tailscale/tempfork/sshtest/ssh/server_multi_auth_test.go

// Copyright 2024 The Go Authors. All rights reserved.
// Use of this source code is governed by a BSD-style
// license that can be found in the LICENSE file.

package ssh

import (
	"bytes"
	"errors"
	"fmt"
	"strings"
	"testing"
)

func doClientServerAuth(t *testing.T, serverConfig *ServerConfig, clientConfig *ClientConfig) ([]error, error) {
	c1, c2, err := netPipe()
	if err != nil {
		t.Fatalf("netPipe: %v", err)
	}
	defer c1.Close()
	defer c2.Close()

	var serverAuthErrors []error

	serverConfig.AddHostKey(testSigners["rsa"])
	serverConfig.AuthLogCallback = func(conn ConnMetadata, method string, err error) {
		serverAuthErrors = append(serverAuthErrors, err)
	}
	go newServer(c1, serverConfig)
	c, _, _, err := NewClientConn(c2, "", clientConfig)
	if err == nil {
		c.Close()
	}
	return serverAuthErrors, err
}

func TestMultiStepAuth(t *testing.T) {
	// This user can login with password, public key or public key + password.
	username := "testuser"
	// This user can login with public key + password only.
	usernameSecondFactor := "testuser_second_factor"
	errPwdAuthFailed := errors.New("password auth failed")
	errWrongSequence := errors.New("wrong sequence")

	serverConfig := &ServerConfig{
		PasswordCallback: func(conn ConnMetadata, password []byte) (*Permissions, error) {
			if conn.User() == usernameSecondFactor {
				return nil, errWrongSequence
			}
			if conn.User() == username && string(password) == clientPassword {
				return nil, nil
			}
			return nil, errPwdAuthFailed
		},
		PublicKeyCallback: func(conn ConnMetadata, key PublicKey) (*Permissions, error) {
			if bytes.Equal(key.Marshal(), testPublicKeys["rsa"].Marshal()) {
				if conn.User() == usernameSecondFactor {
					return nil, &PartialSuccessError{
						Next: ServerAuthCallbacks{
							PasswordCallback: func(conn ConnMetadata, password []byte) (*Permissions, error) {
								if string(password) == clientPassword {
									return nil, nil
								}
								return nil, errPwdAuthFailed
							},
						},
					}
				}
				return nil, nil
			}
			return nil, fmt.Errorf("pubkey for %q not acceptable", conn.User())
		},
	}

	clientConfig := &ClientConfig{
		User: usernameSecondFactor,
		Auth: []AuthMethod{
			PublicKeys(testSigners["rsa"]),
			Password(clientPassword),
		},
		HostKeyCallback: InsecureIgnoreHostKey(),
	}

	serverAuthErrors, err := doClientServerAuth(t, serverConfig, clientConfig)
	if err != nil {
		t.Fatalf("client login error: %s", err)
	}

	// The error sequence is:
	// - no auth passed yet
	// - partial success
	// - nil
	if len(serverAuthErrors) != 3 {
		t.Fatalf("unexpected number of server auth errors: %v, errors: %+v", len(serverAuthErrors), serverAuthErrors)
	}
	if _, ok := serverAuthErrors[1].(*PartialSuccessError); !ok {
		t.Fatalf("expected partial success error, got: %v", serverAuthErrors[1])
	}
	// Now test a wrong sequence.
	clientConfig.Auth = []AuthMethod{
		Password(clientPassword),
		PublicKeys(testSigners["rsa"]),
	}

	serverAuthErrors, err = doClientServerAuth(t, serverConfig, clientConfig)
	if err == nil {
		t.Fatal("client login with wrong sequence must fail")
	}
	// The error sequence is:
	// - no auth passed yet
	// - wrong sequence
	// - partial success
	if len(serverAuthErrors) != 3 {
		t.Fatalf("unexpected number of server auth errors: %v, errors: %+v", len(serverAuthErrors), serverAuthErrors)
	}
	if serverAuthErrors[1] != errWrongSequence {
		t.Fatal("server not returned wrong sequence")
	}
	if _, ok := serverAuthErrors[2].(*PartialSuccessError); !ok {
		t.Fatalf("expected partial success error, got: %v", serverAuthErrors[2])
	}
	// Now test using a correct sequence but a wrong password before the right
	// one.
	n := 0
	passwords := []string{"WRONG", "WRONG", clientPassword}
	clientConfig.Auth = []AuthMethod{
		PublicKeys(testSigners["rsa"]),
		RetryableAuthMethod(PasswordCallback(func() (string, error) {
			p := passwords[n]
			n++
			return p, nil
		}), 3),
	}

