From 13b13d65533c84b4d3351b8b6b64585c42e78db6 Mon Sep 17 00:00:00 2001 From: Xeckt Date: Fri, 21 Jun 2024 15:26:32 +0100 Subject: [PATCH] fix: amend ssh to use go ssh pkg Signed-off-by: Xeckt --- sztp-agent/go.mod | 4 +- sztp-agent/go.sum | 36 +++-------- sztp-agent/pkg/secureagent/daemon.go | 4 +- sztp-agent/pkg/secureagent/daemon_test.go | 48 +++++++------- sztp-agent/pkg/secureagent/ssh.go | 53 +++++++++++++++ sztp-agent/pkg/secureagent/ssh_test.go | 78 +++++++++++++++++++++++ sztp-agent/pkg/secureagent/utils.go | 30 --------- sztp-agent/pkg/secureagent/utils_test.go | 70 +------------------- 8 files changed, 172 insertions(+), 151 deletions(-) create mode 100644 sztp-agent/pkg/secureagent/ssh.go create mode 100644 sztp-agent/pkg/secureagent/ssh_test.go diff --git a/sztp-agent/go.mod b/sztp-agent/go.mod index 6ea32547..130b4b85 100644 --- a/sztp-agent/go.mod +++ b/sztp-agent/go.mod @@ -7,6 +7,7 @@ require ( github.com/github/smimesign v0.2.0 github.com/jaypipes/ghw v0.12.0 github.com/spf13/cobra v1.7.0 + golang.org/x/crypto v0.24.0 ) require ( @@ -15,10 +16,11 @@ require ( github.com/go-ole/go-ole v1.2.6 // indirect github.com/inconshreveable/mousetrap v1.1.0 // indirect github.com/jaypipes/pcidb v1.0.0 // indirect + github.com/kr/text v0.2.0 // indirect github.com/mitchellh/go-homedir v1.1.0 // indirect github.com/pkg/errors v0.9.1 // indirect github.com/spf13/pflag v1.0.5 // indirect - golang.org/x/sys v0.0.0-20220319134239-a9b59b0215f8 // indirect + golang.org/x/sys v0.21.0 // indirect gopkg.in/yaml.v2 v2.4.0 // indirect howett.net/plist v1.0.0 // indirect ) diff --git a/sztp-agent/go.sum b/sztp-agent/go.sum index ed2e820e..a09c0ead 100644 --- a/sztp-agent/go.sum +++ b/sztp-agent/go.sum @@ -1,15 +1,10 @@ github.com/StackExchange/wmi v1.2.1 h1:VIkavFPXSjcnS+O8yTq7NI32k0R5Aj+v39y29VYDOSA= github.com/StackExchange/wmi v1.2.1/go.mod h1:rcmrprowKIVzvc+NUiLncP2uuArMWLCbu9SBzvHz7e8= -github.com/TwiN/go-color v1.2.0 h1:Z18GljqDd5aSmIBYwp2JKLH9H63fd79MzFdW79fDt2k= -github.com/TwiN/go-color v1.2.0/go.mod h1:0QTVEPlu+AoCyTrho7bXbVkrCkVpdQr7YF7PYWEtSxM= -github.com/TwiN/go-color v1.3.0 h1:5txe9rpBg1WUP33KwdLsnUTTAY8UEKy8d6lmbE1I5yc= -github.com/TwiN/go-color v1.3.0/go.mod h1:0QTVEPlu+AoCyTrho7bXbVkrCkVpdQr7YF7PYWEtSxM= -github.com/TwiN/go-color v1.4.0 h1:fNbOwOrvup5oj934UragnW0B1WKaAkkB85q19Y7h4ng= -github.com/TwiN/go-color v1.4.0/go.mod h1:0QTVEPlu+AoCyTrho7bXbVkrCkVpdQr7YF7PYWEtSxM= github.com/TwiN/go-color v1.4.1 h1:mqG0P/KBgHKVqmtL5ye7K0/Gr4l6hTksPgTgMk3mUzc= github.com/TwiN/go-color v1.4.1/go.mod h1:WcPf/jtiW95WBIsEeY1Lc/b8aaWoiqQpu5cf8WFxu+s= github.com/certifi/gocertifi v0.0.0-20180118203423-deb3ae2ef261/go.mod h1:GJKEexRPVJrBSOjoqN5VNOIKJ5Q3RViH6eu3puDRwx4= github.com/cpuguy83/go-md2man/v2 