Host; |
| import org.eclipse.jgit.util.FS; |
| import org.eclipse.jgit.util.FileUtils; |
| import org.eclipse.jgit.util.SystemReader; |
| import org.junit.Before; |
| import org.junit.Test; |
| |
| import com.jcraft.jsch.ConfigRepository; |
| import com.jcraft.jsch.ConfigRepository.Config; |
| |
| public class OpenSshConfigTest extends RepositoryTestCase { |
| private File home; |
| |
| private File configFile; |
| |
| private OpenSshConfig osc; |
| |
| @Override |
| @Before |
| public void setUp() throws Exception { |
| super.setUp(); |
| |
| home = new File(trash, "home"); |
| FileUtils.mkdir(home); |
| |
| configFile = new File(new File(home, ".ssh"), Constants.CONFIG); |
| FileUtils.mkdir(configFile.getParentFile()); |
| |
| mockSystemReader.setProperty(Constants.OS_USER_NAME_KEY, "jex_junit"); |
| mockSystemReader.setProperty("TST_VAR", "TEST"); |
| osc = new OpenSshConfig(home, configFile); |
| } |
| |
| private void config(String data) throws IOException { |
| FS fs = FS.DETECTED; |
| long resolution = FS.getFileStoreAttributes(configFile.toPath()) |
| .getFsTimestampResolution().toNanos(); |
| Instant lastMtime = fs.lastModifiedInstant(configFile); |
| do { |
| try (final OutputStreamWriter fw = new OutputStreamWriter( |
| new FileOutputStream(configFile), UTF_8)) { |
| fw.write(data); |
| TimeUnit.NANOSECONDS.sleep(resolution); |
| } catch (InterruptedException e) { |
| Thread.interrupted(); |
| } |
| } while (lastMtime.equals(fs.lastModifiedInstant(configFile))); |
| } |
| |
| @Test |
| public void testNoConfig() { |
| final Host h = osc.lookup("repo.or.cz"); |
| assertNotNull(h); |
| assertEquals("repo.or.cz", h.getHostName()); |
| assertEquals("jex_junit", h.getUser()); |
| assertEquals(22, h.getPort()); |
| assertEquals(1, h.getConnectionAttempts()); |
| assertNull(h.getIdentityFile()); |
| } |
| |
| @Test |
| public void testSeparatorParsing() throws Exception { |
| config("Host\tfirst\n" + |
| "\tHostName\tfirst.tld\n" + |
| "\n" + |
| "Host second\n" + |
| " HostName\tsecond.tld\n" + |
| "Host=third\n" + |
| "HostName=third.tld\n\n\n" + |
| "\t Host = fourth\n\n\n" + |
| " \t HostName\t=fourth.tld\n" + |
| "Host\t = last\n" + |
| "HostName \t last.tld"); |
| assertNotNull(osc.lookup("first")); |
| assertEquals("first.tld", osc.lookup("first").getHostName()); |
| assertNotNull(osc.lookup("second")); |
| assertEquals("second.tld", osc.lookup("second").getHostName()); |
| assertNotNull(osc.lookup("third")); |
| assertEquals("third.tld", osc.lookup("third").getHostName()); |
| assertNotNull(osc.lookup("fourth")); |
| assertEquals("fourth.tld", osc.lookup("fourth").getHostName()); |
| assertNotNull(osc.lookup("last")); |
| assertEquals("last.tld", osc.lookup("last").getHostName()); |
| } |
| |
| @Test |
| public void testQuoteParsing() throws Exception { |
| config("Host \"good\"\n" + |
| " HostName=\"good.tld\"\n" + |
| " Port=\"6007\"\n" + |
| " User=\"gooduser\"\n" + |
| "Host multiple unquoted and \"quoted\" \"hosts\"\n" + |
| " Port=\"2222\"\n" + |
| "Host \"spaced\"\n" + |
| "# Bad host name, but testing preservation of spaces\n" + |
| " HostName=\" spaced\ttld \"\n" + |
| "# Misbalanced quotes\n" + |
| "Host \"bad\"\n" + |
| "# OpenSSH doesn't allow this but ...\n" + |
| " HostName=bad.tld\"\n"); |
| assertEquals("good.tld", osc.lookup("good").getHostName()); |
| assertEquals("gooduser", osc.lookup("good").getUser()); |
| assertEquals(6007, osc.lookup("good").getPort()); |
| assertEquals(2222, osc.lookup("multiple").getPort()); |
