From e14b301be3b5593a13e666885ca795e6bee54b5b Mon Sep 17 00:00:00 2001
From: Vipin Nair <swvist@gmail.com>
Date: Fri, 13 Nov 2015 18:51:03 +0530
Subject: Support SSH key callback module options

This patch allows extra callback options to be passed to the module
implementing the SSH callback module behaviour.

A module implementing the SSH key callback API is used to customize
the handling of public key. This patch allows extra callback options
to be passed to the module implementing the SSH callback module
behaviour.

The key_cb option has been changed:

  {key_cb, atom()} -> {key_cb, key_cb()}

  Where:
	key_cb() :: atom() | {atom(), list()}

The callback options, if specified, is made available to the callback
module via the options passed to it under the key 'key_cb_private'.

More details and some backgorund is available here[1].

[1]: http://erlang.org/pipermail/erlang-patches/2015-November/004800.html
---
 lib/ssh/test/Makefile               |  2 ++
 lib/ssh/test/ssh_basic_SUITE.erl    | 67 +++++++++++++++++++++++++++++++++++--
 lib/ssh/test/ssh_key_cb.erl         | 45 +++++++++++++++++++++++++
 lib/ssh/test/ssh_key_cb_options.erl | 44 ++++++++++++++++++++++++
 4 files changed, 156 insertions(+), 2 deletions(-)
 create mode 100644 lib/ssh/test/ssh_key_cb.erl
 create mode 100644 lib/ssh/test/ssh_key_cb_options.erl

(limited to 'lib/ssh/test')

diff --git a/lib/ssh/test/Makefile b/lib/ssh/test/Makefile
index 96c74c6c8a..781a876723 100644
--- a/lib/ssh/test/Makefile
+++ b/lib/ssh/test/Makefile
@@ -47,6 +47,8 @@ MODULES= \
 	ssh_to_openssh_SUITE \
 	ssh_upgrade_SUITE \
 	ssh_test_lib \
+	ssh_key_cb \
+	ssh_key_cb_options \
 	ssh_trpt_test_lib \
 	ssh_echo_server \
 	ssh_peername_sockname_server \
diff --git a/lib/ssh/test/ssh_basic_SUITE.erl b/lib/ssh/test/ssh_basic_SUITE.erl
index 0a5964c560..d4cb03f2f2 100644
--- a/lib/ssh/test/ssh_basic_SUITE.erl
+++ b/lib/ssh/test/ssh_basic_SUITE.erl
@@ -54,8 +54,10 @@
 	 send/1,
 	 shell/1,
 	 shell_no_unicode/1,
-	 shell_unicode_string/1, 
-	 ssh_info_print/1
+	 shell_unicode_string/1,
+	 ssh_info_print/1,
+	 key_callback/1,
+	 key_callback_options/1
 	]).
 
 %%% Common test callbacks
@@ -84,6 +86,7 @@ all() ->
      {group, ecdsa_sha2_nistp521_key},
      {group, dsa_pass_key},
      {group, rsa_pass_key},
+     {group, key_cb},
      {group, internal_error},
      daemon_already_started,
      double_close,
@@ -101,6 +104,7 @@ groups() ->
      {ecdsa_sha2_nistp521_key, [], basic_tests()},
      {dsa_pass_key, [], [pass_phrase]},
      {rsa_pass_key, [], [pass_phrase]},
+     {key_cb, [], [key_callback, key_callback_options]},
      {internal_error, [], [internal_error]}
     ].
 
@@ -180,6 +184,11 @@ init_per_group(dsa_pass_key, Config) ->
     PrivDir = ?config(priv_dir, Config),
     ssh_test_lib:setup_dsa_pass_pharse(DataDir, PrivDir, "Password"),
     [{pass_phrase, {dsa_pass_phrase, "Password"}}| Config];
+init_per_group(key_cb, Config) ->
+    DataDir = ?config(data_dir, Config),
+    PrivDir = ?config(priv_dir, Config),
+    ssh_test_lib:setup_dsa(DataDir, PrivDir),
+    Config;
 init_per_group(internal_error, Config) ->
     DataDir = ?config(data_dir, Config),
     PrivDir = ?config(priv_dir, Config),
@@ -247,6 +256,10 @@ end_per_group(rsa_pass_key, Config) ->
     PrivDir = ?config(priv_dir, Config),
     ssh_test_lib:clean_rsa(PrivDir),
     Config;
+end_per_group(key_cb, Config) ->
+    PrivDir = ?config(priv_dir, Config),
+    ssh_test_lib:clean_dsa(PrivDir),
+    Config;
 end_per_group(internal_error, Config) ->
     PrivDir = ?config(priv_dir, Config),
     ssh_test_lib:clean_dsa(PrivDir),
@@ -575,6 +588,56 @@ pass_phrase(Config) when is_list(Config) ->
     {ok, _ChannelId} = ssh_connection:session_channel(ConnectionRef, infinity),
     ssh:stop_daemon(Pid).
 
