| 363 | } |
| 364 | |
| 365 | func TestSSHConfigResponse_Validate(t *testing.T) { |
| 366 | t.Parallel() |
| 367 | |
| 368 | testCases := []struct { |
| 369 | name string |
| 370 | response codersdk.SSHConfigResponse |
| 371 | wantErr string |
| 372 | }{ |
| 373 | { |
| 374 | name: "Valid", |
| 375 | response: codersdk.SSHConfigResponse{ |
| 376 | HostnamePrefix: "coder.", |
| 377 | HostnameSuffix: "coder", |
| 378 | SSHConfigOptions: map[string]string{"HostName": "example.com"}, |
| 379 | }, |
| 380 | }, |
| 381 | { |
| 382 | name: "Empty", |
| 383 | response: codersdk.SSHConfigResponse{}, |
| 384 | }, |
| 385 | { |
| 386 | name: "PrefixUnsafe", |
| 387 | response: codersdk.SSHConfigResponse{HostnamePrefix: "coder.\nHost *"}, |
| 388 | wantErr: "workspace hostname prefix", |
| 389 | }, |
| 390 | { |
| 391 | name: "SuffixUnsafe", |
| 392 | response: codersdk.SSHConfigResponse{HostnameSuffix: "coder\nHost *"}, |
| 393 | wantErr: "workspace hostname suffix", |
| 394 | }, |
| 395 | { |
| 396 | name: "OptionUnsafe", |
| 397 | response: codersdk.SSHConfigResponse{SSHConfigOptions: map[string]string{"ProxyCommand": "ssh -W %h:%p bastion"}}, |
| 398 | wantErr: `ssh config option "ProxyCommand" is not allowed`, |
| 399 | }, |
| 400 | } |
| 401 | |
| 402 | for _, tt := range testCases { |
| 403 | t.Run(tt.name, func(t *testing.T) { |
| 404 | t.Parallel() |
| 405 | |
| 406 | err := tt.response.Validate() |
| 407 | if tt.wantErr != "" { |
| 408 | require.ErrorContains(t, err, tt.wantErr) |
| 409 | return |
| 410 | } |
| 411 | require.NoError(t, err) |
| 412 | }) |
| 413 | } |
| 414 | } |
| 415 | |
| 416 | func TestSSHConfig_ParseOptions(t *testing.T) { |
| 417 | t.Parallel() |