tfnUdZddlmZddlmZddlmZddlmZm Z ddl m Z ddl m Z mZmZddlmZdd lmZmZdd lmZmZdd lmZdd lmZdd lmZdZeeed<edrddl m!Z!ddl"mZm#Z#m$Z$ddl%m&Z&ddl'm(Z(nGddZ#GddZ$Gdde$j)Z*Gdde$j)Z+Gdde$j)Z,Gdd e#j-Z.eeGd!d"Z/ee Gd#d$Z0ee Gd%d&Z1ee Gd'd(Z2Gd)d*ej3Z4Gd+d,ej3Z5Gd-d.ej3Z6Gd/d0ej3Z7dS)1zT Tests for the implementation of the ssh-userauth service. Maintainer: Paul Swartz ) ModuleType)Optional) implementer) ConchErrorValidPublicKey)ICredentialsChecker) IAnonymousISSHPrivateKeyIUsernamePassword)UnauthorizedLogin)IRealmPortal)defertask)loopback) requireModule)unittestNkeys cryptography)SSHProtocolChecker)r transportuserauth)NS)keydatac(eZdZGddZdS)rceZdZdZdS)transport.SSHTransportBaseQ A stub class so that later class definitions won't die. N__name__ __module__ __qualname____doc___/var/www/surfInsights/venv3-11/lib/python3.11/site-packages/twisted/conch/test/test_userauth.pySSHTransportBaser"    r%r'N)r r!r"r'r$r%r&rr!<          r%rc(eZdZGddZdS)rceZdZdZdS)userauth.SSHUserAuthClientrNrr$r%r&SSHUserAuthClientr,(r(r%r-N)r r!r"r-r$r%r&rr'r)r%rc,eZdZdZdZdZddZdZdS)ClientUserAuthz" A mock user auth client. c|jr)tjtjSt jtjtjS)z If this is the first time we've been called, return a blob for the DSA key. Otherwise, return a blob for the RSA key. ) lastPublicKeyrKey fromStringrpublicRSA_opensshrsucceedpublicDSA_opensshselfs r& getPublicKeyzClientUserAuth.getPublicKey3sL   Q8&&w'@AA A=!4!4W5N!O!OPP Pr%cxtjtjt jS)z@ Return the private key object for the RSA key. )rr5rr2r3rprivateRSA_opensshr7s r& getPrivateKeyzClientUserAuth.getPrivateKey>s'}TX001KLLMMMr%Nc*tjdS)z/ Return 'foo' as the password. foorr5)r8prompts r& getPasswordzClientUserAuth.getPasswordDs}V$$$r%c*tjdS)z> Return 'foo' as the answer to two questions. )foorCr?)r8name informationanswerss r&getGenericAnswersz ClientUserAuth.getGenericAnswersJs}^,,,r%N)r r!r"r#r9r<rArGr$r%r&r/r/.se Q Q QNNN %%%% -----r%r/ceZdZdZdZdZdS) OldClientAuthz~ The old SSHUserAuthClient returned a cryptography key object from getPrivateKey() and a string from getPublicKey ctjtjt jjSrH)rr5rr2r3rr; keyObjectr7s r&r<zOldClientAuth.getPrivateKeyWs(}TX001KLLVWWWr%cxtjtjSrH)rr2r3rr4blobr7s r&r9zOldClientAuth.getPublicKeyZs'x""7#<==BBDDDr%Nr r!r"r#r<r9r$r%r&rJrJQsD XXXEEEEEr%rJceZdZdZdZdZdS)ClientAuthWithoutPrivateKeyzP This client doesn't have a private key, but it does have a public key. cdSrHr$r7s r&r<z)ClientAuthWithoutPrivateKey.getPrivateKeycsr%cTtjtjSrH)rr2r3rr4r7s r&r9z(ClientAuthWithoutPrivateKey.getPublicKeyfsx""7#<===r%NrOr$r%r&rQrQ^s<>>>>>r%rQc^eZdZdZGddZGddZdZdZdZd Z d S) FakeTransporta_ L{userauth.SSHUserAuthServer} expects an SSH transport which has a factory attribute which has a portal attribute. Because