Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

test: tests for #703 #704

Closed
wants to merge 75 commits into from
Closed
Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
75 commits
Select commit Hold shift + click to select a range
90a7f87
feat: (idea spike) illustrate how we might use the SocketAuthenticato…
gkc Nov 23, 2023
45740a1
fix: made code compile
gkc Nov 23, 2023
59db455
docs: added TODOs for sshrvd_impl
gkc Nov 23, 2023
823d6f4
Merge remote-tracking branch 'origin/trunk' into socket-authenticator…
gkc Nov 26, 2023
605eb44
Merge remote-tracking branch 'origin/trunk' into socket-authenticator…
gkc Nov 28, 2023
ad1dd12
Introducing signature verifying authenticator
VJag Nov 28, 2023
0091b12
Merge remote-tracking branch 'origin/socket-authenticator-option' int…
VJag Nov 28, 2023
6cc0ca0
Refactored code to make it test friendly and added few unit tests
VJag Dec 5, 2023
14cdc9d
Refactored code to make it test friendly and added few unit tests
VJag Dec 5, 2023
dfdfa81
Changes to send notification as a json
VJag Dec 12, 2023
a663210
New abstractions to enable various notification message formats and a…
VJag Dec 14, 2023
79bf7e4
Auth provider and corresponding verification test
VJag Dec 14, 2023
e9dd01b
Auth provider and corresponding verification test
VJag Dec 14, 2023
f33319b
Authenticate in Sshrv when authenticationProvider is provided
VJag Dec 14, 2023
3b83984
Changes to refactor notification message classes and introduced manag…
VJag Dec 19, 2023
29f359d
Changes to refactor notification message classes and introduced manag…
VJag Dec 19, 2023
ed0ede2
Changed few important class names. The changes in this commit are a r…
VJag Dec 19, 2023
212891a
Merge remote-tracking branch 'origin/trunk' into socket-authenticator…
gkc Dec 20, 2023
7ad6390
chore: fixed lint warnings
gkc Dec 20, 2023
32fdc88
Minor changes to improve the testability
VJag Dec 21, 2023
aa7deb4
Merge remote-tracking branch 'origin/socket-authenticator-option' int…
VJag Dec 21, 2023
a8e4244
This commit contains:
VJag Dec 22, 2023
f1e3fb3
made a null aware invocation
VJag Dec 22, 2023
d3f85fa
Merge remote-tracking branch 'origin/trunk' into socket-authenticator…
gkc Dec 27, 2023
2faaa6e
feat: rvd authentication working end to end
gkc Dec 29, 2023
efac6d0
interim commit: proves end-to-end working using hard-coded AES key an…
gkc Dec 29, 2023
52f859c
fix: remove unnecessary delays when sending notifications.
gkc Dec 30, 2023
a2b60f2
fix: remove 9.7s of unnecessary delay from a unit test
gkc Dec 30, 2023
a4b8e32
feat: Client ability to ping daemon for info, including which feature…
gkc Dec 30, 2023
968154f
fix: something weird about error handling in the sshnp client; commen…
gkc Dec 30, 2023
5505ff8
Merge remote-tracking branch 'origin/trunk' into socket-authenticator…
gkc Dec 30, 2023
a874b49
feat: add `--discover-daemon-features` to sshnp args
gkc Dec 31, 2023
a464972
chore: remove ephemeralEncryptionKeyPair from daemon; client will gen…
gkc Dec 31, 2023
86be173
feat: add encryptRvdTraffic flag and ephemeral public key to ssh sess…
gkc Dec 31, 2023
19eb113
feat: sshrv use AES key and IV, when supplied, for en/decryption
gkc Dec 31, 2023
82baf8a