	serverAuthErrors, err = doClientServerAuth(t, serverConfig, clientConfig)
	if err != nil {
		t.Fatalf("client login error: %s", err)
	}
	// The error sequence is:
	// - no auth passed yet
	// - partial success
	// - wrong password
	// - wrong password
	// - nil
	if len(serverAuthErrors) != 5 {
		t.Fatalf("unexpected number of server auth errors: %v, errors: %+v", len(serverAuthErrors), serverAuthErrors)
	}
	if _, ok := serverAuthErrors[1].(*PartialSuccessError); !ok {
		t.Fatal("server not returned partial success")
	}
	if serverAuthErrors[2] != errPwdAuthFailed {
		t.Fatal("server not returned password authentication failed")
	}
	if serverAuthErrors[3] != errPwdAuthFailed {
		t.Fatal("server not returned password authentication failed")
	}
	// Only password authentication should fail.
	clientConfig.Auth = []AuthMethod{
		Password(clientPassword),
	}

	serverAuthErrors, err = doClientServerAuth(t, serverConfig, clientConfig)
	if err == nil {
		t.Fatal("client login with password only must fail")
	}
	// The error sequence is:
	// - no auth passed yet
	// - wrong sequence
	if len(serverAuthErrors) != 2 {
		t.Fatalf("unexpected number of server auth errors: %v, errors: %+v", len(serverAuthErrors), serverAuthErrors)
	}
	if serverAuthErrors[1] != errWrongSequence {
		t.Fatal("server not returned wrong sequence")
	}

	// Only public key authentication should fail.
	clientConfig.Auth = []AuthMethod{
		PublicKeys(testSigners["rsa"]),
	}

	serverAuthErrors, err = doClientServerAuth(t, serverConfig, clientConfig)
	if err == nil {
		t.Fatal("client login with public key only must fail")
	}
	// The error sequence is:
	// - no auth passed yet
	// - partial success
	if len(serverAuthErrors) != 2 {
		t.Fatalf("unexpected number of server auth errors: %v, errors: %+v", len(serverAuthErrors), serverAuthErrors)
	}
	if _, ok := serverAuthErrors[1].(*PartialSuccessError); !ok {
		t.Fatal("server not returned partial success")
	}

	// Public key and wrong password.
	clientConfig.Auth = []AuthMethod{
		PublicKeys(testSigners["rsa"]),
		Password("WRONG"),
	}

	serverAuthErrors, err = doClientServerAuth(t, serverConfig, clientConfig)
	if err == nil {
		t.Fatal("client login with wrong password after public key must fail")
	}
	// The error sequence is:
	// - no auth passed yet
	// - partial success
	// - password auth failed
	if len(serverAuthErrors) != 3 {
		t.Fatalf("unexpected number of server auth errors: %v, errors: %+v", len(serverAuthErrors), serverAuthErrors)
	}
	if _, ok := serverAuthErrors[1].(*PartialSuccessError); !ok {
		t.Fatal("server not returned partial success")
	}
	if serverAuthErrors[2] != errPwdAuthFailed {
		t.Fatal("server not returned password authentication failed")
	}

	// Public key, public key again and then correct password. Public key
	// authentication is attempted only once because the partial success error
	// returns only "password" as the allowed authentication method.
	clientConfig.Auth = []AuthMethod{
		PublicKeys(testSigners["rsa"]),
		PublicKeys(testSigners["rsa"]),
		Password(clientPassword),
	}

	serverAuthErrors, err = doClientServerAuth(t, serverConfig, clientConfig)
	if err != nil {
		t.Fatalf("client login error: %s", err)
	}
	// The error sequence is:
	// - no auth passed yet
	// - partial success
	// - nil
	if len(serverAuthErrors) != 3 {
		t.Fatalf("unexpected number of server auth errors: %v, errors: %+v", len(serverAuthErrors), serverAuthErrors)
	}
	if _, ok := serverAuthErrors[1].(*PartialSuccessError); !ok {
		t.Fatal("server not returned partial success")
	}

	// The unrestricted username can do anything
	clientConfig = &ClientConfig{
		User: username,
		Auth: []AuthMethod{
			PublicKeys(testSigners["rsa"]),
			Password(clientPassword),
		},
		HostKeyCallback: InsecureIgnoreHostKey(),
	}

	_, err = doClientServerAuth(t, serverConfig, clientConfig)
	if err != nil {
		t.Fatalf("unrestricted client login error: %s", err)
	}

	clientConfig = &ClientConfig{
		User: username,
		Auth: []AuthMethod{
			PublicKeys(testSigners["rsa"]),
		},
		HostKeyCallback: InsecureIgnoreHostKey(),
	}

	_, err = doClientServerAuth(t, serverConfig, clientConfig)
	if err != nil {
		t.Fatalf("unrestricted client login error: %s", err)
	}

	clientConfig = &ClientConfig{
		User: username,
		Auth: []AuthMethod{
			Password(clientPassword),
		},
		HostKeyCallback: InsecureIgnoreHostKey(),
	}

