HEX
Server: Apache
System: Linux scp1.abinfocom.com 5.4.0-216-generic #236-Ubuntu SMP Fri Apr 11 19:53:21 UTC 2025 x86_64
User: confeduphaar (1010)
PHP: 8.1.33
Disabled: exec,passthru,shell_exec,system
$ pwd: /lib/python3/dist-packages/twisted/conch/test/__pycache__/
Upload Files
File: //lib/python3/dist-packages/twisted/conch/test/__pycache__/test_userauth.cpython-38.pyc
U


W[\�@sdZddlmZmZddlmZddlmZddlm	Z	m
Z
ddlmZddlm
Z
ddlmZmZdd	lmZmZdd
lmZmZddlmZddlmZdd
lmZddlmZed�r�ed�r�ddl m!Z!ddl"m#Z#ddl$m%Z%m&Z&m'Z'ddl(m)Z)n dZ%Gdd�d�Z'Gdd�d�Z&Gdd�de&j*�Z+Gdd�de&j*�Z,Gdd�de&j*�Z-Gd d!�d!e'j.�Z/ee�Gd"d#�d#e0��Z1ee�Gd$d%�d%e0��Z2ee�Gd&d'�d'e0��Z3ee�Gd(d)�d)e0��Z4Gd*d+�d+ej5�Z6Gd,d-�d-ej5�Z7Gd.d/�d/ej5�Z8Gd0d1�d1ej5�Z9dS)2zT
Tests for the implementation of the ssh-userauth service.

Maintainer: Paul Swartz
�)�absolute_import�division)�implementer)�ICredentialsChecker)�IUsernamePassword�ISSHPrivateKey)�
IAnonymous)�UnauthorizedLogin)�IRealm�Portal)�
ConchError�ValidPublicKey)�defer�task)�loopback)�
requireModule)�unittest)�	_bytesChrZcryptographyZpyasn1)�NS)�SSHProtocolChecker)�keys�userauth�	transport)�keydataNc@seZdZGdd�d�ZdS)rc@seZdZdZdS)ztransport.SSHTransportBase�Q
            A stub class so that later class definitions won't die.
            N��__name__�
__module__�__qualname__�__doc__�r r �B/usr/lib/python3/dist-packages/twisted/conch/test/test_userauth.py�SSHTransportBase$sr"N)rrrr"r r r r!r#src@seZdZGdd�d�ZdS)rc@seZdZdZdS)zuserauth.SSHUserAuthClientrNrr r r r!�SSHUserAuthClient*sr#N)rrrr#r r r r!r)src@s2eZdZdZdd�Zdd�Zddd�Zd	d
�ZdS)�ClientUserAuthz"
    A mock user auth client.
    cCs,|jrtj�tj�St�tj�tj��SdS)z�
        If this is the first time we've been called, return a blob for
        the DSA key.  Otherwise, return a blob
        for the RSA key.
        N)	Z
lastPublicKeyr�Key�
fromStringr�publicRSA_opensshr�succeed�publicDSA_openssh��selfr r r!�getPublicKey6s
�zClientUserAuth.getPublicKeycCst�tj�tj��S)z@
        Return the private key object for the RSA key.
        )rr(rr%r&r�privateRSA_opensshr*r r r!�
getPrivateKeyCszClientUserAuth.getPrivateKeyNcCs
t�d�S)z/
        Return 'foo' as the password.
        �foo�rr()r+�promptr r r!�getPasswordJszClientUserAuth.getPasswordcCs
t�d�S)z>
        Return 'foo' as the answer to two questions.
        )�foor3r0)r+�nameZinformationZanswersr r r!�getGenericAnswersQsz ClientUserAuth.getGenericAnswers)N)rrrrr,r.r2r5r r r r!r$1s