fix: Need to give the sshrv process time to start and bind to its por…
gkc Dec 31, 2023
0dc78ca
fix: Add defensive code to SshnpDartPureImpl to un-set the new flags,…
gkc Dec 31, 2023
7a5ab63
build: update pubspec to use git branch for socket_connector instead …
gkc Dec 31, 2023
30b3632
Merge remote-tracking branch 'origin/trunk' into socket-authenticator…
gkc Jan 1, 2024
b5ff4a1
feat: encrypt/decrypt aes key and IV for rvd traffic using session ep…
gkc Jan 1, 2024
469ce1d
refactor: streamified socket_connector
gkc Jan 1, 2024
da447e6
feat: limited info leakage by moving sshrv params from command line t…
gkc Jan 2, 2024
8c4368e
chore: pinned some dependencies
gkc Jan 2, 2024
7b55460
chore: more logging cleanup
gkc Jan 2, 2024
a405676
chore: more logging cleanup
gkc Jan 2, 2024
5f7e093
feat: supply verbose and logTraffic parameters separately to `SocketC…
gkc Jan 2, 2024
05e7488
refactor: changed variable names
gkc Jan 2, 2024
433d90b
Merge remote-tracking branch 'origin/trunk' into socket-authenticator…
gkc Jan 5, 2024
51da311
Merge remote-tracking branch 'origin/trunk' into sao-merge-renames
XavierChanth Jan 9, 2024
68ba586
Merge pull request #669 from atsign-foundation/sao-merge-renames
gkc Jan 9, 2024
4e058e1
Merge remote-tracking branch 'origin/socket-authenticator-option' int…
gkc Jan 9, 2024
f956759
Merge remote-tracking branch 'origin/trunk' into socket-authenticator…
gkc Jan 14, 2024
1f3de79
feat: incorporated latest socket_connector changes
gkc Jan 14, 2024
38deebc
style: ran dart format
gkc Jan 14, 2024
249b537
Merge remote-tracking branch 'origin/trunk' into socket-authenticator…
gkc Jan 18, 2024
ea61d76
fix: handle empty string for tunnelUserName parameter as if it had be…
gkc Jan 18, 2024
281fd22
feat: performance improvements
gkc Jan 18, 2024
70d6664
style: ran dart format
gkc Jan 18, 2024
91c601e
chore: tidy up logging
gkc Jan 18, 2024
bd17255
chore: adjusted SshrvdUtil test following refactoring of static metho…
gkc Jan 18, 2024
4dc4ab3
feat: default new flags authenticateClientToRvd, authenticateDeviceTo…
gkc Jan 18, 2024
122fec3
feat: compatibility with old sshrvd versions
gkc Jan 18, 2024
e43804e
chore: fix pubspec.lock for melos build in github actions
gkc Jan 18, 2024
78b3e63
chore: trying to find what the problem is with e2e local-local failin…
gkc Jan 18, 2024
3da8f27
fix: make new sshrvdChannel handle responses from older versions of s…
gkc Jan 18, 2024
47429c8
style: ran dart format
gkc Jan 18, 2024
a2e5b44
feat: address review comments
gkc Jan 18, 2024
1f8052c
Merge remote-tracking branch 'origin/trunk' into socket-authenticator…
gkc Jan 20, 2024
33b113b
chore: rename sshrv(d) to srv(d) in file names
XavierChanth Jan 22, 2024
df981d3
refactor: make srv look for old and new binary name on the path
XavierChanth Jan 22, 2024
74fbd64
chore: rename Sshrv and SshrvImpls
XavierChanth Jan 22, 2024
5580cb8
fix: bug prone string matching
XavierChanth Jan 22, 2024
8475b4a
chore: rename the rest of sshrv(d) to srv(d)
XavierChanth Jan 22, 2024
65bca5f
chore: rename the remaining files from sshrv(d) to srv(d)
XavierChanth Jan 22, 2024
796b59f
chore: rename remaining sshrv files
XavierChanth Jan 22, 2024
File filter