| assertEquals(2222, osc.lookup("quoted").getPort()); |
| assertEquals(2222, osc.lookup("and").getPort()); |
| assertEquals(2222, osc.lookup("unquoted").getPort()); |
| assertEquals(2222, osc.lookup("hosts").getPort()); |
| assertEquals(" spaced\ttld ", osc.lookup("spaced").getHostName()); |
| assertEquals("bad.tld\"", osc.lookup("bad").getHostName()); |
| } |
| |
| @Test |
| public void testCaseInsensitiveKeyLookup() throws Exception { |
| config("Host orcz\n" + "Port 29418\n" |
| + "\tHostName repo.or.cz\nStrictHostKeyChecking yes\n"); |
| final Host h = osc.lookup("orcz"); |
| Config c = h.getConfig(); |
| String exactCase = c.getValue("StrictHostKeyChecking"); |
| assertEquals("yes", exactCase); |
| assertEquals(exactCase, c.getValue("stricthostkeychecking")); |
| assertEquals(exactCase, c.getValue("STRICTHOSTKEYCHECKING")); |
| assertEquals(exactCase, c.getValue("sTrIcThostKEYcheckING")); |
| assertNull(c.getValue("sTrIcThostKEYcheckIN")); |
| } |
| |
| @Test |
| public void testAlias_DoesNotMatch() throws Exception { |
| config("Host orcz\n" + "Port 29418\n" + "\tHostName repo.or.cz\n"); |
| final Host h = osc.lookup("repo.or.cz"); |
| assertNotNull(h); |
| assertEquals("repo.or.cz", h.getHostName()); |
| assertEquals("jex_junit", h.getUser()); |
| assertEquals(22, h.getPort()); |
| assertNull(h.getIdentityFile()); |
| final Host h2 = osc.lookup("orcz"); |
| assertEquals("repo.or.cz", h.getHostName()); |
| assertEquals("jex_junit", h.getUser()); |
| assertEquals(29418, h2.getPort()); |
| assertNull(h.getIdentityFile()); |
| } |
| |
| @Test |
| public void testAlias_OptionsSet() throws Exception { |
| config("Host orcz\n" + "\tHostName repo.or.cz\n" + "\tPort 2222\n" |
| + "\tUser jex\n" + "\tIdentityFile .ssh/id_jex\n" |
| + "\tForwardX11 no\n"); |
| final Host h = osc.lookup("orcz"); |
| assertNotNull(h); |
| assertEquals("repo.or.cz", h.getHostName()); |
| assertEquals("jex", h.getUser()); |
| assertEquals(2222, h.getPort()); |
| assertEquals(new File(home, ".ssh/id_jex"), h.getIdentityFile()); |
| } |
| |
| @Test |
| public void testAlias_OptionsKeywordCaseInsensitive() throws Exception { |
| config("hOsT orcz\n" + "\thOsTnAmE repo.or.cz\n" + "\tPORT 2222\n" |
| + "\tuser jex\n" + "\tidentityfile .ssh/id_jex\n" |
| + "\tForwardX11 no\n"); |
| final Host h = osc.lookup("orcz"); |
| assertNotNull(h); |
| assertEquals("repo.or.cz", h.getHostName()); |
| assertEquals("jex", h.getUser()); |
| assertEquals(2222, h.getPort()); |
| assertEquals(new File(home, ".ssh/id_jex"), h.getIdentityFile()); |
| } |
| |
| @Test |
| public void testAlias_OptionsInherit() throws Exception { |
| config("Host orcz\n" + "\tHostName repo.or.cz\n" + "\n" + "Host *\n" |
| + "\tHostName not.a.host.example.com\n" + "\tPort 2222\n" |
| + "\tUser jex\n" + "\tIdentityFile .ssh/id_jex\n" |
| + "\tForwardX11 no\n"); |
| final Host h = osc.lookup("orcz"); |
| assertNotNull(h); |
| assertEquals("repo.or.cz", h.getHostName()); |
| assertEquals("jex", h.getUser()); |
| assertEquals(2222, h.getPort()); |
| assertEquals(new File(home, ".ssh/id_jex"), h.getIdentityFile()); |
| } |
| |
| @Test |
| public void testAlias_PreferredAuthenticationsDefault() throws Exception { |
| final Host h = osc.lookup("orcz"); |
| assertNotNull(h); |
| assertNull(h.getPreferredAuthentications()); |
| } |
| |
| @Test |
| public void testAlias_PreferredAuthentications() throws Exception { |
| config("Host orcz\n" + "\tPreferredAuthentications publickey\n"); |
| final Host h = osc.lookup("orcz"); |