the portal is important for testing authentication, we need to be able to provide an interesting portal object to the L{SSHUserAuthServer}. In addition, we want to be able to capture any packets sent over the transport. @ivar packets: a list of 2-tuples: (messageType, data). Each 2-tuple is a sent packet. @type packets: C{list} @param lostConnecion: True if loseConnection has been called on us. @type lostConnection: L{bool} ceZdZdZdZdZdS)FakeTransport.ServicezW A mock service, representing the other service offered by the server. nancycdSrHr$r7s r&serviceStartedz$FakeTransport.Service.serviceStarteds Dr%N)r r!r"r#rDrZr$r%r&ServicerW{s4       r%r[ceZdZdZdZdS)FakeTransport.Factoryzg A mock factory, representing the factory that spawned this user auth service. c*|dkr tjSdS)z2 Return our fake service. noneN)rUr[)r8rservices r& getServicez FakeTransport.Factory.getServices '!!$,,"!r%N)r r!r"r#rar$r%r&Factoryr]s-   - - - - -r%rbcz||_||j_d|_||_g|_dSNF)rbfactoryportallostConnectionrpackets)r8rfs r&__init__zFakeTransport.__init__s5||~~ $ # r%c>|j||fdS)z8 Record the packet sent by the service. N)rhappend)r8 messageTypemessages r& sendPacketzFakeTransport.sendPackets% ['233333r%cdS)z Pretend that this transport encrypts traffic in both directions. The SSHUserAuthServer disables password authentication if the transport isn't encrypted. Tr$)r8 directions r& isEncryptedzFakeTransport.isEncrypteds tr%cd|_dSNT)rgr7s r&loseConnectionzFakeTransport.loseConnections"r%N) r r!r"r#r[rbrirnrqrtr$r%r&rUrUjs  - - - - - - - -444 #####r%rUceZdZdZdZdS)Realmz A mock realm for testing L{userauth.SSHUserAuthServer}. This realm is not actually used in the course of testing, so it returns the simplest thing that could possibly work. c>tj|dddfS)NrcdSrHr$r$r%r&z%Realm.requestAvatar..s4r%r?)r8avatarIdmind interfacess r& requestAvatarzRealm.requestAvatars}jmT<<@AAAr%N)r r!r"r#r}r$r%r&rvrvs2BBBBBr%rvceZdZdZefZdZdS)PasswordCheckerz A very simple username/password checker which authenticates anyone whose password matches their username and rejects all others. c|j|jkrtj|jStjt dS)NzInvalid username/password pair)usernamepasswordrr5failr )r8credss r&requestAvatarIdzPasswordChecker.requestAvatarIds= >U^ + +=00 0z+,LMMNNNr%N)r r!r"r#r credentialInterfacesrr$r%r&rrs= ./OOOOOr%rceZdZdZefZdZdS)PrivateKeyCheckerz A very simple public key checker which authenticates anyone whose public/private keypair is the same keydata.public/privateRSA_openssh. ch|jtjtjkra|jLtj|j}||j|jr|j SnttrH) rNrr2r3rr4 signatureverifysigDatarrr )r8robjs r&rz!PrivateKeyChecker.requestAvatarIds :,,W-FGGLLNN N N*h))%*55::eou}==* >)*%&&&!!!r%N)r r!r"r#r rrr$r%r&rrs8 +,"""""r%rceZdZdZefZdZdS)AnonymousCheckerzI A simple checker which isn't supported by L{SSHUserAuthServer}. cdSrHr$)r8 credentialss r&rz AnonymousChecker.requestAvatarIds r%N)r r!r"r#r rrr$r%r&rrs7'=     r%rceZdZdZedZdZdZdZdZ dZ d Z d Z d Z d Zd ZdZdZdZdZdZdZdZdZdZdZdS)SSHUserAuthServerTestsz& Tests for SSHUserAuthServer. Ncannot run without cryptographyct|_t|j|_|jt |jt tj|_ t|j|j _ |j |j j dSrH)rvrealmrrfregisterCheckerrrrSSHUserAuthServer authServerrUrrZsupportedAuthenticationssortr7s r&setUpzSSHUserAuthServerTests.setUpsWW TZ((  ##O$5$5666 ##$5$7$7888"466$1$+$>$>! &&((( 05577777r%cF|jd|_dSrH)rserviceStoppedr7s r&tearDownzSSHUserAuthServerTests.tearDown! &&(((r%c||jjjdtjt ddzfdS)z; Check that the authentication has failed. spassword,publickeyN) assertEqualrrrhrMSG_USERAUTH_FAILURErr8ignoreds r& _checkFailedz#SSHUserAuthServerTests._checkFailedsO  O % -b 1  *B/D,E,E,O P     r%c|jtdtdztdz}||jS)z A client may request a list of authentication 'method name' values that may continue by using the "none" authentication 'method name'. See RFC 4252 Section 5.2. r>sservicer_)rssh_USERAUTH_REQUESTr addCallbackr)r8ds r&test_noneAuthenticationz.SSHUserAuthServerTests.test_noneAuthenticationsQ O 0 0 vJJJ '"W++ 5  }}T.///r%c dtdtdtddtdg}j|}fd}||S)z When provided with correct password authentication information, the server should respond by sending a MSG_USERAUTH_SUCCESS message with no other data. See RFC 4252, Section 5.1. r%r>r_passwordrcljjjtjdfgdSNr%rrrrhrMSG_USERAUTH_SUCCESSrr8s r&checkzKSSHUserAuthServerTests.test_successfulPasswordAuthentication..check>   )1/56     r%)joinrrrr)r8packetrrs` r&%test_successfulPasswordAuthenticationzr_rrbar) rrrClockrclockrrrrhadvancerrr8rrs r&!test_failedPasswordAuthenticationz8SSHUserAuthServerTests.test_failedPasswordAuthentication's2f::r'{{B{OOUBvJJWXX $  O 0 0 8 8 2:B??? %%a(((}}T.///r%ctjtj}tjtj}tdtdztdzdzt|zt|z}dj j _ | tdttjfz|z}|t|z }j |}fd}||S)zN Test that private key authentication completes successfully, r>r_ publickeytestcljjjtjdfgdSrrrs r&rzMSSHUserAuthServerTests.test_successfulPrivateKeyAuthentication..checkMrr%)rr2r3rr4rNr;rsshTyperr sessionIDsignbytesrMSG_USERAUTH_REQUESTrr)r8rNrrrrrs` r&'test_successfulPrivateKeyAuthenticationz>SSHUserAuthServerTests.test_successfulPrivateKeyAuthentication8s8x""7#<==BBDDh!!'"<== vJJkk     hh   /6!+HH wKK%!