v2.0.2/go.mod h1:tgQtvFlXSQOSOSIRvRPT7W67SCa46tRHOmNcaadrF8o= +github.com/creack/pty v1.1.9/go.mod h1:oKZEueFk5CKHvIhNR5MUki03XCEU+Q6VDXinZuGJ33E= github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= github.com/ghodss/yaml v1.0.0 h1:wQHKEahhL6wmXdzwWG11gIVCkOv05bNOh+Rxn0yngAk= @@ -19,28 +14,16 @@ github.com/github/smimesign v0.2.0/go.mod h1:iZiiwNT4HbtGRVqCQu7uJPEZCuEE5sfSStt github.com/go-ole/go-ole v1.2.5/go.mod h1:pprOEPIfldk/42T2oK7lQ4v4JSDwmV0As9GaiUsvbm0= github.com/go-ole/go-ole v1.2.6 h1:/Fpf6oFPoeFik9ty7siob0G6Ke8QvQEuVcuChpwXzpY= github.com/go-ole/go-ole v1.2.6/go.mod h1:pprOEPIfldk/42T2oK7lQ4v4JSDwmV0As9GaiUsvbm0= -github.com/inconshreveable/mousetrap v1.0.0/go.mod h1:PxqpIevigyE2G7u3NXJIT2ANytuPF1OarO4DADm73n8= -github.com/inconshreveable/mousetrap v1.0.1 h1:U3uMjPSQEBMNp1lFxmllqCPM6P5u/Xq7Pgzkat/bFNc= -github.com/inconshreveable/mousetrap v1.0.1/go.mod h1:vpF70FUmC8bwa3OWnCshd2FqLfsEA9PFc4w1p2J65bw= github.com/inconshreveable/mousetrap v1.1.0 h1:wN+x4NVGpMsO7ErUn/mUI3vEoE6Jt13X2s0bqwp9tc8= github.com/inconshreveable/mousetrap v1.1.0/go.mod h1:vpF70FUmC8bwa3OWnCshd2FqLfsEA9PFc4w1p2J65bw= -github.com/jaypipes/ghw v0.9.0 h1:TWF4wNIGtZcgDJaiNcFgby5BR8s2ixcUe0ydxNO2McY= -github.com/jaypipes/ghw v0.9.0/go.mod h1:dXMo19735vXOjpIBDyDYSp31sB2u4hrtRCMxInqQ64k= -github.com/jaypipes/ghw v0.10.0 h1:UHu9UX08Py315iPojADFPOkmjTsNzHj4g4adsNKKteY= -github.com/jaypipes/ghw v0.10.0/go.mod h1:jeJGbkRB2lL3/gxYzNYzEDETV1ZJ56OKr+CSeSEym+g= -github.com/jaypipes/ghw v0.11.0 h1:i0pKvAM7eZk0KvLm9vzpcpDKTRnfR6AQ5pFkPVnYJXU= -github.com/jaypipes/ghw v0.11.0/go.mod h1:jeJGbkRB2lL3/gxYzNYzEDETV1ZJ56OKr+CSeSEym+g= github.com/jaypipes/ghw v0.12.0 h1:xU2/MDJfWmBhJnujHY9qwXQLs3DBsf0/Xa9vECY0Tho= github.com/jaypipes/ghw v0.12.0/go.mod h1:jeJGbkRB2lL3/gxYzNYzEDETV1ZJ56OKr+CSeSEym+g= github.com/jaypipes/pcidb v1.0.0 h1:vtZIfkiCUE42oYbJS0TAq9XSfSmcsgo9IdxSm9qzYU8= github.com/jaypipes/pcidb v1.0.0/go.mod h1:TnYUvqhPBzCKnH34KrIX22kAeEbDCSRJ9cqLRCuNDfk= github.com/jessevdk/go-flags v1.4.0/go.mod h1:4FA24M0QyGHXBuZZK/XkWh8h0e1EYbRYJSGM75WSRxI= github.com/kr/pretty v0.1.0 h1:L/CwN0zerZDmRFUapSPitk6f+Q3+0za1rQkzVuMiMFI= -github.com/kr/pretty v0.1.0/go.mod h1:dAy3ld7l9f0ibDNOQOHHMYYIIbhfbHSm3C4ZsoJORNo= -github.com/kr/pty v1.1.1/go.mod h1:pFQYn66WHrOpPYNljwOMqo10TkYh1fy3cYio2l3bCsQ= -github.com/kr/text v0.1.0 h1:45sCR5RtlFHMR4UwH9sdQ5TC8v0qDQCHnXt+kaKSTVE= -github.com/kr/text v0.1.0/go.mod h1:4Jbv+DJW3UT/LiOwJeYQe1efqtUx/iVham/4vfdArNI= -github.com/mitchellh/go-homedir v1.0.0/go.mod h1:SfyaCUpYCn1Vlf4IUYiD9fPX4A5wJrkLzIz1N1q0pr0= +github.com/kr/text v0.2.0 h1:5Nx0Ya0ZqY2ygV366QzturHI13Jq95ApcVaJBhpS+AY= +github.com/kr/text v0.2.0/go.mod h1:eLer722TekiGuMkidMxC/pM04lWEeraHUUmBw8l2grE= github.com/mitchellh/go-homedir v1.1.0 