x/crypto/ssh: bail early if a server has no auth methods configured.
Change-Id: I58fdfbe00fcc4ca09da9699edcc181cc512feef7
Reviewed-on: https://go-review.googlesource.com/9807
Reviewed-by: JP Sugarbroad <jpsugar@google.com>
Reviewed-by: Adam Langley <agl@golang.org>
diff --git a/ssh/session_test.go b/ssh/session_test.go
index 88e66bf..7ce44f5 100644
--- a/ssh/session_test.go
+++ b/ssh/session_test.go
@@ -9,9 +9,11 @@
import (
"bytes"
crypto_rand "crypto/rand"
+ "errors"
"io"
"io/ioutil"
"math/rand"
+ "net"
"testing"
"golang.org/x/crypto/ssh/terminal"
@@ -678,3 +680,41 @@
t.Errorf("client and server SessionID were empty.")
}
}
+
+type noReadConn struct {
+ readSeen bool
+ net.Conn
+}
+
+func (c *noReadConn) Close() error {
+ return nil
+}
+
+func (c *noReadConn) Read(b []byte) (int, error) {
+ c.readSeen = true
+ return 0, errors.New("noReadConn error")
+}
+
+func TestInvalidServerConfiguration(t *testing.T) {
+ c1, c2, err := netPipe()
+ if err != nil {
+ t.Fatalf("netPipe: %v", err)
+ }
+ defer c1.Close()
+ defer c2.Close()
+
+ serveConn := noReadConn{Conn: c1}
+ serverConf := &ServerConfig{}
+
+ NewServerConn(&serveConn, serverConf)
+ if serveConn.readSeen {
+ t.Fatalf("NewServerConn attempted to Read() from Conn while configuration is missing host key")
+ }
+
+ serverConf.AddHostKey(testSigners["ecdsa"])
+
+ NewServerConn(&serveConn, serverConf)
+ if serveConn.readSeen {
+ t.Fatalf("NewServerConn attempted to Read() from Conn while configuration is missing authentication method")
+ }
+}