> @AA AF J   "Y-- O 0 0 8 8      }}U###r%ctjd}d}fd}||jd|||jd|||jd|t dt dzt d zt d z}|j||tS) z ssh_USERAUTH_REQUEST should raise a ConchError if tryAuth returns None. Added to catch a bug noticed by pyflakes. c0|ddS)Nz&request should have raised ConochError)rrs r&mockCbFinishedAuthzOSSHUserAuthServerTests.test_requestRaisesConchError..mockCbFinishedAuth\s II> ? ? ? ? ?r%cdSrHr$)kinduserdatas r& mockTryAuthzHSSHUserAuthServerTests.test_requestRaisesConchError..mockTryAuth_4r%c<|jdSrH)errbackvalue)reasonrs r& mockEbBadAuthzJSSHUserAuthServerTests.test_requestRaisesConchError..mockEbBadAuthbs IIfl # # # # #r%tryAuth_cbFinishedAuth _ebBadAuthsuserr_s public-keysdata)rDeferredpatchrrr assertFailurer)r8rrrrrs @r&test_requestRaisesConchErrorz3SSHUserAuthServerTests.test_requestRaisesConchErrorUs N   @ @ @    $ $ $ $ $ 4?I{;;; 4?$57IJJJ 4?L-@@@Gr'{{*R ->->>GL ,,V444!!!Z000r%ctjtjt dt dzt dzdzt dzt z}j|}fd}| |S)z@ Test that verifying a valid private key works. r>r_rrssh-rsacjjjtjt dt zfgdS)Nr)rrrrhrMSG_USERAUTH_PK_OKr)rrNr8s r&rz@SSHUserAuthServerTests.test_verifyValidPrivateKey..check~sO   )1-r*~~4/HIJ     r%) rr2r3rr4rNrrrr)r8rrrrNs` @r&test_verifyValidPrivateKeyz1SSHUserAuthServerTests.test_verifyValidPrivateKeyosx""7#<==BBDD vJJkk   nn   hh    O 0 0 8 8       }}U###r%ctjtj}t dt dzt dzdzt dzt |z}|j|}| |j S)d Test that private key authentication fails when the public key is invalid. r>r_rrsssh-dsa rr2r3rr6rNrrrrrr8rNrrs r&3test_failedPrivateKeyAuthenticationWithoutSignaturezJSSHUserAuthServerTests.test_failedPrivateKeyAuthenticationWithoutSignatures x""7#<==BBDD vJJkk   nn   hh    O 0 0 8 8}}T.///r%c>tjtj}tjtj}tdtdztdzdztdzt|zt||z}d|j j _ |j |}| |jS)rr>r_rrrr)rr2r3rr4rNr;rrrrrrrr)r8rNrrrs r&0test_failedPrivateKeyAuthenticationWithSignaturezGSSHUserAuthServerTests.test_failedPrivateKeyAuthenticationWithSignatures x""7#<==BBDDh!!'"<== vJJkk   nn   hh   $   ! /6!+ O 0 0 8 8}}T.///r%ctjtj}t d|ddz}t dt dzt dzdzt dzt |z}|j|}| |j S) z Private key authentication fails when the public key type is unsupported or the public key is corrupt. s ssh-bad-type Nr>r_rrrrrs r&test_unsupported_publickeyz1SSHUserAuthServerTests.test_unsupported_publickeys x""7#<==BBDD/""T"##Y. vJJkk   nn   hh    O 0 0 8 8}}T.///r%cftj}t|j|_|jt |||j | |j ddgdS)ah L{SSHUserAuthServer} sets up C{SSHUserAuthServer.supportedAuthentications} by checking the portal's credentials interfaces and mapping them to SSH authentication method strings. If the Portal advertises an interface that L{SSHUserAuthServer} can't map, it should be ignored. This is a white box test. rrN) rrrUrfrrrrZrrrr)r8servers r& test_ignoreUnknownCredInterfacesz7SSHUserAuthServerTests.test_ignoreUnknownCredInterfacess+--(55 ##$4$6$6777',,... 8; :UVVVVVr%c6|d|jjtj}t |j|_d|j_| | | d|jtj}t |j|_d|j_| | |d|jdS)z Test that the userauth service does not advertise password authentication if the password would be send in cleartext. rcdSrdr$xs r&ryzISSHUserAuthServerTests.test_removePasswordIfUnencrypted..