h1:lukF9ziXFxDFPkA1vsr5zpc1XuPDn/wFntq5mG+4E0Y= github.com/mitchellh/go-homedir v1.1.0/go.mod h1:SfyaCUpYCn1Vlf4IUYiD9fPX4A5wJrkLzIz1N1q0pr0= github.com/pborman/getopt v0.0.0-20180811024354-2b5b3bfb099b/go.mod h1:85jBQOZwpVEaDAr341tbn15RS4fCAsIst0qp7i8ex1o= @@ -49,30 +32,27 @@ github.com/pkg/errors v0.9.1 h1:FEBLx1zS214owpjy7qsBeixbURkuhQAwrK5UwLGTwt4= github.com/pkg/errors v0.9.1/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0= github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4= github.com/russross/blackfriday/v2 v2.1.0/go.mod h1:+Rmxgy9KzJVeS9/2gXHxylqXiyQDYRxCVz55jmeOWTM= -github.com/spf13/cobra v0.0.3/go.mod h1:1l0Ry5zgKvJasoi3XT1TypsSe7PqH0Sj9dhYf7v3XqQ= -github.com/spf13/cobra v1.6.1 h1:o94oiPyS4KD1mPy2fmcYYHHfCxLqYjJOhGsCHFZtEzA= -github.com/spf13/cobra v1.6.1/go.mod h1:IOw/AERYS7UzyrGinqmz6HLUo219MORXGxhbaJUqzrY= github.com/spf13/cobra v1.7.0 h1:hyqWnYt1ZQShIddO5kBpj3vu05/++x6tJ6dg8EC572I= github.com/spf13/cobra v1.7.0/go.mod h1:uLxZILRyS/50WlhOIKD7W6V5bgeIt+4sICxh6uRMrb0= -github.com/spf13/pflag v1.0.2/go.mod h1:DYY7MBk1bdzusC3SYhjObp+wFpr4gzcvqqNjLnInEg4= github.com/spf13/pflag v1.0.5 h1:iy+VFUOCP1a+8yFto/drg2CJ5u0yRoB7fZw3DKv/JXA= github.com/spf13/pflag v1.0.5/go.mod h1:McXfInJRrz4CZXVZOBLb0bTZqETkiAhM9Iw0y3An2Bg= github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME= github.com/stretchr/testify v1.3.0/go.mod h1:M5WIy9Dh21IEIfnGCwXGc5bZfKNJtfHm1UVUgZn+9EI= golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w= -golang.org/x/crypto v0.0.0-20190426145343-a29dc8fdc734 h1:p/H982KKEjUnLJkM3tt/LemDnOc1GiZL5FCVlORJ5zo= golang.org/x/crypto v0.0.0-20190426145343-a29dc8fdc734/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI= +golang.org/x/crypto v0.24.0 h1:mnl8DM0o513X8fdIkmyFE/5hTYxbwYOjDS/+rK6qpRI= +golang.org/x/crypto v0.24.0/go.mod h1:Z1PMYSOR5nyMcyAVAIQSKCDwalqy85Aqn1x3Ws4L5DM= golang.org/x/net v0.0.0-20190404232315-eb5bcb51f2a3/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg= golang.org/x/sys v0.0.0-20190215142949-d0b11bdaac8a/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= golang.org/x/sys v0.0.0-20190412213103-97732733099d/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20190916202348-b4ddaad3f8a3/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20220319134239-a9b59b0215f8 h1:OH54vjqzRWmbJ62fjuhxy7AxFFgoHN0/DPc/UrL8cAs= -golang.org/x/sys v0.0.0-20220319134239-a9b59b0215f8/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= +golang.org/x/sys v0.21.0 h1:rF+pYz3DAGSQAxAu1CbC7catZg4ebC4UIeIhKxBZvws= +golang.org/x/sys v0.21.