← Back to branch summary

~hduran-8/+junk/caddy

« back to all changes in this revision

Viewing changes to debian/gocode/src/golang.org/x/crypto/ssh/client_auth_test.go

  • Committer: Horacio Durán
  • Date: 2017-01-20 16:21:20 UTC
  • Revision ID: horacio.duran@canonical.com-20170120162120-l82mfqwmsclnk838
Upgrade to 0.9.4

Show diffs side-by-side

added added

removed removed

Lines of Context:
debian/gocode/src/golang.org/x/crypto/ssh/client_auth_test.go
77
77
                        return nil, errors.New("keyboard-interactive failed")
78
78
                },
79
79
                AuthLogCallback: func(conn ConnMetadata, method string, err error) {
80
 
                        t.Logf("user %q, method %q: %v", conn.User(), method, err)
81
80
                },
82
81
        }
83
82
        serverConfig.AddHostKey(testSigners["rsa"])
278
277
        }
279
278
        clientConfig.Auth = append(clientConfig.Auth, PublicKeys(certSigner))
280
279
 
281
 
        t.Log("should succeed")
 
280
        // should succeed
282
281
        if err := tryAuth(t, clientConfig); err != nil {
283
282
                t.Errorf("cert login failed: %v", err)
284
283
        }
285
284
 
286
 
        t.Log("corrupted signature")
 
285
        // corrupted signature
287
286
        cert.Signature.Blob[0]++
288
287
        if err := tryAuth(t, clientConfig); err == nil {
289
288
                t.Errorf("cert login passed with corrupted sig")
290
289
        }
291
290
 
292
 
        t.Log("revoked")
 
291
        // revoked
293
292
        cert.Serial = 666
294
293
        cert.SignCert(rand.Reader, testSigners["ecdsa"])
295
294
        if err := tryAuth(t, clientConfig); err == nil {
297
296
        }
298
297
        cert.Serial = 1
299
298
 
300
 
        t.Log("sign with wrong key")
 
299
        // sign with wrong key
301
300
        cert.SignCert(rand.Reader, testSigners["dsa"])
302
301
        if err := tryAuth(t, clientConfig); err == nil {
303
302
                t.Errorf("cert login passed with non-authoritative key")
304
303
        }
305
304
 
306
 
        t.Log("host cert")
 
305
        // host cert
307
306
        cert.CertType = HostCert
308
307
        cert.SignCert(rand.Reader, testSigners["ecdsa"])
309
308
        if err := tryAuth(t, clientConfig); err == nil {
311
310
        }
312
311
        cert.CertType = UserCert
313
312
 
314
 
        t.Log("principal specified")
 
313
        // principal specified
315
314
        cert.ValidPrincipals = []string{"user"}
316
315
        cert.SignCert(rand.Reader, testSigners["ecdsa"])
317
316
        if err := tryAuth(t, clientConfig); err != nil {
318
317
                t.Errorf("cert login failed: %v", err)
319
318
        }
320
319
 
321
 
        t.Log("wrong principal specified")
 
320
        // wrong principal specified
322
321
        cert.ValidPrincipals = []string{"fred"}
323
322
        cert.SignCert(rand.Reader, testSigners["ecdsa"])
324
323
        if err := tryAuth(t, clientConfig); err == nil {
326
325
        }
327
326
        cert.ValidPrincipals = nil
328
327
 
329
 
        t.Log("added critical option")
 
328
        // added critical option
330
329
        cert.CriticalOptions = map[string]string{"root-access": "yes"}
331
330
        cert.SignCert(rand.Reader, testSigners["ecdsa"])
332
331
        if err := tryAuth(t, clientConfig); err == nil {
333
332
                t.Errorf("cert login passed with unrecognized critical option")
334
333
        }
335
334
 
336
 
        t.Log("allowed source address")
 
335
        // allowed source address
337
336
        cert.CriticalOptions = map[string]string{"source-address": "127.0.0.42/24"}
338
337
        cert.SignCert(rand.Reader, testSigners["ecdsa"])
339
338
        if err := tryAuth(t, clientConfig); err != nil {
340
339
                t.Errorf("cert login with source-address failed: %v", err)
341
340
        }
342
341
 
343
 
        t.Log("disallowed source address")
 
342
        // disallowed source address
344
343
        cert.CriticalOptions = map[string]string{"source-address": "127.0.0.42"}
345
344
        cert.SignCert(rand.Reader, testSigners["ecdsa"])
346
345
        if err := tryAuth(t, clientConfig); err == nil {