Ϫf,UdZddlmZddlmZddlmZddlmZm Z ddl m Z ddl m Z mZmZddlmZdd lmZmZdd lmZmZdd lmZdd lmZdd lmZdZeeed<edrddl m!Z!ddl"mZm#Z#m$Z$ddl%m&Z&ddl'm(Z(nGddZ#GddZ$Gdde$jRZ*Gdde$jRZ+Gdde$jRZ,Gdd e#jZZ.eeGd!d"Z/ee Gd#d$Z0ee Gd%d&Z1ee Gd'd(Z2Gd)d*ejfZ4Gd+d,ejfZ5Gd-d.ejfZ6Gd/d0ejfZ7y)1zT Tests for the implementation of the ssh-userauth service. Maintainer: Paul Swartz ) ModuleType)Optional) implementer) ConchErrorValidPublicKey)ICredentialsChecker) IAnonymousISSHPrivateKeyIUsernamePassword)UnauthorizedLogin)IRealmPortal)defertask)loopback) requireModule)unittestNkeys cryptography)SSHProtocolChecker)r transportuserauth)NS)keydatac eZdZGddZy)rceZdZdZy)transport.SSHTransportBaseQ A stub class so that later class definitions won't die. N__name__ __module__ __qualname____doc__B/usr/lib/python3/dist-packages/twisted/conch/test/test_userauth.pySSHTransportBaser" r%r'N)r r!r"r'r$r%r&rr!   r%rc eZdZGddZy)rceZdZdZy)userauth.SSHUserAuthClientrNrr$r%r&SSHUserAuthClientr,(r(r%r-N)r r!r"r-r$r%r&rr'r)r%rc*eZdZdZdZdZddZdZy)ClientUserAuthz" A mock user auth client. c|jr-tjjtj St jtjjtjS)z If this is the first time we've been called, return a blob for the DSA key. Otherwise, return a blob for the RSA key. ) lastPublicKeyrKey fromStringrpublicRSA_opensshrsucceedpublicDSA_opensshselfs r& getPublicKeyzClientUserAuth.getPublicKey3sL   88&&w'@'@A A==!4!4W5N5N!OP Pr%ctjtjj t j S)z@ Return the private key object for the RSA key. )rr5rr2r3rprivateRSA_opensshr7s r& getPrivateKeyzClientUserAuth.getPrivateKey>s(}}TXX001K1KLMMr%Nc,tjdS)z/ Return 'foo' as the password. foorr5)r8prompts r& getPasswordzClientUserAuth.getPasswordDs}}V$$r%c,tjdS)z> Return 'foo' as the answer to two questions. )foorCr?)r8name informationanswerss r&getGenericAnswersz ClientUserAuth.getGenericAnswersJs}}^,,r%N)r r!r"r#r9r<rArGr$r%r&r/r/.s QN % -r%r/ceZdZdZdZdZy) OldClientAuthz~ The old SSHUserAuthClient returned a cryptography key object from getPrivateKey() and a string from getPublicKey ctjtjj t j jSrH)rr5rr2r3rr; keyObjectr7s r&r<zOldClientAuth.getPrivateKeyWs,}}TXX001K1KLVVWWr%cxtjjtjj SrH)rr2r3rr4blobr7s r&r9zOldClientAuth.getPublicKeyZs&xx""7#<#<=BBDDr%Nr r!r"r#r<r9r$r%r&rJrJQs XEr%rJceZdZdZdZdZy)ClientAuthWithoutPrivateKeyzP This client doesn't have a private key, but it does have a public key. cyrHr$r7s r&r<z)ClientAuthWithoutPrivateKey.getPrivateKeycsr%c\tjjtjSrH)rr2r3rr4r7s r&r9z(ClientAuthWithoutPrivateKey.getPublicKeyfsxx""7#<#<==r%NrOr$r%r&rQrQ^s>r%rQcPeZdZdZGddZGddZdZdZdZd Z y ) FakeTransporta_ L{userauth.SSHUserAuthServer} expects an SSH transport which has a factory attribute