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA= +golang.org/x/term v0.21.0 h1:WVXCp+/EBEHOj53Rvu+7KiT/iElMrO8ACK16SMZ3jaA= golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= golang.org/x/xerrors v0.0.0-20200804184101-5ec99f83aff1/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= gopkg.in/check.v1 v1.0.0-20180628173108-788fd7840127 h1:qIbj1fsPNlZgppZ+VLlY7N33q108Sa+fhmuc+sWQYwY= -gopkg.in/check.v1 v1.0.0-20180628173108-788fd7840127/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= gopkg.in/yaml.v1 v1.0.0-20140924161607-9f9df34309c0/go.mod h1:WDnlLJ4WF5VGsH/HVa3CI79GS0ol3YnhVnKP89i0kNg= gopkg.in/yaml.v2 v2.4.0 h1:D8xgwECY7CYvx+Y2n4sBz93Jn9JRvxdiyyo8CTfuKaY= gopkg.in/yaml.v2 v2.4.0/go.mod h1:RDklbk79AGWmwhnvt/jBztapEOGDOx6ZbXqjP6csGnQ= diff --git a/sztp-agent/pkg/secureagent/daemon.go b/sztp-agent/pkg/secureagent/daemon.go index 57935eaa..95a993ba 100644 --- a/sztp-agent/pkg/secureagent/daemon.go +++ b/sztp-agent/pkg/secureagent/daemon.go @@ -111,8 +111,8 @@ func (a *Agent) doReportProgress(s ProgressType) error { Algorithm string `json:"algorithm"` KeyData string `json:"key-data"` }{ - Algorithm: key.Algorithm, - KeyData: key.KeyData, + Algorithm: key.Type(), + KeyData: getSSHHostKeyString(key, false), }) } } diff --git a/sztp-agent/pkg/secureagent/daemon_test.go b/sztp-agent/pkg/secureagent/daemon_test.go index 1efd3144..6ff9cc8b 100644 --- a/sztp-agent/pkg/secureagent/daemon_test.go +++ b/sztp-agent/pkg/secureagent/daemon_test.go @@ -14,10 +14,26 @@ import ( "testing" ) +const DHCPTestContent = `lease { + interface "eth0"; + fixed-address 10.127.127.100; + filename "grubx64.efi"; + option subnet-mask 255.255.255.0; + option sztp-redirect-urls "http://mymock/test"; + option dhcp-lease-time 600; + option tftp-server-name "w.x.y.z"; + option bootfile-name "test.cfg"; + option dhcp-message-type 5; + option dhcp-server-identifier 10.127.127.2; + renew 1 2022/08/15 19:16:40; + rebind 1 2022/08/15 19:20:50; + expire 1 2022/08/15 19:22:05; +}` + //nolint:funlen func TestAgent_getBootstrapURL(t *testing.T) { dhcpTestFileOK := "/tmp/test.dhcp" - createTempTestFile(dhcpTestFileOK, "", true) + createTempTestFile(dhcpTestFileOK, DHCPTestContent, true) type fields struct { BootstrapURL string @@ -94,29 +110,17 @@ func createTempTestFile(file string, content string, _ bool) { if err != nil { log.Fatal(err) } - mydhcpresponse := `lease { - interface "eth0"; - fixed-address 10.127.127.100; - filename "grubx64.efi"; - option subnet-mask 255.255.255.0; - option sztp-redirect-urls "http://mymock/test"; - option dhcp-lease-time 600; - option tftp-server-name "w.x.y.z"; - option bootfile-name "test.cfg"; - option dhcp-message-type 5; - option dhcp-server-identifier 10.127.127.2; - renew 1 2022/08/15 19:16:40; - rebind 1 2022/08/15 19:20:50; - expire 1 2022/08/15 19:22:05; -}` - if content != "" { - mydhcpresponse = content - } - _, err2 := f.WriteString(mydhcpresponse) + defer func(f *os.File) { + err := f.Close() + if err != nil { + log.Fatalf("Unable to close file %s: %v", f.Name(), err) + } + }(f) - if err2 != nil { - log.Fatal(err2) + _, err = f.WriteString(content) + if err != nil { + log.Printf("Could not write to file %s: %v", f.Name(), err) } } diff --git a/sztp-agent/pkg/secureagent/ssh.go b/sztp-agent/pkg/secureagent/ssh.go new file mode 100644 index 00000000..3a2c19fc --- /dev/null +++ b/sztp-agent/pkg/secureagent/ssh.go @@ -0,0 +1,53 @@ +/* +SPDX-License-Identifier: Apache-2.0 +Copyright (C) 2022-2023 Intel Corporation +Copyright (c) 2022 Dell Inc, or its subsidiaries. +Copyright (C) 2022 Red Hat. +*/ + +package secureagent + +import ( + "encoding/base64" + "log" + "os" + "path/filepath" + "strings" + + "golang.org/x/crypto/ssh" +) + +func readSSHHostKeyPublicFiles(pattern string) []ssh.PublicKey { + results := []ssh.PublicKey{} + + files, err := filepath.Glob(pattern) + if err != nil { + log.Printf("[ERROR] Error getting ssh host public keys file list: %v", err) + return results + } + + for _, f := range files { + // nolint:gosec + data, err := os.ReadFile(f) + if err != nil { + log.Printf("[ERROR] Error reading public key file %s: %v", f, err) + continue + } + + key, _, _, _, err := ssh.ParseAuthorizedKey(data) + if err != nil { + log.Printf("[ERROR] Problem parsing public key file %s: %v\n"+ + "Check the key file has the correct format", f, err.Error()) + continue + } + results = append(results, key) + } + return results +} + +func getSSHHostKeyString(key ssh.PublicKey, fullString bool) string { + if fullString { + return strings.TrimSuffix(string(ssh.MarshalAuthorizedKey(key)), "\n") // returns algorithm + key + } + return base64.StdEncoding.EncodeToString(key.Marshal()) // returns just the key +} diff --git a/sztp-agent/pkg/secureagent/ssh_test.go b/sztp-agent/pkg/secureagent/ssh_test.go new file mode 100644 index 00000000..48a8b5b6 --- /dev/null +++ b/sztp-agent/pkg/secureagent/ssh_test.go @@ -0,0 +1,78 @@ +// SPDX-License-Identifier: Apache-2.0 +// Copyright (C) 2022-2023 Red Hat. +package secureagent + +import ( + "reflect" + "testing" +) + +func Test_readSSHHostKeyPublicFiles(t *testing.T) { + type args struct { + file string + content string + Algorithm string + } + tests := []struct { + name string + args args + want string + }{ + { + name: "Test OK line in files no comment", + args: args{ + file: "/tmp/test.pub", + content: "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAID0mjQXlOvkM2HO5vTrSOdHOl3BGOqDiHrx8yYdbP8xR", + Algorithm: "ssh-ed25519", + }, + want: "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAID0mjQXlOvkM2HO5vTrSOdHOl3BGOqDiHrx8yYdbP8xR", + }, + { + name: "Test OK line in files with comment", + args: args{ + file: "/tmp/test.pub", + content: "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAID0mjQXlOvkM2HO5vTrSOdHOl3BGOqDiHrx8yYdbP8xR comment", + Algorithm: "ssh-ed25519", + }, + want: "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAID0mjQXlOvkM2HO5vTrSOdHOl3BGOqDiHrx8yYdbP8xR", + }, + { + name: "Test too many parts in file", + args: args{ + file: "/tmp/test.pub", + content: "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAID0mjQXlOvkM2HO5vTrSOdHOl3BGOqDiHrx8yYdbP8xR comment error", + Algorithm: "ssh-ed25519", + }, + want: "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAID0mjQXlOvkM2HO5vTrSOdHOl3BGOqDiHrx8yYdbP8xR", + }, + { + name: "Test not enough parts in file", + args: args{ + file: "/tmp/test.pub", + content: "ssh-ed25519", + }, + want: "ssh-ed25519", + }, + { + name: "Test file doesn't exist", + args: args{ + file: "/tmp/test.pub", + content: "", + }, + want: "", + }, + } + for _, tt := range tests { + t.Run(tt.name, func(t *testing.T) { + if tt.args.content != "" { + createTempTestFile(tt.args.file, tt.args.content, true) + } + for _, key := range readSSHHostKeyPublicFiles(tt.args.file) { + if got := getSSHHostKeyString(key, true); !reflect.DeepEqual(got, tt.want) { + t.Errorf("readSSHHostKeyPublicFiles() - got: %v, want %v", got, tt.want) + } + } + deleteTempTestFile(tt.args.file) + }) + } +} diff --git a/sztp-agent/pkg/secureagent/utils.go b/sztp-agent/pkg/secureagent/utils.go index d2b3b83b..2ef18347 100644 --- a/sztp-agent/pkg/secureagent/utils.go +++ b/sztp-agent/pkg/secureagent/utils.go @@ -19,7 +19,6 @@ import ( "log" "net/http" "os" - "path/filepath" "regexp" "strconv" "strings" @@ -157,35 +156,6 @@ func generateInputJSONContent() string { return string(inputJSON) } -type publicKey struct { - Algorithm string - KeyData string - Comment string -} - -func readSSHHostKeyPublicFiles(pattern string) []publicKey { - results := []publicKey{} - files, err := filepath.Glob(pattern) - if err != nil { - log.Printf("[ERROR] Error getting ssh host public keys file list : %v", err) - return results - } - for _, f := range files { - // nolint:gosec - data, _ := os.ReadFile(f) - // TODO: consider switching to https://pkg.go.dev/golang.org/x/crypto/ssh#ParseAuthorizedKey - parts := strings.Fields(string(data)) - // [type-name] [base64-encoded-ssh-public-key] [comment] - if len(parts) < 2 { - log.Printf("[ERROR] Error parsing pub key, should contain at least 2 parts with spaces : %v", f) - continue - } - // ignore comment for now - results = append(results, publicKey{Algorithm: parts[0], KeyData: parts[1]}) - } - return results -} - func replaceQuotes(input string) string { return strings.ReplaceAll(input, "\"", "") } diff --git a/sztp-agent/pkg/secureagent/utils_test.go b/sztp-agent/pkg/secureagent/utils_test.go index 