| assertNotNull(h); |
| assertEquals("publickey", h.getPreferredAuthentications()); |
| } |
| |
| @Test |
| public void testAlias_InheritPreferredAuthentications() throws Exception { |
| config("Host orcz\n" + "\tHostName repo.or.cz\n" + "\n" + "Host *\n" |
| + "\tPreferredAuthentications publickey, hostbased\n"); |
| final Host h = osc.lookup("orcz"); |
| assertNotNull(h); |
| assertEquals("publickey,hostbased", h.getPreferredAuthentications()); |
| } |
| |
| @Test |
| public void testAlias_BatchModeDefault() throws Exception { |
| final Host h = osc.lookup("orcz"); |
| assertNotNull(h); |
| assertFalse(h.isBatchMode()); |
| } |
| |
| @Test |
| public void testAlias_BatchModeYes() throws Exception { |
| config("Host orcz\n" + "\tBatchMode yes\n"); |
| final Host h = osc.lookup("orcz"); |
| assertNotNull(h); |
| assertTrue(h.isBatchMode()); |
| } |
| |
| @Test |
| public void testAlias_InheritBatchMode() throws Exception { |
| config("Host orcz\n" + "\tHostName repo.or.cz\n" + "\n" + "Host *\n" |
| + "\tBatchMode yes\n"); |
| final Host h = osc.lookup("orcz"); |
| assertNotNull(h); |
| assertTrue(h.isBatchMode()); |
| } |
| |
| @Test |
| public void testAlias_ConnectionAttemptsDefault() throws Exception { |
| final Host h = osc.lookup("orcz"); |
| assertNotNull(h); |
| assertEquals(1, h.getConnectionAttempts()); |
| } |
| |
| @Test |
| public void testAlias_ConnectionAttempts() throws Exception { |
| config("Host orcz\n" + "\tConnectionAttempts 5\n"); |
| final Host h = osc.lookup("orcz"); |
| assertNotNull(h); |
| assertEquals(5, h.getConnectionAttempts()); |
| } |
| |
| @Test |
| public void testAlias_invalidConnectionAttempts() throws Exception { |
| config("Host orcz\n" + "\tConnectionAttempts -1\n"); |
| final Host h = osc.lookup("orcz"); |
| assertNotNull(h); |
| assertEquals(1, h.getConnectionAttempts()); |
| } |
| |
| @Test |
| public void testAlias_badConnectionAttempts() throws Exception { |
| config("Host orcz\n" + "\tConnectionAttempts xxx\n"); |
| final Host h = osc.lookup("orcz"); |
| assertNotNull(h); |
| assertEquals(1, h.getConnectionAttempts()); |
| } |
| |
| @Test |
| public void testDefaultBlock() throws Exception { |
| config("ConnectionAttempts 5\n\nHost orcz\nConnectionAttempts 3\n"); |
| final Host h = osc.lookup("orcz"); |
| assertNotNull(h); |
| assertEquals(5, h.getConnectionAttempts()); |
| } |
| |
| @Test |
| public void testHostCaseInsensitive() throws Exception { |
| config("hOsT orcz\nConnectionAttempts 3\n"); |
| final Host h = osc.lookup("orcz"); |
| assertNotNull(h); |
| assertEquals(3, h.getConnectionAttempts()); |
| } |
| |
| @Test |
| public void testListValueSingle() throws Exception { |
| config("Host orcz\nUserKnownHostsFile /foo/bar\n"); |
| final ConfigRepository.Config c = osc.getConfig("orcz"); |
| assertNotNull(c); |
| assertEquals("/foo/bar", c.getValue("UserKnownHostsFile")); |
| } |
| |
| @Test |
| public void testListValueMultiple() throws Exception { |
| // Tilde expansion occurs within the parser |
| config("Host orcz\nUserKnownHostsFile \"~/foo/ba z\" /foo/bar \n"); |
| final ConfigRepository.Config c = osc.getConfig("orcz"); |
| assertNotNull(c); |
| assertArrayEquals(new Object[] { new File(home, "foo/ba z").getPath(), |
| "/foo/bar" }, |
| c.getValues("UserKnownHostsFile")); |
| } |
| |
| @Test |
| public void testRepeatedLookupsWithModification() throws Exception { |
| config("Host orcz\n" + "\tConnectionAttempts -1\n"); |
| final Host h1 = osc.lookup("orcz"); |
| assertNotNull(h1); |