which has a portal attribute. Because the portal is important for testing authentication, we need to be able to provide an interesting portal object to the L{SSHUserAuthServer}. In addition, we want to be able to capture any packets sent over the transport. @ivar packets: a list of 2-tuples: (messageType, data). Each 2-tuple is a sent packet. @type packets: C{list} @param lostConnecion: True if loseConnection has been called on us. @type lostConnection: L{bool} ceZdZdZdZdZy)FakeTransport.ServicezW A mock service, representing the other service offered by the server. nancycyrHr$r7s r&serviceStartedz$FakeTransport.Service.serviceStarteds r%N)r r!r"r#rDrZr$r%r&ServicerW{s  r%r[ceZdZdZdZy)FakeTransport.Factoryzg A mock factory, representing the factory that spawned this user auth service. c.|dk(rtjSy)z2 Return our fake service. noneN)rUr[)r8rservices r& getServicez FakeTransport.Factory.getServices'!$,,,"r%N)r r!r"r#rar$r%r&Factoryr]s   -r%rbcz|j|_||j_d|_||_g|_yNF)rbfactoryportallostConnectionrpackets)r8rfs r&__init__zFakeTransport.__init__s1||~ $ # r%c>|jj||fy)z8 Record the packet sent by the service. N)rhappend)r8 messageTypemessages r& sendPacketzFakeTransport.sendPackets ['23r%cy)z Pretend that this transport encrypts traffic in both directions. The SSHUserAuthServer disables password authentication if the transport isn't encrypted. Tr$)r8 directions r& isEncryptedzFakeTransport.isEncrypteds r%cd|_yNT)rgr7s r&loseConnectionzFakeTransport.loseConnections "r%N) r r!r"r#r[rbrirnrqrtr$r%r&rUrUjs/  - -4 #r%rUceZdZdZdZy)Realmz A mock realm for testing L{userauth.SSHUserAuthServer}. This realm is not actually used in the course of testing, so it returns the simplest thing that could possibly work. c:tj|dddfS)NrcyrHr$r$r%r&z%Realm.requestAvatar..r%r?)r8avatarIdmind interfacess r& requestAvatarzRealm.requestAvatars}}jmT<@AAr%N)r r!r"r#r~r$r%r&rvrvs Br%rvceZdZdZefZdZy)PasswordCheckerz A very simple username/password checker which authenticates anyone whose password matches their username and rejects all others. c|j|jk(rtj|jStjt dS)NzInvalid username/password pair)usernamepasswordrr5failr )r8credss r&requestAvatarIdzPasswordChecker.requestAvatarIds; >>U^^ +==0 0zz+,LMNNr%N)r r!r"r#r credentialInterfacesrr$r%r&rrs ./Or%rceZdZdZefZdZy)PrivateKeyCheckerz A very simple public key checker which authenticates anyone whose public/private keypair is the same keydata.public/privateRSA_openssh. c|jtjjtj jk(r{|j etjj|j}|j|j |jr |jStttrH) rNrr2r3rr4 signatureverifysigDatarrr )r8robjs r&rz!PrivateKeyChecker.requestAvatarIds ::,,W-F-FGLLN N*hh))%**5::eoou}}= >>) !!