r$c@s eZdZdZdd�Zdd�ZdS)�
OldClientAuthz~
    The old SSHUserAuthClient returned a cryptography key object from
    getPrivateKey() and a string from getPublicKey
    cCst�tj�tj�j�S�N)rr(rr%r&rr-Z	keyObjectr*r r r!r._s
�zOldClientAuth.getPrivateKeycCstj�tj���Sr7)rr%r&rr'�blobr*r r r!r,dszOldClientAuth.getPublicKeyN�rrrrr.r,r r r r!r6Ysr6c@s eZdZdZdd�Zdd�ZdS)�ClientAuthWithoutPrivateKeyzP
    This client doesn't have a private key, but it does have a public key.
    cCsdSr7r r*r r r!r.nsz)ClientAuthWithoutPrivateKey.getPrivateKeycCstj�tj�Sr7)rr%r&rr'r*r r r!r,rsz(ClientAuthWithoutPrivateKey.getPublicKeyNr9r r r r!r:isr:c@sPeZdZdZGdd�de�ZGdd�de�Zdd�Zdd	�Zd
d�Z	dd
�Z
dS)�
FakeTransporta_
    L{userauth.SSHUserAuthServer} expects an SSH transport which has a factory
    attribute which has a portal attribute. Because the portal is important for
    testing authentication, we need to be able to provide an interesting portal
    object to the L{SSHUserAuthServer}.

    In addition, we want to be able to capture any packets sent over the
    transport.

    @ivar packets: a list of 2-tuples: (messageType, data).  Each 2-tuple is
        a sent packet.
    @type packets: C{list}
    @param lostConnecion: True if loseConnection has been called on us.
    @type lostConnection: L{bool}
    c@seZdZdZdZdd�ZdS)zFakeTransport.ServicezW
        A mock service, representing the other service offered by the server.
        �nancycCsdSr7r r*r r r!�serviceStarted�sz$FakeTransport.Service.serviceStartedN)rrrrr4r=r r r r!�Service�sr>c@seZdZdZdd�ZdS)zFakeTransport.Factoryzg
        A mock factory, representing the factory that spawned this user auth
        service.
        cCs|dkrtjSdS)z2
            Return our fake service.
            �noneN)r;r>)r+r�servicer r r!�
getService�sz FakeTransport.Factory.getServiceN)rrrrrAr r r r!�Factory�srBcCs(|��|_||j_d|_||_g|_dS�NF)rB�factory�portal�lostConnectionr�packets)r+rEr r r!�__init__�s

zFakeTransport.__init__cCs|j�||f�dS)z8
        Record the packet sent by the service.
        N)rG�append)r+ZmessageType�messager r r!�
sendPacket�szFakeTransport.sendPacketcCsdS)z�
        Pretend that this transport encrypts traffic in both directions. The
        SSHUserAuthServer disables password authentication if the transport
        isn't encrypted.
        Tr )r+�	directionr r r!�isEncrypted�szFakeTransport.isEncryptedcCs
d|_dS�NT)rFr*r r r!�loseConnection�szFakeTransport.loseConnectionN)rrrr�objectr>rBrHrKrMrOr r r r!r;ws	r;c@seZdZdZdd�ZdS)�Realmz�
    A mock realm for testing L{userauth.SSHUserAuthServer}.