Filter by extension

Filter by extension


Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
8 changes: 4 additions & 4 deletions .github/composite/setup_entrypoints/action.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -15,8 +15,8 @@ inputs:
sshnpd_atsign:
description: sshnpd atsign
required: true
sshrvd_atsign:
description: sshrvd atsign
srvd_atsign:
description: srvd atsign
required: true
devicename:
description: Unique sshnp devicename
Expand Down Expand Up @@ -52,7 +52,7 @@ runs:
esac
;;
esac
./setup-sshnp-entrypoint.sh ${{ inputs.devicename }} ${{ inputs.sshnp_atsign }} ${{ inputs.sshnpd_atsign }} ${{ inputs.sshrvd_atsign }} "$entrypoint_filename" "$args ${{ inputs.args }}"
./setup-sshnp-entrypoint.sh ${{ inputs.devicename }} ${{ inputs.sshnp_atsign }} ${{ inputs.sshnpd_atsign }} ${{ inputs.srvd_atsign }} "$entrypoint_filename" "$args ${{ inputs.args }}"

- name: Setup NPD entrypoint
shell: bash
Expand All @@ -73,4 +73,4 @@ runs:
shell: bash
working-directory: tests/end2end_tests/contexts/_init_
run: |
./setup-sshrvd-entrypoint.sh ${{ inputs.sshrvd_atsign }} "sshrvd_entrypoint.sh"
./setup-srvd-entrypoint.sh ${{ inputs.srvd_atsign }} "srvd_entrypoint.sh"
10 changes: 5 additions & 5 deletions .github/workflows/end2end_tests.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -16,7 +16,7 @@ on:
env:
SSHNP_ATSIGN: "@8incanteater"
SSHNPD_ATSIGN: "@8052simple"
SSHRVD_ATSIGN: "@8485wealthy51"
SRVD_ATSIGN: "@8485wealthy51"

PROD_AM_RVD_ATSIGN: "@rv_am"
PROD_AP_RVD_ATSIGN: "@rv_ap"
Expand Down Expand Up @@ -87,15 +87,15 @@ jobs:
sshnp_atsign: ${{ env.SSHNP_ATSIGN }}
sshnpd: ${{ matrix.npd }}
sshnpd_atsign: ${{ env.SSHNPD_ATSIGN }}
sshrvd_atsign: ${{ env[env.PROD_RVD_ATSIGN] }}
srvd_atsign: ${{ env[env.PROD_RVD_ATSIGN] }}
devicename: ${{ env.DEVICENAME }}

- name: Ensure entrypoints exist
working-directory: tests/end2end_tests/contexts
run: |
cat sshnp/entrypoint.sh
cat sshnpd/entrypoint.sh
cat sshrvd/entrypoint.sh
cat srvd/entrypoint.sh

- name: Create docker-compose.yaml
working-directory: tests/end2end_tests/tests
Expand Down Expand Up @@ -247,7 +247,7 @@ jobs:
sshnp_atsign: ${{ env.SSHNP_ATSIGN }}
sshnpd: ${{ matrix.npd }}
sshnpd_atsign: ${{ env.SSHNPD_ATSIGN }}
sshrvd_atsign: ${{ env[env.PROD_RVD_ATSIGN] }}
srvd_atsign: ${{ env[env.PROD_RVD_ATSIGN] }}
devicename: ${{ env.DEVICENAME }}
args: "-P 55"

Expand All @@ -256,7 +256,7 @@ jobs:
run: |
cat sshnp/entrypoint.sh
cat sshnpd/entrypoint.sh
cat sshrvd/entrypoint.sh
cat srvd/entrypoint.sh