%&&!!r%N)r r!r"r#r rrr$r%r&rrs +,"r%rceZdZdZefZdZy)AnonymousCheckerzI A simple checker which isn't supported by L{SSHUserAuthServer}. cyrHr$)r8 credentialss r&rz AnonymousChecker.requestAvatarIds r%N)r r!r"r#r rrr$r%r&rrs'= r%rceZdZdZedZdZdZdZdZ dZ d Z d Z d Z d Zd ZdZdZdZdZdZdZdZdZdZdZy)SSHUserAuthServerTestsz& Tests for SSHUserAuthServer. Ncannot run without cryptographyct|_t|j|_|jj t |jj t tj|_ t|j|j_ |jj|jjjyrH)rvrealmrrfregisterCheckerrrrSSHUserAuthServer authServerrUrrZsupportedAuthenticationssortr7s r&setUpzSSHUserAuthServerTests.setUpsW TZZ(  ##O$56 ##$5$78"446$1$++$>! &&( 00557r%cF|jjd|_yrH)rserviceStoppedr7s r&tearDownzSSHUserAuthServerTests.tearDown &&(r%c|j|jjjdtj t ddzfy)z; Check that the authentication has failed. spassword,publickeyN) assertEqualrrrhrMSG_USERAUTH_FAILURErr8ignoreds r& _checkFailedz#SSHUserAuthServerTests._checkFailedsC  OO % % - -b 1  * *B/D,E,O P r%c|jjtdtdztdz}|j|jS)z A client may request a list of authentication 'method name' values that may continue by using the "none" authentication 'method name'. See RFC 4252 Section 5.2. r>sservicer_)rssh_USERAUTH_REQUESTr addCallbackr)r8ds r&test_noneAuthenticationz.SSHUserAuthServerTests.test_noneAuthenticationsH OO 0 0 vJJ '"W+ 5 }}T..//r%c djtdtdtddtdg}jj|}fd}|j |S)z When provided with correct password authentication information, the server should respond by sending a MSG_USERAUTH_SUCCESS message with no other data. See RFC 4252, Section 5.1. r%r>r_passwordrcjjjjtj dfgyNr%rrrrhrMSG_USERAUTH_SUCCESSrr8s r&checkzKSSHUserAuthServerTests.test_successfulPasswordAuthentication..check5   ))11//56 r%)joinrrrr)r8packetrrs` r&%test_successfulPasswordAuthenticationzr_rrbar) rrrClockrclockrrrrhadvancerrr8rrs r&!test_failedPasswordAuthenticationz8SSHUserAuthServerTests.test_failedPasswordAuthentication's2f:r'{B{OUBvJWX $  OO 0 0 8 22::B? %%a(}}T..//r%ctjjtjj }tjjtj }tdtdztdzdzt|jzt|z}djj_ |jtdttjfz|z}|t|z }jj!|}fd}|j#|S)zN Test that private key authentication completes successfully, r>r_ publickeytestcjjjjtj dfgyrrrs r&rzMSSHUserAuthServerTests.test_successfulPrivateKeyAuthentication..checkMrr%)rr2r3rr4rNr;rsshTyperr sessionIDsignbytesrMSG_USERAUTH_REQUESTrr)r8rNrrrrrs` r&'test_successfulPrivateKeyAuthenticationz>SSHUserAuthServerTests.test_successfulPrivateKeyAuthentication8sxx""7#<#<=BBDhh!!'"<"<= vJk     h   /6!!+HH wK%!>!