MCPcopy Index your code
hub / github.com/coder/coder / TestValidateSSHConfigOptions

Function TestValidateSSHConfigOptions

codersdk/deployment_test.go:311–363  ·  view source on GitHub ↗
(t *testing.T)

Source from the content-addressed store, hash-verified

309}
310
311func TestValidateSSHConfigOptions(t *testing.T) {
312 t.Parallel()
313
314 testCases := []struct {
315 name string
316 options map[string]string
317 wantErr bool
318 }{
319 {name: "HostName", options: map[string]string{"HostName": "example.com"}},
320 {name: "User", options: map[string]string{"User": "coder"}},
321 {name: "Port", options: map[string]string{"Port": "22"}},
322 {name: "SetEnv", options: map[string]string{"SetEnv": "FOO=bar BAZ=qux"}},
323 {name: "UserKnownHostsFile", options: map[string]string{"UserKnownHostsFile": "/tmp/coder_known_hosts"}},
324 {name: "EmptyKey", options: map[string]string{"": "value"}, wantErr: true},
325 {name: "NewlineInKey", options: map[string]string{"User\nProxyCommand": "evil"}, wantErr: true},
326 {name: "CarriageReturnInKey", options: map[string]string{"User\rProxyCommand": "evil"}, wantErr: true},
327 {name: "NULInKey", options: map[string]string{"User\x00ProxyCommand": "evil"}, wantErr: true},
328 {name: "SpaceInKey", options: map[string]string{"User ProxyCommand": "evil"}, wantErr: true},
329 {name: "EqualsInKey", options: map[string]string{"User=ProxyCommand": "evil"}, wantErr: true},
330 {name: "Host", options: map[string]string{"Host": "*"}, wantErr: true},
331 {name: "HostCaseInsensitive", options: map[string]string{"hOsT": "*"}, wantErr: true},
332 {name: "Match", options: map[string]string{"Match": "all"}, wantErr: true},
333 {name: "Include", options: map[string]string{"Include": "~/.ssh/config.d/*"}, wantErr: true},
334 {name: "ProxyCommand", options: map[string]string{"ProxyCommand": "ssh -W %h:%p bastion"}, wantErr: true},
335 {name: "ProxyCommandCaseInsensitive", options: map[string]string{"proxycommand": "ssh -W %h:%p bastion"}, wantErr: true},
336 {name: "LocalCommand", options: map[string]string{"LocalCommand": "echo pwned"}, wantErr: true},
337 {name: "PermitLocalCommand", options: map[string]string{"PermitLocalCommand": "yes"}, wantErr: true},
338 {name: "RemoteCommand", options: map[string]string{"RemoteCommand": "some-command"}, wantErr: true},
339 {name: "KnownHostsCommand", options: map[string]string{"KnownHostsCommand": "echo key"}, wantErr: true},
340 {name: "PKCS11Provider", options: map[string]string{"PKCS11Provider": "/tmp/evil.so"}, wantErr: true},
341 {name: "PKCS11ProviderCaseInsensitive", options: map[string]string{"pkcs11provider": "/tmp/evil.so"}, wantErr: true},
342 {name: "SecurityKeyProvider", options: map[string]string{"SecurityKeyProvider": "/tmp/evil.so"}, wantErr: true},
343 {name: "NewlineInValue", options: map[string]string{"UserKnownHostsFile": "/tmp/known_hosts\nHost *\nProxyCommand evil"}, wantErr: true},
344 {name: "CarriageReturnInValue", options: map[string]string{"UserKnownHostsFile": "/tmp/known_hosts\r\nHost *"}, wantErr: true},
345 {name: "NULInValue", options: map[string]string{"UserKnownHostsFile": "/tmp/known_hosts\x00suffix"}, wantErr: true},
346 {name: "SmartcardDevice", options: map[string]string{"SmartcardDevice": "/path/to/lib"}, wantErr: true},
347 {name: "XAuthLocation", options: map[string]string{"XAuthLocation": "/usr/bin/xauth"}, wantErr: true},
348 {name: "ProxyJump", options: map[string]string{"ProxyJump": "bastion.example.com"}, wantErr: true},
349 }
350
351 for _, tt := range testCases {
352 t.Run(tt.name, func(t *testing.T) {
353 t.Parallel()
354
355 err := codersdk.ValidateSSHConfigOptions(tt.options)
356 if tt.wantErr {
357 require.Error(t, err)
358 return
359 }
360 require.NoError(t, err)
361 })
362 }
363}
364
365func TestSSHConfigResponse_Validate(t *testing.T) {
366 t.Parallel()

Callers

nothing calls this directly

Calls 3

ValidateSSHConfigOptionsFunction · 0.92
RunMethod · 0.65
ErrorMethod · 0.45

Tested by

no test coverage detected