public async Task WhenNonWhitelistedEnvironmentVariablePassed_ThenOpenShellChannelAsyncThrowsRequestDenied(
[LinuxInstance] ResourceTask <InstanceLocator> instanceLocatorTask)
{
var endpoint = new IPEndPoint(
await InstanceUtil.PublicIpAddressForInstanceAsync(await instanceLocatorTask),
22);
using (var key = new RsaSshKey(new RSACng()))
{
await InstanceUtil.AddPublicKeyToMetadata(
await instanceLocatorTask,
"testuser",
key).ConfigureAwait(true);
using (var session = CreateSession())
using (var connection = session.Connect(endpoint))
using (var authSession = connection.Authenticate("testuser", key))
{
SshAssert.ThrowsNativeExceptionWithError(
session,
LIBSSH2_ERROR.CHANNEL_REQUEST_DENIED,
() => authSession.OpenShellChannel(
LIBSSH2_CHANNEL_EXTENDED_DATA.MERGE,
DefaultTerminal,
80,
24,
new[]
{
new EnvironmentVariable("FOO", "foo", true),
new EnvironmentVariable("BAR", "bar", true)
}));
}
}
}
public async Task WhenDisconnected_ThenOpenExecChannelAsyncThrowsSocketSend(
[LinuxInstance] ResourceTask <InstanceLocator> instanceLocatorTask)
{
var instanceLocator = await instanceLocatorTask;
var endpoint = new IPEndPoint(
await InstanceUtil.PublicIpAddressForInstanceAsync(await instanceLocatorTask),
22);
using (var key = new RsaSshKey(new RSACng()))
{
await InstanceUtil.AddPublicKeyToMetadata(
instanceLocator,
"testuser",
key).ConfigureAwait(true);
using (var session = CreateSession())
using (var connection = session.Connect(endpoint))
using (var authSession = connection.Authenticate("testuser", key))
{
connection.Dispose();
SshAssert.ThrowsNativeExceptionWithError(
session,
LIBSSH2_ERROR.SOCKET_SEND,
() => authSession.OpenExecChannel(
"whoami",
LIBSSH2_CHANNEL_EXTENDED_DATA.NORMAL));
}
}
}
public async Task WhenSessionDisconnected_ThenAuthenticateThrowsSocketSend(
[LinuxInstance] ResourceTask <InstanceLocator> instanceLocatorTask)
{
var endpoint = new IPEndPoint(
await InstanceUtil.PublicIpAddressForInstanceAsync(await instanceLocatorTask),
22);
using (var key = new RsaSshKey(new RSACng()))
{
await InstanceUtil.AddPublicKeyToMetadata(
await instanceLocatorTask,
"testuser",
key);
using (var session = CreateSession())
using (var connection = session.Connect(endpoint))
{
connection.Dispose();
SshAssert.ThrowsNativeExceptionWithError(
session,
LIBSSH2_ERROR.SOCKET_SEND,
() => connection.Authenticate("testuser", key));
}
}
}
public async Task WhenConnected_ThenOpenShellChannelAsyncChannelSucceeds(
[LinuxInstance] ResourceTask <InstanceLocator> instanceLocatorTask)
{
var instanceLocator = await instanceLocatorTask;
var endpoint = new IPEndPoint(
await InstanceUtil.PublicIpAddressForInstanceAsync(await instanceLocatorTask),
22);
using (var key = new RsaSshKey(new RSACng()))
{
await InstanceUtil.AddPublicKeyToMetadata(
instanceLocator,
"testuser",
key).ConfigureAwait(true);
using (var session = CreateSession())