> @A AF J  "Y- OO 0 0 8  }}U##r%ctjd}d}fd}|j|jd||j|jd||j|jd|t dt dzt d zt d z}|jj ||j tS) z ssh_USERAUTH_REQUEST should raise a ConchError if tryAuth returns None. Added to catch a bug noticed by pyflakes. c&|jdy)Nz&request should have raised ConochError)rrs r&mockCbFinishedAuthzOSSHUserAuthServerTests.test_requestRaisesConchError..mockCbFinishedAuth\s II> ?r%cyrHr$)kinduserdatas r& mockTryAuthzHSSHUserAuthServerTests.test_requestRaisesConchError..mockTryAuth_r%c<j|jyrH)errbackvalue)reasonrs r& mockEbBadAuthzJSSHUserAuthServerTests.test_requestRaisesConchError..mockEbBadAuthbs IIfll #r%tryAuth_cbFinishedAuth _ebBadAuthsuserr_s public-keysdata)rDeferredpatchrrr assertFailurer)r8rrrrrs @r&test_requestRaisesConchErrorz3SSHUserAuthServerTests.test_requestRaisesConchErrorUs NN  @  $ 4??I{; 4??$57IJ 4??L-@Gr'{*R ->>GL ,,V4!!!Z00r%c\tjjtjj t dt dzt dzdzt dzt z}jj|}fd}|j|S)z@ Test that verifying a valid private key works. r>r_rrssh-rsacjjjjtj t dt zfgy)Nr)rrrrhrMSG_USERAUTH_PK_OKr)rrNr8s r&rz@SSHUserAuthServerTests.test_verifyValidPrivateKey..check~sB   ))11--r*~4/HIJ r%) rr2r3rr4rNrrrr)r8rrrrNs` @r&test_verifyValidPrivateKeyz1SSHUserAuthServerTests.test_verifyValidPrivateKeyosxx""7#<#<=BBD vJk   n   h    OO 0 0 8  }}U##r%c`tjjtjj }t dt dzt dzdzt dzt |z}|jj|}|j|jS)d Test that private key authentication fails when the public key is invalid. r>r_rrsssh-dsa rr2r3rr6rNrrrrrr8rNrrs r&3test_failedPrivateKeyAuthenticationWithoutSignaturezJSSHUserAuthServerTests.test_failedPrivateKeyAuthenticationWithoutSignatures xx""7#<#<=BBD vJk   n   h    OO 0 0 8}}T..//r%c&tjjtjj }tjjtj }tdtdztdzdztdzt|zt|j|z}d|jj_ |jj|}|j|jS)rr>r_rrrr)rr2r3rr4rNr;rrrrrrrr)r8rNrrrs r&0test_failedPrivateKeyAuthenticationWithSignaturezGSSHUserAuthServerTests.test_failedPrivateKeyAuthenticationWithSignatures xx""7#<#<=BBDhh!!'"<"<= vJk   n   h   $  ! /6!!+ OO 0 0 8}}T..//r%ctjjtjj }t d|ddz}t dt dzt dzdzt dzt |z}|jj|}|j|jS) z Private key authentication fails when the public key type is unsupported or the public key is corrupt. s ssh-bad-type Nr>r_rrrrrs r&test_unsupported_publickeyz1SSHUserAuthServerTests.test_unsupported_publickeys xx""7#<#<=BBD/"T"#Y. vJk   n   h    OO 0 0 8}}T..//r%cVtj}t|j|_|jj t |j|j|jj|j|jddgy)ah L{SSHUserAuthServer} sets up C{SSHUserAuthServer.supportedAuthentications} by checking the portal's credentials interfaces and mapping them to SSH authentication method strings. If the Portal advertises an interface that L{SSHUserAuthServer} can't map, it should be ignored. This is a white box test. rrN) rrrUrfrrrrZrrrr)r8servers r& test_ignoreUnknownCredInterfacesz7SSHUserAuthServerTests.test_ignoreUnknownCredInterfacess~++-(5 ##$4$67'',,. 