    This realm is not actually used in the course of testing, so it returns the
    simplest thing that could possibly work.
    cGst�|dddd�f�S)NrcSsdSr7r r r r r!�<lambda>��z%Realm.requestAvatar.<locals>.<lambda>r0)r+ZavatarIdZmindZ
interfacesr r r!�
requestAvatar�szRealm.requestAvatarN)rrrrrTr r r r!rQ�srQc@seZdZdZefZdd�ZdS)�PasswordCheckerz�
    A very simple username/password checker which authenticates anyone whose
    password matches their username and rejects all others.
    cCs&|j|jkrt�|j�St�td��S)NzInvalid username/password pair)�usernameZpasswordrr(�failr	)r+�credsr r r!�requestAvatarId�szPasswordChecker.requestAvatarIdN)rrrrr�credentialInterfacesrYr r r r!rU�srUc@seZdZdZefZdd�ZdS)�PrivateKeyCheckerz�
    A very simple public key checker which authenticates anyone whose
    public/private keypair is the same keydata.public/privateRSA_openssh.
    cCsX|jtj�tj���krN|jdk	rHtj�|j�}|�|j|j�rN|j	Snt
��t��dSr7)r8rr%r&rr'�	signatureZverify�sigDatarVr
r	)r+rX�objr r r!rY�s
z!PrivateKeyChecker.requestAvatarIdN)rrrrrrZrYr r r r!r[�sr[c@seZdZdZefZdS)�AnonymousCheckerzI
    A simple checker which isn't supported by L{SSHUserAuthServer}.
    N)rrrrrrZr r r r!r_�sr_c@s�eZdZdZedkrdZdd�Zdd�Zdd	�Zd
d�Z	dd
�Z
dd�Zdd�Zdd�Z
dd�Zdd�Zdd�Zdd�Zdd�Zdd�Zd d!�Zd"d#�Zd$d%�Zd&d'�Zd(d)�Zd*d+�ZdS),�SSHUserAuthServerTestsz&
    Tests for SSHUserAuthServer.
    N�cannot run without cryptographycCsbt�|_t|j�|_|j�t��|j�t��t��|_	t
|j�|j	_|j	��|j	j
��dSr7)rQ�realmrrE�registerCheckerrUr[r�SSHUserAuthServer�
authServerr;rr=�supportedAuthentications�sortr*r r r!�setUps

zSSHUserAuthServerTests.setUpcCs|j��d|_dSr7)re�serviceStoppedr*r r r!�tearDown
s
zSSHUserAuthServerTests.tearDowncCs(|�|jjjdtjtd�df�dS)z;
        Check that the authentication has failed.
        ���spassword,publickey�N)�assertEqualrerrGrZMSG_USERAUTH_FAILUREr�r+�ignoredr r r!�_checkFaileds

��z#SSHUserAuthServerTests._checkFailedcCs,|j�td�td�td��}|�|j�S)z�
        A client may request a list of authentication 'method name' values
        that may continue by using the "none" authentication 'method name'.

        See RFC 4252 Section 5.2.
        r/sservicer?)re�ssh_USERAUTH_REQUESTr�addCallbackrp)r+�dr r r!�test_noneAuthentications�z.SSHUserAuthServerTests.test_noneAuthenticationcsJd�td�td�td�td�td�g�}�j�|�}�fdd�}|�|�S)z�
        When provided with correct password authentication information, the
        server should respond by sending a MSG_USERAUTH_SUCCESS message with
        no other data.

        See RFC 4252, Section 5.1.
        rSr/r?�passwordrcs���jjjtjdfg�dS�NrS�rmrerrGrZMSG_USERAUTH_SUCCESS�ror*r r!�check2s
�zKSSHUserAuthServerTests.test_successfulPasswordAuthentication.<locals>.check)�joinr�chrrerqrr�r+�packetrsryr r*r!�%test_successfulPasswordAuthentication's�z<SSHUserAuthServerTests.test_successfulPasswordAuthenticationcCsld�td�td�td�td�td�g�}t��|j_|j�|�}|�|jj	j
g�|jj�d�|�|j
�S)a;
        When provided with invalid authentication details, the server should
        respond by sending a MSG_USERAUTH_FAILURE message which states whether
        the authentication was partially successful, and provides other, open
        options for authentication.