+%%--------------------------------------------------------------------
+%%% Test that we can use key callback
+key_callback(Config) when is_list(Config) ->
+    process_flag(trap_exit, true),
+    SystemDir = filename:join(?config(priv_dir, Config), system),
+    UserDir = ?config(priv_dir, Config),
+    NoPubKeyDir = filename:join(UserDir, "nopubkey"),
+    file:make_dir(NoPubKeyDir),
+
+    {Pid, Host, Port} = ssh_test_lib:daemon([{system_dir, SystemDir},
+					     {user_dir, UserDir},
+					     {failfun, fun ssh_test_lib:failfun/2}]),
+
+    ConnectOpts = [{silently_accept_hosts, true},
+                   {user_dir, NoPubKeyDir},
+                   {user_interaction, false},
+                   {key_cb, ssh_key_cb}],
+
+    ConnectionRef = ssh_test_lib:connect(Host, Port, ConnectOpts),
+
+    {ok, _ChannelId} = ssh_connection:session_channel(ConnectionRef, infinity),
+    ssh:stop_daemon(Pid).
+
+
+%%--------------------------------------------------------------------
+%%% Test that we can use key callback with callback options
+key_callback_options(Config) when is_list(Config) ->
+    process_flag(trap_exit, true),
+    SystemDir = filename:join(?config(priv_dir, Config), system),
+    UserDir = ?config(priv_dir, Config),
+
+    NoPubKeyDir = filename:join(UserDir, "nopubkey"),
+    file:make_dir(NoPubKeyDir),
+
+    {Pid, Host, Port} = ssh_test_lib:daemon([{system_dir, SystemDir},
+                                             {user_dir, UserDir},
+                                             {failfun, fun ssh_test_lib:failfun/2}]),
+
+    {ok, PrivKey} = file:read_file(filename:join(UserDir, "id_dsa")),
+
+    ConnectOpts = [{silently_accept_hosts, true},
+                   {user_dir, NoPubKeyDir},
+                   {user_interaction, false},
+                   {key_cb, {ssh_key_cb_options, [{priv_key, PrivKey}]}}],
+
+    ConnectionRef = ssh_test_lib:connect(Host, Port, ConnectOpts),
+
+    {ok, _ChannelId} = ssh_connection:session_channel(ConnectionRef, infinity),
+    ssh:stop_daemon(Pid).
+
 
 %%--------------------------------------------------------------------
 %%% Test that client does not hang if disconnects due to internal error
diff --git a/lib/ssh/test/ssh_key_cb.erl b/lib/ssh/test/ssh_key_cb.erl
new file mode 100644
index 0000000000..388ec2ecc1
--- /dev/null
+++ b/lib/ssh/test/ssh_key_cb.erl
@@ -0,0 +1,45 @@
+%%
+%% %CopyrightBegin%
+%%
+%% Copyright Ericsson AB 2015. All Rights Reserved.
+%%
+%% Licensed under the Apache License, Version 2.0 (the "License");
+%% you may not use this file except in compliance with the License.
+%% You may obtain a copy of the License at
+%%
+%%     http://www.apache.org/licenses/LICENSE-2.0
+%%
+%% Unless required by applicable law or agreed to in writing, software
+%% distributed under the License is distributed on an "AS IS" BASIS,
+%% WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+%% See the License for the specific language governing permissions and
+%% limitations under the License.
+%%
+%% %CopyrightEnd%
+%%
+
+%%
+%%----------------------------------------------------------------------
+
+%% Note: This module is used by ssh_basic_SUITE
+
+-module(ssh_key_cb).
+-behaviour(ssh_client_key_api).
+-compile(export_all).
+
+add_host_key(_, _, _) ->
+    ok.
+
+is_host_key(_, _, _, _) ->
+    true.
+
+user_key('ssh-dss', Opts) ->
+    UserDir = proplists:get_value(user_dir, Opts),
+    KeyFile = filename:join(filename:dirname(UserDir), "id_dsa"),
+    {ok, KeyBin} = file:read_file(KeyFile),
+    [Entry] = public_key:pem_decode(KeyBin),
+    Key = public_key:pem_entry_decode(Entry),
+    {ok, Key};
+
+user_key(_Alg, _Opt) ->
+    {error, "Not Supported"}.
diff --git a/lib/ssh/test/ssh_key_cb_options.erl b/lib/ssh/test/ssh_key_cb_options.erl
new file mode 100644
index 0000000000..afccb34f0f
--- /dev/null
+++ b/lib/ssh/test/ssh_key_cb_options.erl
@@ -0,0 +1,44 @@
+%%
+%% %CopyrightBegin%
+%%
+%% Copyright Ericsson AB 2015. All Rights Reserved.
+%%
+%% Licensed under the Apache License, Version 2.0 (the "License");
+%% you may not use this file except in compliance with the License.
+%% You may obtain a copy of the License at
+%%
+%%     http://www.apache.org/licenses/LICENSE-2.0
+%%
+%% Unless required by applicable law or agreed to in writing, software
+%% distributed under the License is distributed on an "AS IS" BASIS,
+%% WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+%% See the License for the specific language governing permissions and
+%% limitations under the License.
+%%
+%% %CopyrightEnd%
+%%
+
+%%
+%%----------------------------------------------------------------------
+
+%% Note: This module is used by ssh_basic_SUITE
+
+-module(ssh_key_cb_options).
+-behaviour(ssh_client_key_api).
+-compile(export_all).
+
+add_host_key(_, _, _) ->
+    ok.
+
+is_host_key(_, _, _, _) ->
+    true.
+
+user_key('ssh-dss', Opts) ->
+    KeyCbOpts = proplists:get_value(key_cb_private, Opts),
+    KeyBin = proplists:get_value(priv_key, KeyCbOpts),
+    [Entry] = public_key:pem_decode(KeyBin),
+    Key = public_key:pem_entry_decode(Entry),
+    {ok, Key};
+
+user_key(_Alg, _Opt) ->
+    {error, "Not Supported"}.
-- 
cgit v1.2.3