using (var connection = session.Connect(endpoint))
using (var authSession = connection.Authenticate("testuser", key))
using (var channel = authSession.OpenExecChannel(
"whoami",
LIBSSH2_CHANNEL_EXTENDED_DATA.NORMAL))
{
channel.Close();
}
}
}
public async Task WhenCommandIsValid_ThenOpenExecChannelAsyncSucceeds(
[LinuxInstance] ResourceTask <InstanceLocator> instanceLocatorTask)
{
var endpoint = new IPEndPoint(
await InstanceUtil.PublicIpAddressForInstanceAsync(await instanceLocatorTask),
22);
using (var key = new RsaSshKey(new RSACng()))
{
await InstanceUtil.AddPublicKeyToMetadata(
await instanceLocatorTask,
"testuser",
key).ConfigureAwait(true);
using (var session = CreateSession())
using (var connection = session.Connect(endpoint))
using (var authSession = connection.Authenticate("testuser", key))
using (var channel = authSession.OpenExecChannel(
"whoami",
LIBSSH2_CHANNEL_EXTENDED_DATA.NORMAL))
{
channel.WaitForEndOfStream();
var buffer = new byte[1024];
var bytesRead = channel.Read(buffer);
Assert.AreNotEqual(0, bytesRead);
Assert.AreEqual("testuser\n", Encoding.ASCII.GetString(buffer, 0, (int)bytesRead));
Assert.AreEqual(0, channel.ExitCode);
Assert.IsNull(channel.ExitSignal);
channel.Close();
}
}
}
public async Task WhenNoMoreDataToRead_ThenReadReturnZero(
[LinuxInstance] ResourceTask <InstanceLocator> instanceLocatorTask)
{
var endpoint = new IPEndPoint(
await InstanceUtil.PublicIpAddressForInstanceAsync(await instanceLocatorTask),
22);
using (var key = new RsaSshKey(new RSACng()))
{
await InstanceUtil.AddPublicKeyToMetadata(
await instanceLocatorTask,
"testuser",
key).ConfigureAwait(true);
using (var session = CreateSession())
using (var connection = session.Connect(endpoint))
using (var authSession = connection.Authenticate(
"testuser",
key,
UnexpectedAuthenticationCallback))
using (var channel = authSession.OpenExecChannel(
"whoami",
LIBSSH2_CHANNEL_EXTENDED_DATA.NORMAL))
{
channel.WaitForEndOfStream();
Assert.AreNotEqual(0, channel.Read(new byte[1024]));
Assert.AreEqual(0, channel.Read(new byte[1024]));
channel.Close();
}
}
}
public async Task WhenClosingSessionBeforeChannel_ThenDoubleFreeIsPrevented(
[LinuxInstance] ResourceTask <InstanceLocator> instanceLocatorTask)
{
var instanceLocator = await instanceLocatorTask;
var endpoint = new IPEndPoint(
await InstanceUtil.PublicIpAddressForInstanceAsync(await instanceLocatorTask),
22);
using (var key = new RsaSshKey(new RSACng()))
{
await InstanceUtil.AddPublicKeyToMetadata(
instanceLocator,
"testuser",
key).ConfigureAwait(true);
var session = CreateSession();
var connection = session.Connect(endpoint);
var authSession = connection.Authenticate(
"testuser",
key,
UnexpectedAuthenticationCallback);
var channel = authSession.OpenExecChannel(
"whoami",
LIBSSH2_CHANNEL_EXTENDED_DATA.NORMAL);
session.Dispose();
// Free channel after session - note that this causes an assertion
// when debugging.