        See RFC 4252, Section 5.1.
        rSr/r?rur�bar�)rzrr{r�Clockre�clockrqrmrrG�advancerrrp�r+r}rsr r r!�!test_failedPasswordAuthentication9s
�z8SSHUserAuthServerTests.test_failedPasswordAuthenticationcs�tj�tj���}tj�tj�}td�td�td�dt|���t|�}d�j	j
_|�td�t
tj�|�}|t|�7}�j	�|�}�fdd�}|�|�S)zN
        Test that private key authentication completes successfully,
        r/r?�	publickey���testcs���jjjtjdfg�dSrvrwrxr*r r!ryYs
�zMSSHUserAuthServerTests.test_successfulPrivateKeyAuthentication.<locals>.check)rr%r&rr'r8r-rZsshTyperer�	sessionID�signr{r�MSG_USERAUTH_REQUESTrqrr)r+r8r^r}r\rsryr r*r!�'test_successfulPrivateKeyAuthenticationLs
��
�z>SSHUserAuthServerTests.test_successfulPrivateKeyAuthenticationcs�t���dd�}dd�}�fdd�}|�|jd|�|�|jd|�|�|jd	|�td
�td�td�td
�}|j�|�|��t�S)z�
        ssh_USERAUTH_REQUEST should raise a ConchError if tryAuth returns
        None. Added to catch a bug noticed by pyflakes.
        cSs|�d�dS)Nz&request should have raised ConochError)rWrnr r r!�mockCbFinishedAuthfszOSSHUserAuthServerTests.test_requestRaisesConchError.<locals>.mockCbFinishedAuthcSsdSr7r )Zkind�user�datar r r!�mockTryAuthiszHSSHUserAuthServerTests.test_requestRaisesConchError.<locals>.mockTryAuthcs��|j�dSr7)Zerrback�value)�reason�rsr r!�
mockEbBadAuthlszJSSHUserAuthServerTests.test_requestRaisesConchError.<locals>.mockEbBadAuth�tryAuthZ_cbFinishedAuthZ
_ebBadAuthsuserr?s
public-keysdata)rZDeferred�patchrerrq�
assertFailurer)r+r�r�r�r}r r�r!�test_requestRaisesConchError_s z3SSHUserAuthServerTests.test_requestRaisesConchErrorcsbtj�tj����td�td�td�dtd�t��}�j�|�}��fdd�}|�	|�S)z@
        Test that verifying a valid private key works.
        r/r?r�rl�ssh-rsacs*���jjjtjtd�t��fg�dS)Nr�)rmrerrGr�MSG_USERAUTH_PK_OKrrx�r8r+r r!ry�s�z@SSHUserAuthServerTests.test_verifyValidPrivateKey.<locals>.check)
rr%r&rr'r8rrerqrrr|r r�r!�test_verifyValidPrivateKeyzs��z1SSHUserAuthServerTests.test_verifyValidPrivateKeycCsVtj�tj���}td�td�td�dtd�t|�}|j�|�}|�	|j
�S)�d
        Test that private key authentication fails when the public key
        is invalid.
        r/r?r�rlsssh-dsa�rr%r&rr)r8rrerqrrrp�r+r8r}rsr r r!�3test_failedPrivateKeyAuthenticationWithoutSignature�s��zJSSHUserAuthServerTests.test_failedPrivateKeyAuthenticationWithoutSignaturecCs|tj�tj���}tj�tj�}td�td�td�dtd�t|�t|�|��}d|j	j
_|j	�|�}|�
|j�S)r�r/r?r�r�r�r�)rr%r&rr'r8r-rr�rerr�rqrrrp)r+r8r^r}rsr r r!�0test_failedPrivateKeyAuthenticationWithSignature�s���
zGSSHUserAuthServerTests.test_failedPrivateKeyAuthenticationWithSignaturecCsjtj�tj���}td�|dd�}td�td�td�dtd�t|�}|j�|�}|�	|j
�S)	z�
        Private key authentication fails when the public key type is
        unsupported or the public key is corrupt.
        sssh-bad-type�Nr/r?r�rlr�r�r�r r r!�test_unsupported_publickey�s��z1SSHUserAuthServerTests.test_unsupported_publickeycCsRt��}t|j�|_|j�t��|��|��|j	�
�|�|j	ddg�dS)ah
        L{SSHUserAuthServer} sets up
        C{SSHUserAuthServer.supportedAuthentications} by checking the portal's
        credentials interfaces and mapping them to SSH authentication method
        strings.  If the Portal advertises an interface that
        L{SSHUserAuthServer} can't map, it should be ignored.  This is a white
        box test.
        rur�N)rrdr;rErrcr_r=rirfrgrm�r+�serverr r r!� test_ignoreUnknownCredInterfaces�s	
�z7SSHUserAuthServerTests.test_ignoreUnknownCredInterfacescCs�|�d|jj�t��}t|j�|_dd�|j_|�	�|�
�|�d|j�t��}t|j�|_dd�|j_|�	�|�
�|�d|j�dS)z�
        Test that the userauth service does not advertise password
        authentication if the password would be send in cleartext.
        rucSsdSrCr ��xr r r!rR�rSzISSHUserAuthServerTests.test_removePasswordIfUnencrypted.<locals>.<lambda>cSs|dkS�N�inr r�r r r!rR�rSN)ZassertInrerfrrdr;rErrMr=riZassertNotIn)r+�clearAuthServer�halfAuthServerr r r!� test_removePasswordIfUnencrypted�sz7SSHUserAuthServerTests.test_removePasswordIfUnencryptedcCs�t|j�}|�t��t��}t|�|_dd�|j_|�	�|�
�|�|jdg�t��}t|�|_dd�|j_|�	�|�
�|�|jdg�dS)z�
        If the L{SSHUserAuthServer} is not advertising passwords, then an
        unencrypted connection should not cause any warnings or exceptions.
        This is a white box test.
        cSsdSrCr r�r r r!rR�rSzSSSHUserAuthServerTests.test_unencryptedConnectionWithoutPasswords.<locals>.<lambda>r�cSs|dkSr�r r�r r r!rR�rSN)
rrbrcr[rrdr;rrMr=rirmrf)r+rEr�r�r r r!�*test_unencryptedConnectionWithoutPasswords�s$