- name: Create docker-compose.yaml
working-directory: tests/end2end_tests/tests
Expand Down
6 changes: 3 additions & 3 deletions .github/workflows/multibuild.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -55,11 +55,11 @@ jobs:
- if: ${{ matrix.os != 'windows-latest' }}
run: dart compile exe bin/sshnpd.dart -v -o sshnp/sshnpd${{ matrix.ext }}
- if: ${{ matrix.os != 'windows-latest' }}
run: dart compile exe bin/sshrv.dart -v -o sshnp/sshrv${{ matrix.ext }}
run: dart compile exe bin/srv.dart -v -o sshnp/srv${{ matrix.ext }}
- if: ${{ matrix.os != 'windows-latest' }}
run: dart compile exe bin/sshrvd.dart -v -o sshnp/sshrvd${{ matrix.ext }}
run: dart compile exe bin/srvd.dart -v -o sshnp/srvd${{ matrix.ext }}
- if: ${{ matrix.os != 'windows-latest' }}
run: dart compile exe bin/sshrvd.dart -D ENABLE_SNOOP=true -v -o sshnp/debug/sshrvd${{ matrix.ext }}
run: dart compile exe bin/srvd.dart -D ENABLE_SNOOP=true -v -o sshnp/debug/srvd${{ matrix.ext }}
- run: cp -r bundles/core/* sshnp/
- run: cp -r bundles/${{ matrix.bundle }}/* sshnp/
- run: cp LICENSE sshnp
Expand Down
44 changes: 22 additions & 22 deletions .github/workflows/prod_tests.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -14,10 +14,10 @@ permissions:
env:
SSHNP_ATSIGN: "@8incanteater"
SSHNPD_ATSIGN: "@8052simple"
SSHRVD_ATSIGN: "@8485wealthy51"
SSHRVD_AM_ATSIGN: "@rv_am"
SSHRVD_AP_ATSIGN: "@rv_ap"
SSHRVD_EU_ATSIGN: "@rv_eu"
SRVD_ATSIGN: "@8485wealthy51"
SRVD_AM_ATSIGN: "@rv_am"
SRVD_AP_ATSIGN: "@rv_ap"
SRVD_EU_ATSIGN: "@rv_eu"
DOCKER_COMPOSE_BUILD_CMD: "docker compose build"
DOCKER_COMPOSE_UP_CMD: "docker compose up --abort-on-container-exit"

Expand All @@ -28,10 +28,10 @@ jobs:
fail-fast: false # if one job fails, do not fail the others
matrix:
rvd:
# - ${{ env.SSHRVD_ATSIGN }}
# - ${{ env.SSHRVD_AM_ATSIGN }}
# - ${{ env.SSHRVD_AP_ATSIGN }}
# - ${{ env.SSHRVD_EU_ATSIGN }}
# - ${{ env.SRVD_ATSIGN }}
# - ${{ env.SRVD_AM_ATSIGN }}
# - ${{ env.SRVD_AP_ATSIGN }}
# - ${{ env.SRVD_EU_ATSIGN }}
- "@8485wealthy51"
- "@rv_am"
- "@rv_ap"
Expand All @@ -52,8 +52,8 @@ jobs:
SSHNPD_ATKEYS="$(tr '[:lower:]' '[:upper:]' <<< '${{ env.SSHNPD_ATSIGN }}')"
echo "SSHNPD_ATKEYS=ATKEYS_${SSHNPD_ATKEYS:1}" >> $GITHUB_ENV

SSHRVD_ATKEYS="$(tr '[:lower:]' '[:upper:]' <<< '${{ env.SSHRVD_ATSIGN }}')"
echo "SSHRVD_ATKEYS=ATKEYS_${SSHRVD_ATKEYS:1}" >> $GITHUB_ENV
SRVD_ATKEYS="$(tr '[:lower:]' '[:upper:]' <<< '${{ env.SRVD_ATSIGN }}')"
echo "SRVD_ATKEYS=ATKEYS_${SRVD_ATKEYS:1}" >> $GITHUB_ENV

- name: Setup NP/NPD keys
working-directory: tests/end2end_tests/contexts
Expand Down Expand Up @@ -84,18 +84,18 @@ jobs:
sshnpd_entrypoint.sh

- name: Set up RVD keys and entrypoint
if: matrix.rvd == env.SSHRVD_ATSIGN
if: matrix.rvd == env.SRVD_ATSIGN
working-directory: tests/end2end_tests
run: |
# setup keys
echo "${{ secrets[env.SSHRVD_ATKEYS] }}" > contexts/sshrvd/.atsign/keys/${{ env.SSHRVD_ATSIGN }}_key.atKeys
echo "${{ secrets[env.SRVD_ATKEYS] }}" > contexts/srvd/.atsign/keys/${{ env.SRVD_ATSIGN }}_key.atKeys

# set up sshrvd entrypoint
# set up srvd entrypoint
cd contexts/_init_
./setup-sshrvd-entrypoint.sh \
./setup-srvd-entrypoint.sh \
${{ matrix.rvd }} \
sshrvd_entrypoint.sh
cd ../sshrvd
srvd_entrypoint.sh
cd ../srvd
cat entrypoint.sh