88; :UVr%c@|jd|jjtj}t |j |_d|j_|j|j|jd|jtj}t |j |_d|j_|j|j|jd|jy)z Test that the userauth service does not advertise password authentication if the password would be send in cleartext. rcyrdr$xs r&ryzISSHUserAuthServerTests.test_removePasswordIfUnencrypted..rzr%c |dk(SNinr$rs r&ryzISSHUserAuthServerTests.test_removePasswordIfUnencrypted.. dr%N) assertInrrrrrUrfrrqrZr assertNotIn)r8clearAuthServerhalfAuthServers r& test_removePasswordIfUnencryptedz7SSHUserAuthServerTests.test_removePasswordIfUnencrypteds k4??#K#KL"446$1$++$>!0?!!-&&(&&( o&N&NO!335#0#= /B  ,%%'%%' k>#J#JKr%c,t|j}|jtt j }t ||_d|j_|j|j|j|jdgt j }t ||_d|j_|j|j|j|jdgy)z If the L{SSHUserAuthServer} is not advertising passwords, then an unencrypted connection should not cause any warnings or exceptions. This is a white box test. cyrdr$rs r&ryzSSSHUserAuthServerTests.test_unencryptedConnectionWithoutPasswords..rzr%rc |dk(Srr$rs r&ryzSSSHUserAuthServerTests.test_unencryptedConnectionWithoutPasswords..rr%N) rrrrrrrUrrqrZrrr)r8rfrrs r&*test_unencryptedConnectionWithoutPasswordszASSHUserAuthServerTests.test_unencryptedConnectionWithoutPasswordss #023#446$1&$9!0?!!-&&(&&( AAL>R"335#0#8 /B  ,%%'%%' AAL>Rr%c&tj}tj|_t |j |_|j|jjd|j|j|jjtjdttjfzt!dzt!dzfg|j#|jj$y)z0 Test that the login times out. 鰚syou took too longr%N)rrrrrrUrfrrZrrrrhMSG_DISCONNECTr)DISCONNECT_NO_MORE_AUTH_METHODS_AVAILABLEr assertTruergr8timeoutAuthServers r&test_loginTimeoutz(SSHUserAuthServerTests.test_loginTimeouts%668"&**,&3DKK&@#((*'' 5((*   ' ' / /,,YPPRST-./g   )33BBCr%ctj}tj|_t |j |_|j|j|jjd|j|jjg|j|jjy)zN Test that stopping the service also stops the login timeout. rN)rrrrrrUrfrrZrrrrh assertFalsergr s r&test_cancelLoginTimeoutz.SSHUserAuthServerTests.test_cancelLoginTimeouts%668"&**,&3DKK&@#((*((*'' 5 *44<r_rrrrcjjjjdtjdt tj fztdztdzfy)Nrrstoo many bad authsr%)rrrrhr rr rrs r&rz:SSHUserAuthServerTests.test_tooManyAttempts..check1sm   ))11"5,,YPPRST./0g r%) rrrrrrrangerrr)r8rirrs` r&test_tooManyAttemptsz+SSHUserAuthServerTests.test_tooManyAttempts&s 2f:r'{B{OUBvJWX $ r -A44Vr%rr)rrrrrrrrrs r&test_failIfUnknownServicez0SSHUserAuthServerTests.test_failIfUnknownService?sh Fbg%;7%?"V*L $  OO 0 0 8}}T..//r%c d}jjd|jjddfd}jjddd}j|tj |S)aZ tryAuth() has two edge cases that are difficult to reach. 1) an authentication method auth_* returns None instead of a Deferred. 2) an authentication type that is defined does not have a matching auth_* method. Both these cases should return a Deferred which fails with a ConchError. cyrHr$)rs r&mockAuthz>SSHUserAuthServerTests.test_tryAuthEdgeCases..mockAuthUrr%auth_publickey auth_passwordNcjjjddd}j|tS)Nr)rrrr)rd2r8s r& secondTestz@SSHUserAuthServerTests.test_tryAuthEdgeCases..secondTest[s.