Merge branch '2.0' of github.com:paramiko/paramiko into 2.0

author: Jeff Forcier <jeff@bitprophet.org> 2017-09-18 12:05:57 -0700
committer: Jeff Forcier <jeff@bitprophet.org> 2017-09-18 12:05:57 -0700
commit: d20f8b9820294006ee078944ca9eb01a41b65dd8 (patch)
tree: 2f6b3ac3d6529c8ac2b4704f318d0b1820a09928 /tests/test_client.py
parent: 20b69e7735e8c7e8bf63ee4df2c6a6b34743e646 (diff)
parent: 89a9b583e46f634792d814c5cff8e0cecdb5fa50 (diff)
1 files changed, 62 insertions, 1 deletions
diff --git a/tests/test_client.py b/tests/test_client.py
index f2f2ea45..9da6eaca 100644
--- a/tests/test_client.py
+++ b/tests/test_client.py
@@ -35,7 +35,7 @@ import time
 from tests.util import test_path
 
 import paramiko
-from paramiko.common import PY2
+from paramiko.py3compat import PY2, b
 from paramiko.ssh_exception import SSHException
 
 
@@ -141,6 +141,7 @@ class SSHClientTest (unittest.TestCase):
         self.assertTrue(self.ts.is_active())
         self.assertEqual('slowdive', self.ts.get_username())
         self.assertEqual(True, self.ts.is_authenticated())
+        self.assertEqual(False, self.tc.get_transport().gss_kex_used)
 
         # Command execution functions?
         stdin, stdout, stderr = self.tc.exec_command('yes')
@@ -366,3 +367,63 @@ class SSHClientTest (unittest.TestCase):
             password='pygmalion',
         )
         self._test_connection(**kwargs)
+
+    def test_9_auth_trickledown_gsskex(self):
+        """
+        Failed gssapi-keyex auth doesn't prevent subsequent key auth from succeeding
+        """
+        if not paramiko.GSS_AUTH_AVAILABLE:
+            return  # for python 2.6 lacks skipTest
+        kwargs = dict(
+            gss_kex=True,
+            key_filename=[test_path('test_rsa.key')],
+        )
+        self._test_connection(**kwargs)
+
+    def test_10_auth_trickledown_gssauth(self):
+        """
+        Failed gssapi-with-mic auth doesn't prevent subsequent key auth from succeeding
+        """
+        if not paramiko.GSS_AUTH_AVAILABLE:
+            return  # for python 2.6 lacks skipTest
+        kwargs = dict(
+            gss_auth=True,
+            key_filename=[test_path('test_rsa.key')],
+        )
+        self._test_connection(**kwargs)
+
+    def test_11_reject_policy(self):
+        """
+        verify that SSHClient's RejectPolicy works.
+        """
+        threading.Thread(target=self._run).start()
+
+        self.tc = paramiko.SSHClient()
+        self.tc.set_missing_host_key_policy(paramiko.RejectPolicy())
+        self.assertEqual(0, len(self.tc.get_host_keys()))
+        self.assertRaises(
+            paramiko.SSHException,
+            self.tc.connect,
+            password='pygmalion', **self.connect_kwargs
+        )
+
+    def test_12_reject_policy_gsskex(self):
+        """
+        verify that SSHClient's RejectPolicy works,
+        even if gssapi-keyex was enabled but not used.
+        """
+        # Test for a bug present in paramiko versions released before 2017-08-01
+        if not paramiko.GSS_AUTH_AVAILABLE:
+            return  # for python 2.6 lacks skipTest
+        threading.Thread(target=self._run).start()
+
+        self.tc = paramiko.SSHClient()
+        self.tc.set_missing_host_key_policy(paramiko.RejectPolicy())
+        self.assertEqual(0, len(self.tc.get_host_keys()))
+        self.assertRaises(
+            paramiko.SSHException,
+            self.tc.connect,
+            password='pygmalion',
+            gss_kex=True,
+             **self.connect_kwargs
+        )
author	Jeff Forcier <jeff@bitprophet.org>	2017-09-18 12:05:57 -0700
committer	Jeff Forcier <jeff@bitprophet.org>	2017-09-18 12:05:57 -0700
commit	d20f8b9820294006ee078944ca9eb01a41b65dd8 (patch)
tree	2f6b3ac3d6529c8ac2b4704f318d0b1820a09928 /tests/test_client.py
parent	20b69e7735e8c7e8bf63ee4df2c6a6b34743e646 (diff)
parent	89a9b583e46f634792d814c5cff8e0cecdb5fa50 (diff)