channel.Dispose();
}
}
public async Task When2faRequiredAndPromptThrowsException_ThenAuthenticationFailsWithoutRetry(
[LinuxInstance(InitializeScript = RequireSshPassword)] ResourceTask <InstanceLocator> instanceLocatorTask)
{
var endpoint = new IPEndPoint(
await InstanceUtil.PublicIpAddressForInstanceAsync(await instanceLocatorTask),
22);
using (var key = new RsaSshKey(new RSACng()))
{
await InstanceUtil.AddPublicKeyToMetadata(
await instanceLocatorTask,
"testuser",
key);
using (var session = CreateSession())
using (var connection = session.Connect(endpoint))
{
var callbackCount = 0;
Assert.Throws <OperationCanceledException>(
() => connection.Authenticate(
"testuser",
key,
(name, instruction, prompt, echo) =>
{
callbackCount++;
throw new OperationCanceledException();
}));
Assert.AreEqual(1, callbackCount);
}
}
}
public async Task WhenPublicKeyValidAndKnownFromMetadata_ThenAuthenticationSucceeds(
[LinuxInstance] ResourceTask <InstanceLocator> instanceLocatorTask)
{
var endpoint = new IPEndPoint(
await InstanceUtil.PublicIpAddressForInstanceAsync(await instanceLocatorTask),
22);
using (var key = new RsaSshKey(new RSACng()))
{
await InstanceUtil.AddPublicKeyToMetadata(
await instanceLocatorTask,
"testuser",
key);
using (var session = CreateSession())
using (var connection = session.Connect(endpoint))
{
var authSession = connection.Authenticate(
"testuser",
key,
this.UnexpectedAuthenticationCallback);
Assert.IsNotNull(authSession);
}
}
}
public async Task WhenPseudoterminalResized_ThenShellReflectsNewSize(
[LinuxInstance] ResourceTask <InstanceLocator> instanceLocatorTask)
{
var endpoint = new IPEndPoint(
await InstanceUtil.PublicIpAddressForInstanceAsync(await instanceLocatorTask),
22);
using (var key = new RsaSshKey(new RSACng()))
{
await InstanceUtil.AddPublicKeyToMetadata(
await instanceLocatorTask,
"testuser",
key).ConfigureAwait(true);
using (var session = CreateSession())
using (var connection = session.Connect(endpoint))
using (var authSession = connection.Authenticate(
"testuser",
key,
UnexpectedAuthenticationCallback))
using (var channel = authSession.OpenShellChannel(
LIBSSH2_CHANNEL_EXTENDED_DATA.MERGE,
DefaultTerminal,
80,
24))
{
var welcome = ReadUntil(channel, "~$", Encoding.ASCII);
// Read initial terminal size.
channel.Write(Encoding.ASCII.GetBytes("echo $COLUMNS $LINES\n"));
ReadUntil(channel, "\n", Encoding.ASCII);
var terminalSize = ReadUntil(channel, "\n", Encoding.ASCII);
Assert.AreEqual("80 24\r\n", terminalSize);
// Resize terminal.
channel.ResizePseudoTerminal(100, 30);
// Read terminal size again.
channel.Write(Encoding.ASCII.GetBytes("echo $COLUMNS $LINES\n"));
ReadUntil(channel, "\n", Encoding.ASCII);
terminalSize = ReadUntil(channel, "\n", Encoding.ASCII);
Assert.AreEqual("100 30\r\n", terminalSize);
channel.Close();
}
}
}
public async Task WhenWhitelistedEnvironmentVariablePassed_ThenShellCanAccessVariable(
[LinuxInstance] ResourceTask <InstanceLocator> instanceLocatorTask)
{
var endpoint = new IPEndPoint(
await InstanceUtil.PublicIpAddressForInstanceAsync(await instanceLocatorTask),
22);
using (var key = new RsaSshKey(new RSACng()))
{
await InstanceUtil.AddPublicKeyToMetadata(
await instanceLocatorTask,
"testuser",
key).ConfigureAwait(true);
using (var session = CreateSession())
using (var connection = session.Connect(endpoint))
using (var authSession = connection.Authenticate(
"testuser",
key,
UnexpectedAuthenticationCallback))
using (var channel = authSession.OpenShellChannel(
LIBSSH2_CHANNEL_EXTENDED_DATA.MERGE,
DefaultTerminal,
80,
24,
new[]
{
new EnvironmentVariable(
"LANG",
"LC_ALL",
true) // LANG is whitelisted by sshd by default.