((dDAB%%b*5 5r%r)rrrrrr)r8rr!d1s` r&test_tryAuthEdgeCasesz,SSHUserAuthServerTests.test_tryAuthEdgeCasesIsp  4??$4h? 4??OT: 6__ $ $\4 >!!"j1==jIIr%)r r!r"r#rskiprrrrrrrrrrrrrrrrrrrr#r$r%r&rrs} |08  0$&0"$:14$.0"0(0,W"L*S4D0 E$20Jr%rcreZdZdZedZdZdZdZdZ dZ d Z d Z d Z d Zd ZdZdZdZdZdZy)SSHUserAuthClientTestsz& Tests for SSHUserAuthClient. Nrctdtj|_td|j_d|jj_|jj y)Nr>r)r/rUr[ authClientrrrZr7s r&rzSSHUserAuthClientTests.setUpksL(1F1F1HI$1$$7!.5!!+ &&(r%cF|jjd|_yrH)r(rr7s r&rzSSHUserAuthClientTests.tearDownqrr%ct|j|jjd|j|jjjd|j|jj j tjtdtdztdzfgy)z; Test that client is initialized properly. r>rXr_N) rr(rinstancerDrrhrrrr7s r& test_initz SSHUserAuthClientTests.test_initus --v6 1166A  OO % % - -++RZ"X,-FG-T U V r%cdgfd}||jj_|jjd|j d|jj y)z9 Test that the client succeeds properly. Nc|d<y)Nrr$)r`r+s r&stubSetServicezDSSHUserAuthClientTests.test_USERAUTH_SUCCESS..stubSetServices !HQKr%r%r)r(r setServicessh_USERAUTH_SUCCESSrr+)r8r/r+s @r&test_USERAUTH_SUCCESSz,SSHUserAuthClientTests.test_USERAUTH_SUCCESSsU6 "0>!!, ,,S1 !doo&>&>?r%c |jjtddz|j|jjj dt jtdtdztdzdztdzttjjtjjzf|jjtddzttjjtjj}|j|jjj dt jtdtdztdzdztdz|zf|jjtdttjjtjjzt|jjj t#t jfztdztdztdzdztdz|z}tjjtj$}|j|jjj dt jtdtdztdzdztdz|zt|j'|zfy ) zJ Test that the client can authenticate with a public key. rrrr>rXsssh-dssrN)r(ssh_USERAUTH_FAILURErrrrhrrrr2r3rr6rNr4ssh_USERAUTH_PK_OKrrr;r)r8rNrrs r&test_publickeyz%SSHUserAuthClientTests.test_publickeys ,,R -=-GH  OO % % - -b 1--6 X,\"#Z. ! TXX(()B)BCHHJK L   ,,R -=-GH$((%%g&?&?@EEGH  OO % % - -b 1--vJl#&'n %     ** zNR 3 3G4M4M N S S UV V  t((22 3X2245 6j l       n    hh!!'"<"<=  OO % % - -b 1--6 X,\"#Z. !   SXXg&' (  r%ctdtj}td|_d|j_|j |j dg|j_|j|jd|j|jjtjtdtdztdzfgy)z If the SSHUserAuthClient doesn't return anything from signData, the client should start the authentication over again by requesting 'none' authentication. r>Nrrr%rXr_)rQrUr[rrrZrrh assertIsNoner6rrrr)r8r(s r&!test_publickey_without_privatekeyz8SSHUserAuthClientTests.test_publickey_without_privatekeys 19N9N9PQ ,T2 )0 &!!#<(') $ *77<=   ( (++RZ"X,-FG-T U V r%cdj_jjd}fd}|j|S)z{ If there's no public key, auth_publickey should return a Deferred called back with a False value. cyrHr$rs r&ryz:SSHUserAuthClientTests.test_no_publickey..rzr%rc(j|yrH)r)resultr8s r&rz7SSHUserAuthClientTests.test_no_publickey..checks   V $r%)r(r9rr)r8rrs` r&test_no_publickeyz(SSHUserAuthClientTests.test_no_publickeys; (6$ OO # #L 1 %}}U##r%c|jjtddz|j|jjj dt jtdtdztdzdztdzf|jjtdtdz|j|jjj dt jtdtdztdzdztddzzfy ) zx Test that the client can authentication with a password. This includes changing the