%r%c|dkSNinr$rs r&ryzISSHUserAuthServerTests.test_removePasswordIfUnencrypted.. dr%N) assertInrrrrrUrfrrqrZr assertNotIn)r8clearAuthServerhalfAuthServers r& test_removePasswordIfUnencryptedz7SSHUserAuthServerTests.test_removePasswordIfUnencrypteds k4?#KLLL"466$1$+$>$>!0?!-&&(((&&((( o&NOOO!355#0#=#= /B/B ,%%'''%%''' k>#JKKKKKr%cPt|j}|tt j}t ||_d|j_| | | |j dgt j}t ||_d|j_| | | |j dgdS)z If the L{SSHUserAuthServer} is not advertising passwords, then an unencrypted connection should not cause any warnings or exceptions. This is a white box test. cdSrdr$rs r&ryzSSSHUserAuthServerTests.test_unencryptedConnectionWithoutPasswords..rr%rc|dkSrr$rs r&ryzSSSHUserAuthServerTests.test_unencryptedConnectionWithoutPasswords..rr%N) rrrrrrrUrrqrZrrr)r8rfrrs r&*test_unencryptedConnectionWithoutPasswordszASSHUserAuthServerTests.test_unencryptedConnectionWithoutPasswordss  ##022333#466$1&$9$9!0?!-&&(((&&((( AL>RRR"355#0#8#8 /B/B ,%%'''%%''' AL>RRRRRr%c tj}tj|_t |j|_||j d| | |jj tj dttjfzt!dzt!dzfg||jjdS)z0 Test that the login times out. 鰚syou took too longr%N)rrrrrrUrfrrZrrrrhMSG_DISCONNECTr)DISCONNECT_NO_MORE_AUTH_METHODS_AVAILABLEr assertTruergr8timeoutAuthServers r&test_loginTimeoutz(SSHUserAuthServerTests.test_loginTimeouts%688"&*,,&3DK&@&@#((***'' 555((***   ' /,YPRSST-../gg   )3BCCCCCr%ctj}tj|_t |j|_|| |j d| |jj g| |jjdS)zN Test that stopping the service also stops the login timeout. rN)rrrrrrUrfrrZrrrrh assertFalsergr s r&test_cancelLoginTimeoutz.SSHUserAuthServerTests.test_cancelLoginTimeouts%688"&*,,&3DK&@&@#((***((***'' 555 *4r_rrrrcjjjdtjdt tjfztdztdzfdS)Nrrstoo many bad authsr%)rrrrhr rr rrs r&rz:SSHUserAuthServerTests.test_tooManyAttempts..check1s{   )1"5,YPRSST.//0gg     r%) rrrrrrrangerrr)r8rirrs` r&test_tooManyAttemptsz+SSHUserAuthServerTests.test_tooManyAttempts&s 2f::r'{{B{OOUBvJJWXX $ r - -A44V<r%rr)rrrrrrrrrs r&test_failIfUnknownServicez0SSHUserAuthServerTests.test_failIfUnknownService?so Fbgg%;7%?"V**L $  O 0 0 8 8}}T.///r%cd}jd|jddfd}jddd}|t|S)aZ tryAuth() has two edge cases that are difficult to reach. 1) an authentication method auth_* returns None instead of a Deferred. 2) an authentication type that is defined does not have a matching auth_* method. Both these cases should return a Deferred which fails with a ConchError. cdSrHr$)rs r&mockAuthz>SSHUserAuthServerTests.test_tryAuthEdgeCases..mockAuthUrr%auth_publickey auth_passwordNcrjddd}|tS)Nr)rrrr)rd2r8s r& secondTestz@SSHUserAuthServerTests.test_tryAuthEdgeCases..secondTest[s2((dDAAB%%b*55 5r%r)rrrrrr)r8rr!d1s` r&test_tryAuthEdgeCasesz,SSHUserAuthServerTests.test_tryAuthEdgeCasesIs    4?