| assertEquals(1, h1.getConnectionAttempts()); |
| config("Host orcz\n" + "\tConnectionAttempts 5\n"); |
| final Host h2 = osc.lookup("orcz"); |
| assertNotNull(h2); |
| assertNotSame(h1, h2); |
| assertEquals(5, h2.getConnectionAttempts()); |
| assertEquals(1, h1.getConnectionAttempts()); |
| assertNotSame(h1.getConfig(), h2.getConfig()); |
| } |
| |
| @Test |
| public void testIdentityFile() throws Exception { |
| config("Host orcz\nIdentityFile \"~/foo/ba z\"\nIdentityFile /foo/bar"); |
| final Host h = osc.lookup("orcz"); |
| assertNotNull(h); |
| File f = h.getIdentityFile(); |
| assertNotNull(f); |
| // Host does tilde replacement |
| assertEquals(new File(home, "foo/ba z"), f); |
| final ConfigRepository.Config c = h.getConfig(); |
| // Config does tilde replacement, too |
| assertArrayEquals(new Object[] { new File(home, "foo/ba z").getPath(), |
| "/foo/bar" }, |
| c.getValues("IdentityFile")); |
| } |
| |
| @Test |
| public void testMultiIdentityFile() throws Exception { |
| config("IdentityFile \"~/foo/ba z\"\nHost orcz\nIdentityFile /foo/bar\nHOST *\nIdentityFile /foo/baz"); |
| final Host h = osc.lookup("orcz"); |
| assertNotNull(h); |
| File f = h.getIdentityFile(); |
| assertNotNull(f); |
| // Host does tilde replacement |
| assertEquals(new File(home, "foo/ba z"), f); |
| final ConfigRepository.Config c = h.getConfig(); |
| // Config does tilde replacement, too |
| assertArrayEquals(new Object[] { new File(home, "foo/ba z").getPath(), |
| "/foo/bar", "/foo/baz" }, |
| c.getValues("IdentityFile")); |
| } |
| |
| @Test |
| public void testNegatedPattern() throws Exception { |
| config("Host repo.or.cz\nIdentityFile ~/foo/bar\nHOST !*.or.cz\nIdentityFile /foo/baz"); |
| final Host h = osc.lookup("repo.or.cz"); |
| assertNotNull(h); |
| assertEquals(new File(home, "foo/bar"), h.getIdentityFile()); |
| assertArrayEquals(new Object[] { new File(home, "foo/bar").getPath() }, |
| h.getConfig().getValues("IdentityFile")); |
| } |
| |
| @Test |
| public void testPattern() throws Exception { |
| config("Host repo.or.cz\nIdentityFile ~/foo/bar\nHOST *.or.cz\nIdentityFile /foo/baz"); |
| final Host h = osc.lookup("repo.or.cz"); |
| assertNotNull(h); |
| assertEquals(new File(home, "foo/bar"), h.getIdentityFile()); |
| assertArrayEquals(new Object[] { new File(home, "foo/bar").getPath(), |
| "/foo/baz" }, |
| h.getConfig().getValues("IdentityFile")); |
| } |
| |
| @Test |
| public void testMultiHost() throws Exception { |
| config("Host orcz *.or.cz\nIdentityFile ~/foo/bar\nHOST *.or.cz\nIdentityFile /foo/baz"); |
| final Host h1 = osc.lookup("repo.or.cz"); |
| assertNotNull(h1); |
| assertEquals(new File(home, "foo/bar"), h1.getIdentityFile()); |
| assertArrayEquals(new Object[] { new File(home, "foo/bar").getPath(), |
| "/foo/baz" }, |
| h1.getConfig().getValues("IdentityFile")); |
| final Host h2 = osc.lookup("orcz"); |
| assertNotNull(h2); |
| assertEquals(new File(home, "foo/bar"), h2.getIdentityFile()); |
| assertArrayEquals(new Object[] { new File(home, "foo/bar").getPath() }, |
| h2.getConfig().getValues("IdentityFile")); |
| } |
| |
| @Test |
| public void testEqualsSign() throws Exception { |
| config("Host=orcz\n\tConnectionAttempts = 5\n\tUser=\t foobar\t\n"); |
| final Host h = osc.lookup("orcz"); |
| assertNotNull(h); |
| assertEquals(5, h.getConnectionAttempts()); |
| assertEquals("foobar", h.getUser()); |
| } |
| |
| @Test |
| public void testMissingArgument() throws Exception { |
| config("Host=orcz\n\tSendEnv\nIdentityFile\t\nForwardX11\n\tUser=\t foobar\t\n"); |