password. rrrr>rXr%rrN) r(r5rrrrhrrr6r7s r& test_passwordz$SSHUserAuthClientTests.test_passwords ,,R _w-FG  OO % % - -b 1--6 R\)B{O;gE6 R   **2c7RW+<=  OO % % - -b 1--6 R\)B{O;gE6 UVV  r%c|d|j_|j|jjdy)zK If getPassword returns None, tryAuth should return False. cyrHr$r$r%r&ryz9SSHUserAuthClientTests.test_no_password..rzr%rN)r(rArrr7s r&test_no_passwordz'SSHUserAuthClientTests.test_no_passwords-'3# 00=>r%cV|jjtdtdztdzdztdzdz|j|jjj dt jdtdztdzfy) zj Make sure that the client can authenticate with the keyboard interactive method. r%ss Password: rrsr>N)r('ssh_USERAUTH_PK_OK_keyboard_interactiverrrrhrMSG_USERAUTH_INFO_RESPONSEr7s r&test_keyboardInteractivez/SSHUserAuthClientTests.test_keyboardInteractives ?? sGg g " "       OO % % - -b 133#bj02f:=  r%cVd|j_g|jj_|jj d|j |jjjt jtdtdztdzfgy)z If C{SSHUserAuthClient} gets a MSG_USERAUTH_PK_OK packet when it's not expecting it, it should fail the current authentication and move on to the next type. sunknownr%r>rXr_N) r(lastAuthrrhr6rrrrr7s r&"test_USERAUTH_PK_OK_unknown_methodz9SSHUserAuthClientTests.test_USERAUTH_PK_OK_unknown_methods| $. ,.!!) **3/  OO % % - -++RZ"X,-FG-T U V r%cJfd}fd}|j_|j_jjt ddzj jj jdtjt dt dzt dzdzt dzfjjt d d zj jj jd d d dgy )z ssh_USERAUTH_FAILURE should sort the methods by their position in SSHUserAuthClient.preferredOrder. Methods that are not in preferredOrder should be sorted at the end of that list. cRjjjddy)N here is datar(rrnr7sr&auth_firstmethodzNSSHUserAuthClientTests.test_USERAUTH_FAILURE_sorting..auth_firstmethod2s OO % % 0 0o Fr%cRjjjddy)N other dataTrPr7sr&auth_anothermethodzPSSHUserAuthClientTests.test_USERAUTH_FAILURE_sorting..auth_anothermethod5s OO % % 0 0m Dr%sanothermethod,passwordrrr>rXrs"firstmethod,anothermethod,passwordrN)rNrO)rSrT) r(rQrUr5rrrrhrr)r8rQrUs` r&test_USERAUTH_FAILURE_sortingz4SSHUserAuthClientTests.test_USERAUTH_FAILURE_sorting+s G ,<(-?* ,,R0I-JW-TU  OO % % - -b 1--6 R\)B{O;gE6 R   ,, 4 5 ?   OO % % - -bc 2 #%9 : r%cD|jjtddz|jjtddz|j|jjj dtj dtdzdzfy) z If there are no more available user authentication messages, the SSHUserAuthClient should disconnect with code DISCONNECT_NO_MORE_AUTH_METHODS_AVAILABLE. rrrrss(no more authentication methods availablesN)r(r5rrrrhr r7s r&%test_disconnectIfNoMoreAuthenticationzrXr_)r(rrh_ebAuthrrrrr7s r& test_ebAuthz"SSHUserAuthClientTests.test_ebAuthasp -/!!) %  OO % % - -++RZ"X,-FG-T U V r%c.tjdtjj j fd}fddj }|jjj|S)z getPublicKey() should return None. getPrivateKey() should return a failed Deferred. getPassword() should return a failed Deferred. getGenericAnswers() should return a failed Deferred. r>c|jtj}|jjj SrH)trapNotImplementedErrorrArr addErrback)r>rr(check2r8s r&rz3SSHUserAuthClientTests.test_defaults..checkvs< KK+ ,&&(A==+66v> >r%c|jtjddd}|jjj SrH)r_r`rGrrra)r>rr(check3r8s r&rbz4SSHUserAuthClientTests.test_defaults..check2{sB KK+ ,,,T4>A==+66v> >r%c.