- name: Ensure entrypoints exist
Expand All @@ -118,25 +118,25 @@ jobs:
echo " condition: service_started" >> docker-compose.yaml
echo " container-sshnpd:" >> docker-compose.yaml
echo " condition: service_healthy" >> docker-compose.yaml
if [ "${{ matrix.rvd }}" == "${{ env.SSHRVD_ATSIGN }}" ]; then
echo " container-sshrvd:" >> docker-compose.yaml
if [ "${{ matrix.rvd }}" == "${{ env.SRVD_ATSIGN }}" ]; then
echo " container-srvd:" >> docker-compose.yaml
echo " condition: service_healthy" >> docker-compose.yaml
fi
cat service-container-sshnpd.yaml >> docker-compose.yaml
echo " image: atsigncompany/sshnp-e2e-runtime:latest" >> docker-compose.yaml
echo " depends_on:" >> docker-compose.yaml
echo " image-runtime-release:" >> docker-compose.yaml
echo " condition: service_started" >> docker-compose.yaml
if [ "${{ matrix.rvd }}" == "${{ env.SSHRVD_ATSIGN }}" ]; then
echo " container-sshrvd:" >> docker-compose.yaml
if [ "${{ matrix.rvd }}" == "${{ env.SRVD_ATSIGN }}" ]; then
echo " container-srvd:" >> docker-compose.yaml
echo " condition: service_healthy" >> docker-compose.yaml
fi

- name: Add RVD service to docker-compose.yaml
if: matrix.rvd == env.SSHRVD_ATSIGN
if: matrix.rvd == env.SRVD_ATSIGN
working-directory: tests/end2end_tests/tests
run: |
cat service-container-sshrvd.yaml >> docker-compose.yaml
cat service-container-srvd.yaml >> docker-compose.yaml
echo " image: atsigncompany/sshnp-e2e-runtime:latest" >> docker-compose.yaml
echo " depends_on:" >> docker-compose.yaml
echo " image-runtime-release:" >> docker-compose.yaml
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -252,7 +252,7 @@ def download_package_source(self, source: PackageSource) -> str:
f"dart compile exe {target_path}/bin/sshnpd.dart -o {target_path}/sshnpd"
)
self.client.run_command(
f"dart compile exe {target_path}/bin/sshrv.dart -o {target_path}/sshrv"
f"dart compile exe {target_path}/bin/srv.dart -o {target_path}/srv"
)
self.client.run_command(
f"dart compile exe {target_path}/bin/activate_cli.dart -o {target_path}/at_activate"
Expand Down Expand Up @@ -280,7 +280,7 @@ def setup_main_binaries(self, source: str) -> None:
if not self.is_connected():
raise Exception("SSHNPClient not connected to device")

binaries = "{" + ",".join(["sshnpd", "sshrv", "at_activate"]) + "}"
binaries = "{" + ",".join(["sshnpd", "srv", "at_activate"]) + "}"
self.client.exec_command(f"cp -f {source}/{binaries} ~/.local/bin/")

def update_sshnpd(self, source: PackageSource) -> None:
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -129,7 +129,8 @@ class LocalSshKeyUtil implements AtSshKeyUtil {
}) async {
// Check to see if the ssh public key is
// supported keys by the dartssh2 package
if (!sshPublicKey.startsWith(RegExp(r'^(ecdsa-sha2-nistp)|(rsa-sha2-)|(ssh-rsa)|(ssh-ed25519)|(ecdsa-sha2-nistp)'))) {
if (!sshPublicKey.startsWith(RegExp(
r'^(ecdsa-sha2-nistp)|(rsa-sha2-)|(ssh-rsa)|(ssh-ed25519)|(ecdsa-sha2-nistp)'))) {
throw ('$sshPublicKey does not look like a public key');
}