$4h??? 4?OT::: 6 6 6 6 6_ $ $\4 > >!!"j11==jIIIr%)r r!r"r#rskiprrrrrrrrrrrrrrrrrrrr#r$r%r&rrsj |0888    0 0 0$$$&000"$$$:1114$$$.000"000(000,WWW"LLL*SSS4DDD0 E E E$$$2000JJJJJr%rcteZdZdZedZdZdZdZdZ dZ d Z d Z d Z d Zd ZdZdZdZdZdZdS)SSHUserAuthClientTestsz& Tests for SSHUserAuthClient. Nrctdt|_td|j_d|jj_|jdS)Nr>r)r/rUr[ authClientrrrZr7s r&rzSSHUserAuthClientTests.setUpksX(1F1F1H1HII$1$$7$7!.5!+ &&(((((r%cF|jd|_dSrH)r(rr7s r&rzSSHUserAuthClientTests.tearDownqrr%cN||jjd||jjjd||jjjtjtdtdztdzfgdS)z; Test that client is initialized properly. r>rXr_N) rr(rinstancerDrrhrrrr7s r& test_initz SSHUserAuthClientTests.test_initus -v666 16AAA  O % -+RZZ"X,,-FG-T U V     r%cdgfd}||jj_|jd|d|jjdS)z9 Test that the client succeeds properly. Nc|d<dS)Nrr$)r`r+s r&stubSetServicezDSSHUserAuthClientTests.test_USERAUTH_SUCCESS..stubSetServices!HQKKKr%r%r)r(r setServicessh_USERAUTH_SUCCESSrr+)r8r/r+s @r&test_USERAUTH_SUCCESSz,SSHUserAuthClientTests.test_USERAUTH_SUCCESSso6 " " " " "0>!, ,,S111 !do&>?????r%c |jtddz||jjjdt jtdtdztdzdztdzttj tj  zf|jtddzttj tj }||jjjdt jtdtdztdzdztdz|zf|jtdttj tj zt|jjjt#t jfztdztdztdzdztdz|z}tj tj}||jjjdt jtdtdztdzdztdz|zt||zfd S) zJ Test that the client can authenticate with a public key. rrrr>rXsssh-dssrN)r(ssh_USERAUTH_FAILURErrrrhrrrr2r3rr6rNr4ssh_USERAUTH_PK_OKrrr;r)r8rNrrs r&test_publickeyz%SSHUserAuthClientTests.test_publickeys1 ,,R -=-=-GHHH  O % -b 1-6 X,,\""#Z.. ! TX(()BCCHHJJKK L   ,,R -=-=-GHHH$(%%g&?@@EEGGHH  O % -b 1-vJJll#&&'nn %     ** zNNR 3 3G4M N N S S U UVV V    t(2 3 3X2455 6jj ll       nn    h!!'"<==  O % -b 1-6 X,,\""#Z.. !   SXXg&&'' (  r%ctdt}td|_d|j_||dg|j_|| d| |jjtj tdtdztdzfgdS)z If the SSHUserAuthClient doesn't return anything from signData, the client should start the authentication over again by requesting 'none' authentication. r>Nrrr%rXr_)rQrUr[rrrZrrh assertIsNoner6rrrr)r8r(s r&!test_publickey_without_privatekeyz8SSHUserAuthClientTests.test_publickey_without_privatekeys 19N9N9P9PQQ ,T22 )0 &!!###<(((') $ *77<<===   (+RZZ"X,,-FG-T U V     r%cdj_jd}fd}||S)z{ If there's no public key, auth_publickey should return a Deferred called back with a False value. cdSrHr$rs r&ryz:SSHUserAuthClientTests.test_no_publickey..r%rc2|dSrH)r)resultr8s r&rz7SSHUserAuthClientTests.test_no_publickey..checks   V $ $ $ $ $r%)r(r9rr)r8rrs` r&test_no_publickeyz(SSHUserAuthClientTests.test_no_publickeysS (6~$ O # #L 1 1 % % % % %}}U###r%c|jtddz||jjjdt jtdtdztdzdztdzf|jtdtdz||jjjdt jtdtdztdzdztddzzfd S) zx Test that the client can authentication with a password. This includes changing the password. rrrr>rXr%rrN) r(r5rrrrhrrr6r7s r& test_passwordz$SSHUserAuthClientTests.test_passwords! ,,R __w-FGGG  O % -b 1-6 R\\)B{OO;gE6 R     **2c77RWW+<===  O % -b 1-6 R\\)B{OO;gE6 UVV      