�
�zASSHUserAuthServerTests.test_unencryptedConnectionWithoutPasswordscCs~t��}t��|_t|j�|_|��|j�	d�|�
�|�|jjtj
dttj�td�td�fg�|�|jj�dS)z0
        Test that the login times out.
        鰚�syou took too longrSN)rrdrr�r�r;rErr=r�rirmrG�MSG_DISCONNECTr{�)DISCONNECT_NO_MORE_AUTH_METHODS_AVAILABLErZ
assertTruerF�r+ZtimeoutAuthServerr r r!�test_loginTimeout�s$

�����z(SSHUserAuthServerTests.test_loginTimeoutcCs\t��}t��|_t|j�|_|��|�	�|j�
d�|�|jjg�|�
|jj�dS)zN
        Test that stopping the service also stops the login timeout.
        r�N)rrdrr�r�r;rErr=rir�rmrG�assertFalserFr�r r r!�test_cancelLoginTimeouts
z.SSHUserAuthServerTests.test_cancelLoginTimeoutcsrd�td�td�td�td�td�g�}t���j_td�D]}�j�|�}�jj�	d�q<�fd	d
�}|�
|�S)zm
        Test that the server disconnects if the client fails authentication
        too many times.
        rSr/r?rurr�r�cs:���jjjdtjdttj�td�td�f�dS)Nrkr�stoo many bad authsrS)rmrerrGr�r{r�rrxr*r r!ry$s�����z:SSHUserAuthServerTests.test_tooManyAttempts.<locals>.check)rzrr{rr�rer��rangerqr�rr)r+r}�irsryr r*r!�test_tooManyAttemptss�z+SSHUserAuthServerTests.test_tooManyAttemptscCsLtd�td�td�td�td�}t��|j_|j�|�}|�|j�S)zo
        If the user requests a service that we don't support, the
        authentication should fail.
        r/rSrur)	rr{rr�rer�rqrrrpr�r r r!�test_failIfUnknownService-s(z0SSHUserAuthServerTests.test_failIfUnknownServicecsVdd�}���jd|����jdd��fdd�}�j�ddd�}��|t��|�S)	aZ
        tryAuth() has two edge cases that are difficult to reach.

        1) an authentication method auth_* returns None instead of a Deferred.
        2) an authentication type that is defined does not have a matching
           auth_* method.