Expand Down
8 changes: 6 additions & 2 deletions packages/dart/noports_core/lib/src/common/default_args.dart
Original file line number Diff line number Diff line change
@@ -1,14 +1,14 @@
import 'package:noports_core/src/common/io_types.dart';
import 'package:noports_core/src/common/types.dart';
import 'package:noports_core/sshrv.dart';
import 'package:noports_core/srv.dart';

class DefaultArgs {
static const String namespace = 'sshnp';
static const SupportedSshAlgorithm sshAlgorithm =
SupportedSshAlgorithm.ed25519;
static const bool verbose = false;
static const String rootDomain = 'root.atsign.org';
static const SshrvGenerator sshrvGenerator = Sshrv.exec;
static const SrvGenerator srvGenerator = Srv.exec;
static const int localSshdPort = 22;
static const int remoteSshdPort = 22;

Expand All @@ -18,6 +18,10 @@ class DefaultArgs {
static const bool addForwardsToTunnel = false;
static final bool allowLocalFileSystem =
Platform.isLinux || Platform.isMacOS || Platform.isWindows;
static const bool authenticateClientToRvd = false;
static const bool authenticateDeviceToRvd = false;
static const bool encryptRvdTraffic = false;
static const bool discoverDaemonFeatures = false;
}

class DefaultSshnpArgs {
Expand Down
12 changes: 12 additions & 0 deletions packages/dart/noports_core/lib/src/common/features.dart
Original file line number Diff line number Diff line change
@@ -0,0 +1,12 @@
/// Features which can be supported by the NoPorts Daemon
enum DaemonFeatures {
/// daemon will accept public keys sent by clients (i.e. daemon has been
/// started with the `--sshpublickey` or `-s` flag)
acceptsPublicKeys,

/// authenticate when connecting to the Socket Rendezvous (sr)
srAuth,

/// End-to-end encrypt traffic sent via the SocketRendezvous (sr)
srE2ee,
}
Original file line number Diff line number Diff line change
Expand Up @@ -3,19 +3,26 @@ import 'package:at_utils/at_utils.dart';

mixin AtClientBindings {
AtClient get atClient;

AtSignLogger get logger;

Future<void> notify(
AtKey atKey,
String value,
) async {
await atClient.notificationService
.notify(NotificationParams.forUpdate(atKey, value: value),
onSuccess: (NotificationResult notification) {
logger.info('SUCCESS:$notification with key: ${atKey.toString()}');
}, onError: (notification) {
logger.info('ERROR:$notification');
});
String value, {
required bool checkForFinalDeliveryStatus,
required bool waitForFinalDeliveryStatus,
}) async {
await atClient.notificationService.notify(
NotificationParams.forUpdate(atKey, value: value),
checkForFinalDeliveryStatus: checkForFinalDeliveryStatus,
waitForFinalDeliveryStatus: waitForFinalDeliveryStatus,
onSuccess: (NotificationResult notification) {
logger.info('SUCCESS:$notification with key: ${atKey.toString()}');
},
onError: (notification) {
logger.info('ERROR:$notification');
},
);
}

Stream<AtNotification> subscribe(
Expand Down
16 changes: 13 additions & 3 deletions packages/dart/noports_core/lib/src/common/types.dart
Original file line number Diff line number Diff line change
@@ -1,12 +1,21 @@
import 'package:noports_core/sshrv.dart';

typedef SshrvGenerator<T> = Sshrv<T> Function(String, int, {int localSshdPort});
import 'package:noports_core/srv.dart';

typedef SrvGenerator<T> = Srv<T> Function(
String,
int, {
required int localPort,
required bool bindLocalPort,
String? rvdAuthString,
String? sessionAESKeyString,
String? sessionIVString,
});

enum SupportedSshClient {
openssh(cliArg: 'openssh'),
dart(cliArg: 'dart');

final String _cliArg;

const SupportedSshClient({required String cliArg}) : _cliArg = cliArg;

factory SupportedSshClient.fromString(String cliArg) {
Expand All @@ -25,6 +34,7 @@ enum SupportedSshAlgorithm {
rsa(cliArg: 'ssh-rsa');

final String _cliArg;

const SupportedSshAlgorithm({required String cliArg}) : _cliArg = cliArg;

factory SupportedSshAlgorithm.fromString(String cliArg) {
Expand Down
Loading
Loading