| final Host h = osc.lookup("orcz"); |
| assertNotNull(h); |
| assertEquals("foobar", h.getUser()); |
| assertArrayEquals(new String[0], h.getConfig().getValues("SendEnv")); |
| assertNull(h.getIdentityFile()); |
| assertNull(h.getConfig().getValue("ForwardX11")); |
| } |
| |
| @Test |
| public void testHomeDirUserReplacement() throws Exception { |
| config("Host=orcz\n\tIdentityFile %d/.ssh/%u_id_dsa"); |
| final Host h = osc.lookup("orcz"); |
| assertNotNull(h); |
| assertEquals(new File(new File(home, ".ssh"), "jex_junit_id_dsa"), |
| h.getIdentityFile()); |
| } |
| |
| @Test |
| public void testHostnameReplacement() throws Exception { |
| config("Host=orcz\nHost *.*\n\tHostname %h\nHost *\n\tHostname %h.example.org"); |
| final Host h = osc.lookup("orcz"); |
| assertNotNull(h); |
| assertEquals("orcz.example.org", h.getHostName()); |
| } |
| |
| @Test |
| public void testRemoteUserReplacement() throws Exception { |
| config("Host=orcz\n\tUser foo\n" + "Host *.*\n\tHostname %h\n" |
| + "Host *\n\tHostname %h.ex%%20ample.org\n\tIdentityFile ~/.ssh/%h_%r_id_dsa"); |
| final Host h = osc.lookup("orcz"); |
| assertNotNull(h); |
| assertEquals( |
| new File(new File(home, ".ssh"), |
| "orcz.ex%20ample.org_foo_id_dsa"), |
| h.getIdentityFile()); |
| } |
| |
| @Test |
| public void testLocalhostFQDNReplacement() throws Exception { |
| String localhost = SystemReader.getInstance().getHostname(); |
| config("Host=orcz\n\tIdentityFile ~/.ssh/%l_id_dsa"); |
| final Host h = osc.lookup("orcz"); |
| assertNotNull(h); |
| assertEquals( |
| new File(new File(home, ".ssh"), localhost + "_id_dsa"), |
| h.getIdentityFile()); |
| } |
| |
| @Test |
| public void testPubKeyAcceptedAlgorithms() throws Exception { |
| config("Host=orcz\n\tPubkeyAcceptedAlgorithms ^ssh-rsa"); |
| Host h = osc.lookup("orcz"); |
| Config c = h.getConfig(); |
| assertEquals("^ssh-rsa", |
| c.getValue(SshConstants.PUBKEY_ACCEPTED_ALGORITHMS)); |
| assertEquals("^ssh-rsa", c.getValue("PubkeyAcceptedKeyTypes")); |
| } |
| |
| @Test |
| public void testPubKeyAcceptedKeyTypes() throws Exception { |
| config("Host=orcz\n\tPubkeyAcceptedKeyTypes ^ssh-rsa"); |
| Host h = osc.lookup("orcz"); |
| Config c = h.getConfig(); |
| assertEquals("^ssh-rsa", |
| c.getValue(SshConstants.PUBKEY_ACCEPTED_ALGORITHMS)); |
| assertEquals("^ssh-rsa", c.getValue("PubkeyAcceptedKeyTypes")); |
| } |
| |
| @Test |
| public void testEolComments() throws Exception { |
| config("#Comment\nHost=orcz #Comment\n\tPubkeyAcceptedAlgorithms ^ssh-rsa # Comment\n#Comment"); |
| Host h = osc.lookup("orcz"); |
| assertNotNull(h); |
| Config c = h.getConfig(); |
| assertEquals("^ssh-rsa", |
| c.getValue(SshConstants.PUBKEY_ACCEPTED_ALGORITHMS)); |
| } |
| |
| @Test |
| public void testEnVarSubstitution() throws Exception { |
| config("Host orcz\nIdentityFile /tmp/${TST_VAR}\n" |
| + "CertificateFile /tmp/${}/foo\nUser ${TST_VAR}\nIdentityAgent /tmp/${TST_VAR/bar"); |
| Host h = osc.lookup("orcz"); |
| assertNotNull(h); |
| Config c = h.getConfig(); |
| assertEquals("/tmp/TEST", |
| c.getValue(SshConstants.IDENTITY_FILE)); |
| // No variable name |
| assertEquals("/tmp/${}/foo", c.getValue(SshConstants.CERTIFICATE_FILE)); |
| // User doesn't get env var substitution: |
| assertEquals("${TST_VAR}", c.getValue(SshConstants.USER)); |
| assertEquals("${TST_VAR}", h.getUser()); |
| // Unterminated: |
| assertEquals("/tmp/${TST_VAR/bar", |
| c.getValue(SshConstants.IDENTITY_AGENT)); |
| } |
| } |