|jtyrH)r_r`)r>s r&rdz4SSHUserAuthClientTests.test_defaults..check3s KK+ ,r%) rr-rUr[r9r9r<rrra)r8rrr(rbrds` @@@r& test_defaultsz$SSHUserAuthClientTests.test_defaultsmst // 8M8M8OP  *1134 ?  ?  -  $ $ &}}TYY'22599r%)r r!r"r#rr$rrr,r2r7r:r?rArDrHrKrWrYr\rfr$r%r&r&r&csa |0)    @< | & $ ,? *  " H $  :r%r&c.eZdZedZGddZdZy) LoopbackTestsNrc&eZdZGddZdZy)LoopbackTests.FactoryceZdZdZdZdZy)LoopbackTests.Factory.Service TestServicec8|jjyrH)rrtr7s r&rZz,LoopbackTests.Factory.Service.serviceStarteds--/r%cyrHr$r7s r&rz,LoopbackTests.Factory.Service.serviceStoppedsr%N)r r!r"rDrZrr$r%r&r[rls!D 0 r%r[c|jSrH)r[)r8avatarrDs r&raz LoopbackTests.Factory.getServices << r%N)r r!r"r[rar$r%r&rbrjs   r%rbcZtjtdjj }t j _j _dj _t j |_||j _dxj _ |j _ dxj _ |j _ jj _ d_ t}t|}tj!t#j!t%fd_|j!|j j_t+j,j |j }dj j _d|j j _j1|j1fd }|j3|S) zW Test that the userauth server and client play nicely with each other. r>cyrsr$rs r&ryz-LoopbackTests.test_loopback..rzr%r%cyrHr$r$r%r&ryz-LoopbackTests.test_loopback..rzr%rc:tj|dk(S)Nr)lensuccessfulCredentials)aIdcheckers r&ryz-LoopbackTests.test_loopback..ss7+H+H+M'NRS'Sr%cy)N_ServerLoopbackr$r$r%r&ryz-LoopbackTests.test_loopback..rzr%cy)N_ClientLoopbackr$r$r%r&ryz-LoopbackTests.test_loopback..rzr%cfjjjjdy)Nrm)rrr`rD)rr8rs r&rz*LoopbackTests.test_loopback..checks%   V--55::N Kr%)rrr/rbr[rr'r`rqr sendKexInitre passwordDelayrvrrrrrareDonerfr loopbackAsync logPrefixrZr)r8clientrrfrrryrs` @@r& test_loopbackzLoopbackTests.test_loopbacks++- (<(<(>?%557#) '5$$557#) BEE"V%5%5%?FRR$v'7'7'C$(<<>  $& 12 1 34Tw'*0  '  " "6#3#3V5E5E F/H"",/H"", L}}U##r%)r r!r"rr$rbrr$r%r&rhrhs |0   '$r%rhceZdZedZdZy)ModuleInitializationTestsNrc|jtjjdd|jtjjddy)N<r)rrrprotocolMessagesr-r7s r& test_messagesz'ModuleInitializationTests.test_messagessP   & & 7 7 ;=Q    & & 7 7 ;=Q r%)r r!r"rr$rr$r%r&rrs |0 r%r)8r#typesrtypingrzope.interfacertwisted.conch.errorrrtwisted.cred.checkersrtwisted.cred.credentialsr r r twisted.cred.errorr twisted.cred.portalr rtwisted.internetrrtwisted.protocolsrtwisted.python.reflectr twisted.trialrr__annotations__twisted.conch.checkersrtwisted.conch.sshrrtwisted.conch.ssh.commonrtwisted.conch.testrr-r/rJrQr'rUrvrrrTestCaserr&rhrr$r%r&rs &:5RR0.(&0"!hz! 9;;+*  -X// -F EH.. E >("<"< >>#I..>#B V B B B ! O O" O !""""& !   "  xJX..xJv a:X..a:H 8$H%%8$v   1 1  r%