artesanias/node_modules/ssh2-streams/test/test-packet60.js

var SSH2Stream = require('../lib/ssh');
var parseKey = require('../lib/utils').parseKey;

var assert = require('assert');
var fs = require('fs');

var t = -1;
var SERVER_PRV_KEY = fs.readFileSync(__dirname + '/fixtures/openssh_new_rsa');
var PARSED_SERVER_KEY = parseKey(SERVER_PRV_KEY);
var CLIENT_PRV_KEY = fs.readFileSync(__dirname + '/fixtures/openssh_old_rsa');
var PARSED_CLIENT_KEY = parseKey(CLIENT_PRV_KEY);

function makePair(cb) {
  var server = new SSH2Stream({
    server: true,
    hostKeys: {
      'ssh-rsa': PARSED_SERVER_KEY
    },
    algorithms: {
      serverHostKey: ['ssh-rsa']
    }
  });
  var client = new SSH2Stream();

  var done = [];
  function tryDone(who) {
    done.push(who);
    if (done.length !== 2)
      return;
    cb(server, client);
  }

  server.on('NEWKEYS', function () { tryDone('server'); });
  client.on('NEWKEYS', function () { tryDone('client'); });
  server.pipe(client).pipe(server);
}

function signWithClientKey(blob, syncCb) {
  syncCb(PARSED_CLIENT_KEY.sign(blob));
}

function bufferEqual(a, b) {
  if (a.length !== b.length)
    return false;
  for (var i = 0; i < a.length; ++i) {
    if (a[i] !== b[i])
      return false;
  }
  return true;
}

function publickey(server, client) {
  server.on('USERAUTH_REQUEST', function(user, service, method, data) {
    assert.equal(user, 'bob');
    assert.equal(service, 'ssh-connection');
    assert.equal(method, 'publickey');
    assert.equal(data.keyAlgo, PARSED_CLIENT_KEY.type);
    assert.equal(true, bufferEqual(data.key, PARSED_CLIENT_KEY.getPublicSSH()));
    assert.equal(data.signature, undefined);
    assert.equal(data.blob, undefined);
    return server.authPKOK(data.keyAlgo, data.key);
  });
  client.on('USERAUTH_PK_OK', function() {
    next();
  }).authPK('bob', PARSED_CLIENT_KEY);
}

function keyboardInteractive(server, client) {
  var infoReqsRxed = 0;

  server.on('USERAUTH_REQUEST', function(user, service, method, data) {
    assert.equal(user, 'bob');
    assert.equal(service, 'ssh-connection');
    assert.equal(method, 'keyboard-interactive');
    assert.equal(data, '');
    process.nextTick(function() {
      server.authInfoReq('req 0', 'instructions', [
        { prompt: 'Say something to req 0', echo: true }
      ]);
    });
  }).on('USERAUTH_INFO_RESPONSE', function(responses) {
    if (infoReqsRxed === 1) {
      assert.equal(responses.length, 1);
      assert.equal(responses[0], 'hello to req 0');
      process.nextTick(function() {
        server.authInfoReq('req 1', 'new instructions', [
          { prompt: 'Say something to req 1', echo: true },
          { prompt: 'Say something else', echo: false }
        ]);
      });
    } else if (infoReqsRxed === 2) {
      assert.equal(responses.length, 2);
      assert.equal(responses[0], 'hello to req 1');
      assert.equal(responses[1], 'something else');
      next();
    } else {
      throw new Error('Received too many info reqs: ' + infoReqsRxed);
    }
  });

  client.on('USERAUTH_INFO_REQUEST', function (name, inst, lang, prompts) {
    infoReqsRxed++;
    if (infoReqsRxed === 1) {
      assert.equal(name, 'req 0');
      assert.equal(inst, 'instructions');
      assert.equal(lang, '');
      assert.deepEqual(prompts, [
        { prompt: 'Say something to req 0', echo: true }
      ]);
      process.nextTick(function() {
        client.authInfoRes([ 'hello to req 0' ]);
      });
    } else if (infoReqsRxed === 2) {
      assert.equal(name, 'req 1');
      assert.equal(inst, 'new instructions');
      assert.equal(lang, '');
      assert.deepEqual(prompts, [
        { prompt: 'Say something to req 1', echo: true },
        { prompt: 'Say something else', echo: false }
      ]);
      process.nextTick(function() {
        client.authInfoRes([ 'hello to req 1', 'something else' ]);
      });
    } else {
      throw new Error('Received too many info reqs: ' + infoReqsRxed);
    }
  }).authKeyboard('bob');
}