        Both these cases should return a Deferred which fails with a
        ConchError.
        cSsdSr7r )r}r r r!�mockAuthCsz>SSHUserAuthServerTests.test_tryAuthEdgeCases.<locals>.mockAuthZauth_publickeyZ
auth_passwordNcs�j�ddd�}��|t�S)Nru)rer�r�r)roZd2r*r r!�
secondTestIsz@SSHUserAuthServerTests.test_tryAuthEdgeCases.<locals>.secondTestr�)r�rer�r�rrr)r+r�r�Zd1r r*r!�test_tryAuthEdgeCases8sz,SSHUserAuthServerTests.test_tryAuthEdgeCases)rrrrr�skiprhrjrprtr~r�r�r�r�r�r�r�r�r�r�r�r�r�r�r�r r r r!r`�s.	r`c@s�eZdZdZedkrdZdd�Zdd�Zdd	�Zd
d�Z	dd
�Z
dd�Zdd�Zdd�Z
dd�Zdd�Zdd�Zdd�Zdd�Zdd�Zd d!�ZdS)"�SSHUserAuthClientTestsz&
    Tests for SSHUserAuthClient.
    NracCs4tdt���|_td�|j_d|jj_|j��dS)Nr/r�)r$r;r>�
authClientrr�r=r*r r r!rh[s
zSSHUserAuthClientTests.setUpcCs|j��d|_dSr7)r�rir*r r r!rjbs
zSSHUserAuthClientTests.tearDowncCsT|�|jjd�|�|jjjd�|�|jjjtjt	d�t	d�t	d�fg�dS)z;
        Test that client is initialized properly.
        r/r<r?N)
rmr�r��instancer4rrGrr�rr*r r r!�	test_initgs��z SSHUserAuthClientTests.test_initcs@dg��fdd�}||jj_|j�d�|��d|jj�dS)z9
        Test that the client succeeds properly.
        Ncs|�d<dS)Nrr )r@�r�r r!�stubSetServicewszDSSHUserAuthClientTests.test_USERAUTH_SUCCESS.<locals>.stubSetServicerSr)r�rZ
setServiceZssh_USERAUTH_SUCCESSrmr�)r+r�r r�r!�test_USERAUTH_SUCCESSrs

z,SSHUserAuthClientTests.test_USERAUTH_SUCCESSc	Cs�|j�td�d�|�|jjjdtjtd�td�td�dtd�ttj	�
tj��
��f�|j�td�d�ttj	�
tj��
��}|�|jjjdtjtd�td�td�dtd�|f�|j�td�ttj	�
tj��
���t|jjj�ttj�td�td�td�dtd�|}tj	�
tj�}|�|jjjdtjtd�td�td�dtd�|t|�|��f�d	S)
zJ
        Test that the client can authenticate with a public key.
        r�rlrkr/r<sssh-dssr��N)r��ssh_USERAUTH_FAILURErrmrrGrr�rr%r&rr)r8r'�ssh_USERAUTH_PK_OKr�r{r-r�)r+r8r]r^r r r!�test_publickey~sv�������������������������z%SSHUserAuthClientTests.test_publickeycCsztdt���}td�|_d|j_|��|�d�g|j_|�|�	d��|�
|jjtjt
d�t
d�t
d�fg�dS)z�
        If the SSHUserAuthClient doesn't return anything from signData,
        the client should start the authentication over again by requesting
        'none' authentication.
        r/Nr�r�rSr<r?)r:r;r>rr�r=r�rG�assertIsNoner�rmrr�r)r+r�r r r!�!test_publickey_without_privatekey�s�


��z8SSHUserAuthClientTests.test_publickey_without_privatekeycs.dd��j_�j�d�}�fdd�}|�|�S)z{
        If there's no public key, auth_publickey should return a Deferred
        called back with a False value.
        cSsdSr7r r�r r r!rR�rSz:SSHUserAuthClientTests.test_no_publickey.<locals>.<lambda>r�cs��|�dSr7)r���resultr*r r!ry�sz7SSHUserAuthClientTests.test_no_publickey.<locals>.check)r�r,r�rr)r+rsryr r*r!�test_no_publickey�sz(SSHUserAuthClientTests.test_no_publickeycCs�|j�td�d�|�|jjjdtjtd�td�td�dtd�f�|j�td�td��|�|jjjdtjtd�td�td�dtd�df�d	S)
zx
        Test that the client can authentication with a password.  This
        includes changing the password.
        rurlrkr/r<rSr�r�N)	r�r�rrmrrGrr�r�r*r r r!�
test_password�s(������
��z$SSHUserAuthClientTests.test_passwordcCs"dd�|j_|�|j�d��dS)zK
        If getPassword returns None, tryAuth should return False.
        cSsdSr7r r r r r!rR�rSz9SSHUserAuthClientTests.test_no_password.<locals>.<lambda>ruN)r�r2r�r�r*r r r!�test_no_password�sz'SSHUserAuthClientTests.test_no_passwordcCs`|j�td�td�td�dtd�d�|�|jjjdtjdtd�td�f�dS)	zj
        Make sure that the client can authenticate with the keyboard
        interactive method.
        rSss
Password: rlrksr/N)r�Z'ssh_USERAUTH_PK_OK_keyboard_interactiverrmrrGrZMSG_USERAUTH_INFO_RESPONSEr*r r r!�test_keyboardInteractive�s�����z/SSHUserAuthClientTests.test_keyboardInteractivecCsPd|j_g|jj_|j�d�|�|jjjtjtd�td�td�fg�dS)z�
        If C{SSHUserAuthClient} gets a MSG_USERAUTH_PK_OK packet when it's not
        expecting it, it should fail the current authentication and move on to
        the next type.
        sunknownrSr/r<r?N)	r�ZlastAuthrrGr�rmrr�rr*r r r!�"test_USERAUTH_PK_OK_unknown_method�s