r%czd|j_||jddS)zK If getPassword returns None, tryAuth should return False. cdSrHr$r$r%r&ryz9SSHUserAuthClientTests.test_no_password..sdr%rN)r(rArrr7s r&test_no_passwordz'SSHUserAuthClientTests.test_no_passwords:'3l# 00==>>>>>r%cn|jtdtdztdzdztdzdz||jjjdt jdtdztdzfdS) zj Make sure that the client can authenticate with the keyboard interactive method. r%ss Password: rrsr>N)r('ssh_USERAUTH_PK_OK_keyboard_interactiverrrrhrMSG_USERAUTH_INFO_RESPONSEr7s r&test_keyboardInteractivez/SSHUserAuthClientTests.test_keyboardInteractives ?? sGGgg gg " "         O % -b 13#bjj02f::=      r%c2d|j_g|jj_|jd||jjjt jtdtdztdzfgdS)z If C{SSHUserAuthClient} gets a MSG_USERAUTH_PK_OK packet when it's not expecting it, it should fail the current authentication and move on to the next type. sunknownr%r>rXr_N) r(lastAuthrrhr6rrrrr7s r&"test_USERAUTH_PK_OK_unknown_methodz9SSHUserAuthClientTests.test_USERAUTH_PK_OK_unknown_methods $. ,.!) **3///  O % -+RZZ"X,,-FG-T U V     r%c@fd}fd}|j_|j_jt ddzjjjdtj t dt dzt dzdzt dzfjt d d zjjjd d d dgd S)z ssh_USERAUTH_FAILURE should sort the methods by their position in SSHUserAuthClient.preferredOrder. Methods that are not in preferredOrder should be sorted at the end of that list. cHjjdddS)N here is datar(rrnr7sr&auth_firstmethodzNSSHUserAuthClientTests.test_USERAUTH_FAILURE_sorting..auth_firstmethod2s$ O % 0 0o F F F F Fr%cHjjdddS)N other dataTrQr7sr&auth_anothermethodzPSSHUserAuthClientTests.test_USERAUTH_FAILURE_sorting..auth_anothermethod5s# O % 0 0m D D D4r%sanothermethod,passwordrrr>rXrs"firstmethod,anothermethod,passwordrN)rOrP)rTrU) r(rRrVr5rrrrhrr)r8rRrVs` r&test_USERAUTH_FAILURE_sortingz4SSHUserAuthClientTests.test_USERAUTH_FAILURE_sorting+sF G G G G G     ,<(-?* ,,R0I-J-JW-TUUU  O % -b 1-6 R\\)B{OO;gE6 R     ,, 4 5 5 ?     O % -bcc 2 #%9 :     r%cB|jtddz|jtddz||jjjdtjdtdzdzfdS) z If there are no more available user authentication messages, the SSHUserAuthClient should disconnect with code DISCONNECT_NO_MORE_AUTH_METHODS_AVAILABLE. rrrrss(no more authentication methods availablesN)r(r5rrrrhr r7s r&%test_disconnectIfNoMoreAuthenticationzrXr_)r(rrh_ebAuthrrrrr7s r& test_ebAuthz"SSHUserAuthClientTests.test_ebAuthas~ -/!) %%%  O % -+RZZ"X,,-FG-T U V     r%cTtjdtfd}fdd}|j |S)z getPublicKey() should return None. getPrivateKey() should return a failed Deferred. getPassword() should return a failed Deferred. getGenericAnswers() should return a failed Deferred. r>c|t}|jSrH)trapNotImplementedErrorrArr addErrback)r?rr(check2r8s r&rz3SSHUserAuthClientTests.test_defaults..checkvsI KK+ , , ,&&((A==++66v>> >r%c|tddd}|jSrH)r`rarGrrrb)r?rr(check3r8s r&rcz4SSHUserAuthClientTests.test_defaults..check2{sO KK+ , , ,,,T4>>A==++66v>> >r%c:|tdSrH)r`ra)r?s r&rez4SSHUserAuthClientTests.test_defaults..check3s KK+ , , , , ,r%) rr-rUr[r9r9r<rrrb)r8rrr(rcres` @@@r& test_defaultsz$SSHUserAuthClientTests.test_defaultsms / 8M8M8O8OPP  *1133444 ? ? ? ? ? ? ?  ? ? ? ? ? ? ?  - - -  $ $ & &}}TY''225999r%)r r!r"r#rr$rrr,r2r7r:r@rBrErIrLrXrZr]rgr$r%r&r&r&cs |0)))      @ @ @< < < |   & $ $ $   ,???   *    " " " H   $    :::::r%r&c6eZdZedZGddZdZdS) LoopbackTestsNrc.eZdZGddZdZdS)LoopbackTests.FactoryceZdZdZdZdZdS)LoopbackTests.Factory.Service TestServicec8|jdSrH)rrtr7s r&rZz,LoopbackTests.Factory.Service.serviceStarteds--/////r%cdSrHr$r7s r&rz,LoopbackTests.Factory.Service.serviceStoppedsr%N)r r!r"rDrZrr$r%r&r[rms7!D 0 0 0     r%r[c|jSrH)r[)r8avatarrDs r&raz LoopbackTests.Factory.getServices < r%N)r r!r"r[rar$r%r&rbrksK             r%rbctjtdj}t j_j_dj_t j|_||j_dxj_ |j_ dxj_ |j_ j_ d_ t}t|}tt#t%fd_||jj _t+jj|j}djj_d|jj_|fd }||S) zW Test that the userauth server and client play nicely with each other. r>cdSrsr$rs r&ryz-LoopbackTests.test_loopback..r=r%r%cdSrHr$r$r%r&ryz-LoopbackTests.test_loopback..sdr%rc@tj|dkS)Nr)lensuccessfulCredentials)aIdcheckers r&ryz-LoopbackTests.test_loopback..ss7+H+M'N'NRS'Sr%cdS)N_ServerLoopbackr$r$r%r&ryz-LoopbackTests.test_loopback..7Hr%cdS)N_ClientLoopbackr$r$r%r&ryz-LoopbackTests.test_loopback..r}r%cRjjjddS)Nrn)rrr`rD)rr8rs r&rz*LoopbackTests.test_loopback..checks(   V-5:N K K K K Kr%)rrr/rbr[rr'r`rqr sendKexInitre passwordDelayrvrrrrrareDonerfr loopbackAsync logPrefixrZr)r8clientrrfrrrzrs` @@r& test_loopbackzLoopbackTests.test_loopbacks+-- (<(<(>(>??%577#) '5~$$577#) BEE"V%5%?FRlR$v'7'C$(<<>>  $&& 1 1222 1 3 3444TTTTw'''*0 '  "6#3V5E F F/H/H",/H/H", L L L L L L}}U###r%)r r!r"rr$rbrr$r%r&ririsU |0         '$'$'$'$'$r%riceZdZedZdZdS)ModuleInitializationTestsNrc|tjjdd|tjjdddS)N<r)rrrprotocolMessagesr-r7s r& test_messagesz'ModuleInitializationTests.test_messagessb   & 7 ;=Q      & 7 ;=Q     r%)r r!r"rr$rr$r%r&rrs- |0     r%r)8r#typesrtypingrzope.interfacertwisted.conch.errorrrtwisted.cred.checkersrtwisted.cred.credentialsr r r twisted.cred.errorr twisted.cred.portalr rtwisted.internetrrtwisted.protocolsrtwisted.python.reflectr twisted.trialrr__annotations__twisted.conch.checkersrtwisted.conch.sshrrtwisted.conch.ssh.commonrtwisted.conch.testrr-r/rJrQr'rUrvrrrTestCaserr&rirr$r%r&rs &&&&&&::::::::555555RRRRRRRRRR000000........((((((((&&&&&&000000""""""!hz!!!=  999999;;;;;;;;;;++++++*******  - - - - -X/ - - -F E E E E EH. E E E > > > > >("< > > >>#>#>#>#>#I.>#>#>#B V B B B B B B B B  !! O O O O O O O"! O  !!""""""""!"&  !!        "!  xJxJxJxJxJX.xJxJxJv a:a:a:a:a:X.a:a:a:H 8$8$8$8$8$H%8$8$8$v       1      r%