-
Notifications
You must be signed in to change notification settings - Fork 0
/
ssh_test.go
98 lines (80 loc) · 2.24 KB
/
ssh_test.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
package ssh_mesh
import (
"context"
"crypto/ecdsa"
"crypto/elliptic"
"crypto/rand"
"crypto/x509"
"encoding/pem"
"log"
"testing"
"golang.org/x/crypto/ssh"
)
func TestE2E(t *testing.T) {
ctx := context.Background()
ca, err := NewNode("testdata/test.mesh.local/ca/sshm.json")
if err != nil {
t.Fatal(err)
}
bob, err := NewNode("testdata/test.mesh.local/bob/sshm.json")
if err != nil {
t.Fatal(err)
}
bob.Address = ":11122"
l, err := bob.Start()
if err != nil {
t.Fatal(err)
}
alice, err := InitMeshNode(ca, "alice", domain)
if err != nil {
t.Fatal(err)
}
acc, err := alice.Client(ctx, "bob.test.mesh.local")
if err != nil {
t.Fatal(err)
}
err = acc.Dial(ctx, l.Addr().String()) // "127.0.0.1:11122")
if err != nil {
t.Fatal(err)
}
log.Println(acc.RemoteKey, bob.SignerHost.PublicKey())
// RoundTripStart from bob...
//asshC.RoundTripStart()
// TODO: extend with custom message handlers, both ends.
//ok, res, err := asshC.SendRequest("test", true, []byte{1})
//log.Println(asshC)
//abs, err := ac.OpenStream("direct-tcpip", ssh.Marshal(
// &forwardTCPIPChannelRequest{}))
//log.Println(abs, err)
}
var domain = "test.mesh.local"
// InitMeshNode provisions an ephemeral mesh node for testing.
// Should do the same as the ssh-keygen script.
func InitMeshNode(ca *SSHMesh, name string, domain string) (*SSHMesh, error) {
// ssh-keygen
nodePrivate, _ := ecdsa.GenerateKey(elliptic.P256(), rand.Reader)
encodedKey, _ := x509.MarshalECPrivateKey(nodePrivate)
privatePEM := pem.EncodeToMemory(&pem.Block{Type: "EC PRIVATE KEY", Bytes: encodedKey})
nodeSSHSigner, _ := ssh.NewSignerFromKey(nodePrivate)
// Sign the 2 certs
_, hch, err := ca.Sign(nodeSSHSigner.PublicKey(), ssh.HostCert,
[]string{name + "." + domain, name, name + "@" + domain})
if err != nil {
return nil, err
}
_, hcc, err := ca.Sign(nodeSSHSigner.PublicKey(), ssh.UserCert,
[]string{name + "@" + domain})
node, err := NewSSHMesh(
&SSHConfig{
Private: string(privatePEM),
CertClient: string(hcc.Marshal()),
CertHost: string(hch.Marshal()),
AuthorizedKeys: string(ca.SignerHost.PublicKey().Marshal()),
//Id: name,
//Domain: domain,
})
if err != nil {
return nil, err
}
return node, nil
}