���z9SSHUserAuthClientTests.test_USERAUTH_PK_OK_unknown_methodcs��fdd�}�fdd�}|�j_|�j_�j�td�d����jjjdtj	td�td	�td
�dtd�f��j�td�d����jjjd
d�ddg�dS)z�
        ssh_USERAUTH_FAILURE should sort the methods by their position
        in SSHUserAuthClient.preferredOrder.  Methods that are not in
        preferredOrder should be sorted at the end of that list.
        cs�jj�dd�dS)N��here is data�r�rrKr r*r r!�auth_firstmethod�szNSSHUserAuthClientTests.test_USERAUTH_FAILURE_sorting.<locals>.auth_firstmethodcs�jj�dd�dS)N��
other dataTr�r r*r r!�auth_anothermethod�szPSSHUserAuthClientTests.test_USERAUTH_FAILURE_sorting.<locals>.auth_anothermethodsanothermethod,passwordrlrkr/r<rus"firstmethod,anothermethod,passwordr����N)r�r�)r�r�)
r�r�r�r�rrmrrGrr�)r+r�r�r r*r!�test_USERAUTH_FAILURE_sorting�s,�����
��z4SSHUserAuthClientTests.test_USERAUTH_FAILURE_sortingcCsT|j�td�d�|j�td�d�|�|jjjdtjdtd�df�dS)	z�
        If there are no more available user authentication messages,
        the SSHUserAuthClient should disconnect with code
        DISCONNECT_NO_MORE_AUTH_METHODS_AVAILABLE.
        rurlr�rkss(no more authentication methods availablesN)r�r�rrmrrGr�r*r r r!�%test_disconnectIfNoMoreAuthentication
s���z<SSHUserAuthClientTests.test_disconnectIfNoMoreAuthenticationcCsHg|jj_|j�d�|�|jjjtjtd�td�td�fg�dS)z�
        _ebAuth (the generic authentication error handler) should send
        a request for the 'none' authentication method.
        Nr/r<r?)r�rrGZ_ebAuthrmrr�rr*r r r!�test_ebAuths
��z"SSHUserAuthClientTests.test_ebAuthcs`t�dt�������������fdd�}���fdd��dd�����}|��j��	|�S)z�
        getPublicKey() should return None.  getPrivateKey() should return a
        failed Deferred.  getPassword() should return a failed Deferred.
        getGenericAnswers() should return a failed Deferred.
        r/cs$|�t����}|��j����Sr7)�trap�NotImplementedErrorr2rrrW�
addErrback�r�rs)r��check2r+r r!ry-s
z3SSHUserAuthClientTests.test_defaults.<locals>.checkcs*|�t���ddd�}|��j����Sr7)r�r�r5rrrWr�r�)r��check3r+r r!r�1s
z4SSHUserAuthClientTests.test_defaults.<locals>.check2cSs|�t�dSr7)r�r�r�r r r!r�5sz4SSHUserAuthClientTests.test_defaults.<locals>.check3)
rr#r;r>r�r,r.rrrWr�)r+ryrsr )r�r�r�r+r!�
test_defaults$s�z$SSHUserAuthClientTests.test_defaults)rrrrrr�rhrjr�r�r�r�r�r�r�r�r�r�r�r�r�r r r r!r�Rs$r�c@s.eZdZedkrdZGdd�d�Zdd�ZdS)�
LoopbackTestsN�)cannot run without cryptography or PyASN1c@s"eZdZGdd�d�Zdd�ZdS)zLoopbackTests.Factoryc@s eZdZdZdd�Zdd�ZdS)zLoopbackTests.Factory.Service�TestServicecCs|j��dSr7)rrOr*r r r!r=Gsz,LoopbackTests.Factory.Service.serviceStartedcCsdSr7r r*r r r!riKsz,LoopbackTests.Factory.Service.serviceStoppedN)rrrr4r=rir r r r!r>Csr>cCs|jSr7)r>)r+Zavatarr4r r r!rAOsz LoopbackTests.Factory.getServiceN)rrrr>rAr r r r!rBBsrBcs t���td�j���}t���_��j_dd��j_t��|_||j_d�j_	|j_	dd��j_
|j_
����j_d�_t
�}t|�}t����t����t���fdd��_|���|�jj_t��j|j�}dd��jj_d	d�|jj_���|����fd
d�}|�|�S)zW
        Test that the userauth server and client play nicely with each other.
        r/cSsdSrNr r�r r r!rR]rSz-LoopbackTests.test_loopback.<locals>.<lambda>rScSsdSr7r r r r r!rRcrSrcst�j|�dkS)Nr�)�lenZsuccessfulCredentials)ZaId)�checkerr r!rRmscSsdS)NZ_ServerLoopbackr r r r r!rRsrScSsdS)NZ_ClientLoopbackr r r r r!rRtrScs���jjjd�dS)Nr�)rmrr@r4rxr�r r!ryysz*LoopbackTests.test_loopback.<locals>.check)rrdr$rBr>rr"r@rMr�ZsendKexInitrDZ
passwordDelayrQrrrcrUr[ZareDonerErZ
loopbackAsyncZ	logPrefixr=rr)r+ZclientrbrErsryr )r�r+r�r!�
test_loopbackSs6

�

zLoopbackTests.test_loopback)rrrrr�rBr�r r r r!r�<sr�c@s eZdZedkrdZdd�ZdS)�ModuleInitializationTestsNr�cCs,|�tjjdd�|�tjjdd�dS)N�<r�)rmrrdZprotocolMessagesr#r*r r r!�
test_messages�s��z'ModuleInitializationTests.test_messages)rrrrr�r�r r r r!r�sr�):rZ
__future__rrZzope.interfacerZtwisted.cred.checkersrZtwisted.cred.credentialsrrrZtwisted.cred.errorr	Ztwisted.cred.portalr
rZtwisted.conch.errorrr
Ztwisted.internetrrZtwisted.protocolsrZtwisted.python.reflectrZ
twisted.trialrZtwisted.python.compatrr{Ztwisted.conch.ssh.commonrZtwisted.conch.checkersrZtwisted.conch.sshrrrZtwisted.conch.testrr#r$r6r:r"r;rPrQrUr[r_ZTestCaser`r�r�r�r r r r!�<module>sP(G
\kC
@ Telegram