64cc3852..8be75a78 100644 --- a/sztp-agent/pkg/secureagent/utils_test.go +++ b/sztp-agent/pkg/secureagent/utils_test.go @@ -22,13 +22,11 @@ func TestAgent_doTLSRequest(t *testing.T) { InputJSONContent string DhcpLeaseFile string } - tests := []struct { + var tests []struct { name string fields fields want *BootstrapServerPostOutput wantErr bool - }{ - // TODO: Add test cases. } for _, tt := range tests { t.Run(tt.name, func(t *testing.T) { @@ -96,7 +94,7 @@ func Test_extractfromLine(t *testing.T) { func Test_linesInFileContains(t *testing.T) { dhcpTestFileOK := "/tmp/test.dhcp" - createTempTestFile(dhcpTestFileOK, "", true) + createTempTestFile(dhcpTestFileOK, DHCPTestContent, true) type args struct { file string substr string @@ -125,70 +123,6 @@ func Test_linesInFileContains(t *testing.T) { deleteTempTestFile(dhcpTestFileOK) } -func Test_readSSHHostKeyPublicFiles(t *testing.T) { - type args struct { - file string - line string - } - tests := []struct { - name string - args args - want []publicKey - }{ - { - name: "Test OK line in files no comment", - args: args{ - file: "/tmp/test.pub", - line: "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAID0mjQXlOvkM2HO5vTrSOdHOl3BGOqDiHrx8yYdbP8xR", - }, - want: []publicKey{{Algorithm: "ssh-ed25519", KeyData: "AAAAC3NzaC1lZDI1NTE5AAAAID0mjQXlOvkM2HO5vTrSOdHOl3BGOqDiHrx8yYdbP8xR"}}, - }, - { - name: "Test OK line in files with comment", - args: args{ - file: "/tmp/test.pub", - line: "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAID0mjQXlOvkM2HO5vTrSOdHOl3BGOqDiHrx8yYdbP8xR comment", - }, - want: []publicKey{{Algorithm: "ssh-ed25519", KeyData: "AAAAC3NzaC1lZDI1NTE5AAAAID0mjQXlOvkM2HO5vTrSOdHOl3BGOqDiHrx8yYdbP8xR"}}, - }, - { - name: "Test too many parts in file", - args: args{ - file: "/tmp/test.pub", - line: "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAID0mjQXlOvkM2HO5vTrSOdHOl3BGOqDiHrx8yYdbP8xR comment error", - }, - want: []publicKey{{Algorithm: "ssh-ed25519", KeyData: "AAAAC3NzaC1lZDI1NTE5AAAAID0mjQXlOvkM2HO5vTrSOdHOl3BGOqDiHrx8yYdbP8xR"}}, - }, - { - name: "Test not enough parts in file", - args: args{ - file: "/tmp/test.pub", - line: "ssh-ed25519", - }, - want: []publicKey{}, - }, - { - name: "Test file doesn't exist", - args: args{ - file: "/tmp/test.pub", - line: "", - }, - want: []publicKey{}, - }, - } - for _, tt := range tests { - t.Run(tt.name, func(t *testing.T) { - if tt.args.line != "" { - createTempTestFile(tt.args.file, tt.args.line, true) - } - if got := readSSHHostKeyPublicFiles(tt.args.file); !reflect.DeepEqual(got, tt.want) { - t.Errorf("readSSHHostKeyPublicFiles() = %v, want %v", got, tt.want) - } - deleteTempTestFile(tt.args.file) - }) - } -} - func Test_replaceQuotes(t *testing.T) { type args struct { input string