	_, err = doClientServerAuth(t, serverConfig, clientConfig)
	if err != nil {
		t.Fatalf("unrestricted client login error: %s", err)
	}
}

func TestDynamicAuthCallbacks(t *testing.T) {
	user1 := "user1"
	user2 := "user2"
	errInvalidCredentials := errors.New("invalid credentials")

	serverConfig := &ServerConfig{
		NoClientAuth: true,
		NoClientAuthCallback: func(conn ConnMetadata) (*Permissions, error) {
			switch conn.User() {
			case user1:
				return nil, &PartialSuccessError{
					Next: ServerAuthCallbacks{
						PasswordCallback: func(conn ConnMetadata, password []byte) (*Permissions, error) {
							if conn.User() == user1 && string(password) == clientPassword {
								return nil, nil
							}
							return nil, errInvalidCredentials
						},
					},
				}
			case user2:
				return nil, &PartialSuccessError{
					Next: ServerAuthCallbacks{
						PublicKeyCallback: func(conn ConnMetadata, key PublicKey) (*Permissions, error) {
							if bytes.Equal(key.Marshal(), testPublicKeys["rsa"].Marshal()) {
								if conn.User() == user2 {
									return nil, nil
								}
							}
							return nil, errInvalidCredentials
						},
					},
				}
			default:
				return nil, errInvalidCredentials
			}
		},
	}

	clientConfig := &ClientConfig{
		User: user1,
		Auth: []AuthMethod{
			Password(clientPassword),
		},
		HostKeyCallback: InsecureIgnoreHostKey(),
	}

	serverAuthErrors, err := doClientServerAuth(t, serverConfig, clientConfig)
	if err != nil {
		t.Fatalf("client login error: %s", err)
	}
	// The error sequence is:
	// - partial success
	// - nil
	if len(serverAuthErrors) != 2 {
		t.Fatalf("unexpected number of server auth errors: %v, errors: %+v", len(serverAuthErrors), serverAuthErrors)
	}
	if _, ok := serverAuthErrors[0].(*PartialSuccessError); !ok {
		t.Fatal("server not returned partial success")
	}

	clientConfig = &ClientConfig{
		User: user2,
		Auth: []AuthMethod{
			PublicKeys(testSigners["rsa"]),
		},
		HostKeyCallback: InsecureIgnoreHostKey(),
	}

	serverAuthErrors, err = doClientServerAuth(t, serverConfig, clientConfig)
	if err != nil {
		t.Fatalf("client login error: %s", err)
	}
	// The error sequence is:
	// - partial success
	// - nil
	if len(serverAuthErrors) != 2 {
		t.Fatalf("unexpected number of server auth errors: %v, errors: %+v", len(serverAuthErrors), serverAuthErrors)
	}
	if _, ok := serverAuthErrors[0].(*PartialSuccessError); !ok {
		t.Fatal("server not returned partial success")
	}

	// user1 cannot login with public key
	clientConfig = &ClientConfig{
		User: user1,
		Auth: []AuthMethod{
			PublicKeys(testSigners["rsa"]),
		},
		HostKeyCallback: InsecureIgnoreHostKey(),
	}

	serverAuthErrors, err = doClientServerAuth(t, serverConfig, clientConfig)
	if err == nil {
		t.Fatal("user1 login with public key must fail")
	}
	if !strings.Contains(err.Error(), "no supported methods remain") {
		t.Errorf("got %v, expected 'no supported methods remain'", err)
	}
	if len(serverAuthErrors) != 1 {
		t.Fatalf("unexpected number of server auth errors: %v, errors: %+v", len(serverAuthErrors), serverAuthErrors)
	}
	if _, ok := serverAuthErrors[0].(*PartialSuccessError); !ok {
		t.Fatal("server not returned partial success")
	}
	// user2 cannot login with password
	clientConfig = &ClientConfig{
		User: user2,
		Auth: []AuthMethod{
			Password(clientPassword),
		},
		HostKeyCallback: InsecureIgnoreHostKey(),
	}

	serverAuthErrors, err = doClientServerAuth(t, serverConfig, clientConfig)
	if err == nil {
		t.Fatal("user2 login with password must fail")
	}
	if !strings.Contains(err.Error(), "no supported methods remain") {
		t.Errorf("got %v, expected 'no supported methods remain'", err)
	}
	if len(serverAuthErrors) != 1 {
		t.Fatalf("unexpected number of server auth errors: %v, errors: %+v", len(serverAuthErrors), serverAuthErrors)
	}
	if _, ok := serverAuthErrors[0].(*PartialSuccessError); !ok {
		t.Fatal("server not returned partial success")
	}
}