}))
{
var bytesWritten = channel.Write(Encoding.ASCII.GetBytes("echo $LANG;exit\n"));
Assert.AreEqual(16, bytesWritten);
var output = ReadToEnd(channel, Encoding.ASCII);
channel.Close();
StringAssert.Contains(
"en_US.UTF-8",
output);
Assert.AreEqual(0, channel.ExitCode);
}
}
}
public async Task WhenConnected_ThenOpenShellChannelAsyncSucceeds(
[LinuxInstance] ResourceTask <InstanceLocator> instanceLocatorTask)
{
var endpoint = new IPEndPoint(
await InstanceUtil.PublicIpAddressForInstanceAsync(await instanceLocatorTask),
22);
using (var key = new RsaSshKey(new RSACng()))
{
await InstanceUtil.AddPublicKeyToMetadata(
await instanceLocatorTask,
"testuser",
key).ConfigureAwait(true);
using (var session = CreateSession())
using (var connection = session.Connect(endpoint))
using (var authSession = connection.Authenticate(
"testuser",
key,
UnexpectedAuthenticationCallback))
using (var channel = authSession.OpenShellChannel(
LIBSSH2_CHANNEL_EXTENDED_DATA.MERGE,
DefaultTerminal,
80,
24))
{
// Run command.
var bytesWritten = channel.Write(Encoding.ASCII.GetBytes("whoami;exit\n"));
Assert.AreEqual(12, bytesWritten);
// Read command output.
var output = ReadToEnd(channel, Encoding.ASCII);
channel.Close();
StringAssert.Contains(
"whoami;exit\r\ntestuser\r\nlogout\r\n",
output);
Assert.AreEqual(0, channel.ExitCode);
Assert.AreEqual(null, channel.ExitSignal);
}
}
}
public async Task WhenCommandInvalidAndExtendedDataModeIsNormal_ThenExecuteSucceedsAndStderrContainsError(
[LinuxInstance] ResourceTask <InstanceLocator> instanceLocatorTask)
{
var endpoint = new IPEndPoint(
await InstanceUtil.PublicIpAddressForInstanceAsync(await instanceLocatorTask),
22);
using (var key = new RsaSshKey(new RSACng()))
{
await InstanceUtil.AddPublicKeyToMetadata(
await instanceLocatorTask,
"testuser",
key).ConfigureAwait(true);
using (var session = CreateSession())
using (var connection = session.Connect(endpoint))
using (var authSession = connection.Authenticate(
"testuser",
key,
UnexpectedAuthenticationCallback))
using (var channel = authSession.OpenExecChannel(
"invalidcommand",
LIBSSH2_CHANNEL_EXTENDED_DATA.NORMAL))
{
channel.WaitForEndOfStream();
var buffer = new byte[1024];
var bytesRead = channel.Read(
buffer,
LIBSSH2_STREAM.EXTENDED_DATA_STDERR);
Assert.AreNotEqual(0, bytesRead);
Assert.AreEqual(
"bash: invalidcommand: command not found\n",
Encoding.ASCII.GetString(buffer, 0, (int)bytesRead));
Assert.AreEqual(127, channel.ExitCode);
Assert.IsNull(channel.ExitSignal);
channel.Close();
}
}
}
public async Task When2faRequiredAndPromptReturnsNull_ThenPromptIsRetried(
[LinuxInstance(InitializeScript = RequireSshPassword)] ResourceTask <InstanceLocator> instanceLocatorTask)
{
var endpoint = new IPEndPoint(
await InstanceUtil.PublicIpAddressForInstanceAsync(await instanceLocatorTask),
22);
using (var key = new RsaSshKey(new RSACng()))
{
await InstanceUtil.AddPublicKeyToMetadata(
await instanceLocatorTask,
"testuser",
key);
using (var session = CreateSession())
using (var connection = session.Connect(endpoint))
{
var callbackCount = 0;
SshAssert.ThrowsNativeExceptionWithError(
session,
LIBSSH2_ERROR.AUTHENTICATION_FAILED,
() => connection.Authenticate(
"testuser",
key,
(name, instruction, prompt, echo) =>
{
callbackCount++;
Assert.AreEqual("Password: ", prompt);
Assert.IsFalse(echo);
return(null);
}));
Assert.AreEqual(SshConnectedSession.KeyboardInteractiveRetries, callbackCount);
}
}
}