function mixedMethods(server, client) {
  var expectedStages = [
    'SERVER_SEES_PK_CHECK',
    'SERVER_SEES_PK_REQUEST',
    'SERVER_SEES_PASSWORD',
    'SERVER_SEES_KEYBOARD_INTERACTIVE',
    'CLIENT_SEES_PK_OK',
    'CLIENT_SEES_USERAUTH_FAILURE_PK',
    'CLIENT_SEES_USERAUTH_FAILURE_PASSWORD',
    'CLIENT_SEES_KEYBOARD_REQ',
    'SERVER_SEES_KEYBOARD_RES',
    'CLIENT_SEES_USERAUTH_SUCCESS',
  ];

  server.on('USERAUTH_REQUEST', function(name, service, method, data) {
    assert.equal(name, 'bob');
    assert.equal(service, 'ssh-connection');
    var expectedStage = expectedStages.shift();
    switch (expectedStage) {
      case 'SERVER_SEES_PK_CHECK':
        assert.equal(method, 'publickey');
        assert.equal(data.signature, undefined);
        return process.nextTick(function() {
          server.authPKOK(data.keyAlgo, data.key);
        });
      case 'SERVER_SEES_PK_REQUEST':
        assert.equal(method, 'publickey');
        assert.notEqual(data.signature, undefined);
        return process.nextTick(function() {
          server.authFailure(
            ['publickey', 'password', 'keyboard-interactive'],
            false
          );
        });
      case 'SERVER_SEES_PASSWORD':
        assert.equal(method, 'password');
        assert.equal(data, 'seekrit');
        return process.nextTick(function() {
          server.authFailure(
            ['publickey', 'password', 'keyboard-interactive'],
            false
          );
        });
      case 'SERVER_SEES_KEYBOARD_INTERACTIVE':
        assert.equal(method, 'keyboard-interactive');
        assert.equal(data, '');
        return process.nextTick(function() {
          server.authInfoReq('Password required', 'Password prompt', [
            { prompt: 'Password:', echo: false }
          ]);
        });
      default:
        throw new Error('Server saw USERAUTH_REQUEST ' + method +
                        ' but expected ' + expectedStage);
    }
  }).on('USERAUTH_INFO_RESPONSE', function(responses) {
    assert.equal(expectedStages.shift(), 'SERVER_SEES_KEYBOARD_RES');
    assert.deepEqual(responses, [ 'seekrit' ]);
    process.nextTick(function() {
      server.authSuccess();
    });
  });


  client.on('USERAUTH_PK_OK', function() {
    assert.equal(expectedStages.shift(), 'CLIENT_SEES_PK_OK');
  }).on('USERAUTH_FAILURE', function() {
    var expectedStage = expectedStages.shift();
    if (expectedStage !== 'CLIENT_SEES_USERAUTH_FAILURE_PK' &&
        expectedStage !== 'CLIENT_SEES_USERAUTH_FAILURE_PASSWORD') {
      throw new Error('Client saw USERAUTH_FAILURE but expected ' +
                      expectedStage);
    }
  }).on('USERAUTH_INFO_REQUEST', function(name, inst, lang, prompts) {
    assert.equal(expectedStages.shift(), 'CLIENT_SEES_KEYBOARD_REQ');
    assert.equal(name, 'Password required');
    assert.equal(inst, 'Password prompt');
    assert.equal(lang, '');
    assert.deepEqual(prompts, [ { prompt: 'Password:', echo: false } ]);
    process.nextTick(function() {
      client.authInfoRes([ 'seekrit' ]);
    });
  }).on('USERAUTH_SUCCESS', function() {
    assert.equal(expectedStages.shift(), 'CLIENT_SEES_USERAUTH_SUCCESS');
    assert.equal(expectedStages.shift(), undefined);
    next();
  });

  // Silly to submit all these auths at once, but allowed by RFC4252
  client.authPK('bob', PARSED_CLIENT_KEY);
  client.authPK('bob', PARSED_CLIENT_KEY, signWithClientKey);
  client.authPassword('bob', 'seekrit');
  client.authKeyboard('bob');
}

var tests = [
  publickey,
  keyboardInteractive,
  // password   // ssh2-streams can't generate a password change request
  mixedMethods
];
    
 
function next() {
  if (Array.isArray(process._events.exit))
    process._events.exit = process._events.exit[1];
  if (++t === tests.length)
    return;

  var v = tests[t];
  makePair(v);
}

process.once('exit', function() {
  assert(t === tests.length,
         'Only finished ' + t + '/' + tests.length + ' tests');
});

next();