Home Explore Help
Register Sign In
Apq
/
sftpgo
mirror of https://github.com/drakkan/sftpgo.git
1
0
Fork 0
Files Issues 0 Wiki
Tree: 1b1c740b29
Branches Tags
sftpgo
/
sftpd
/
sftpd_test.go

sftpd_test.go 127 KB
History Raw

12345678910111213141516171819202122232425262728293031323334353637383940414243444546474849505152535455565758596061626364656667686970717273747576777879808182838485868788899091929394959697989910010110210310410510610710810911011111211311411511611711811912012112212312412512612712812913013113213313413513613713813914014114214314414514614714814915015115215315415515615715815916016116216316416516616716816917017117217317417517617717817918018118218318418518618718818919019119219319419519619719819920020120220320420520620720820921021121221321421521621721821922022122222322422522622722822923023123223323423523623723823924024124224324424524624724824925025125225325425525625725825926026126226326426526626726826927027127227327427527627727827928028128228328428528628728828929029129229329429529629729829930030130230330430530630730830931031131231331431531631731831932032132232332432532632732832933033133233333433533633733833934034134234334434534634734834935035135235335435535635735835936036136236336436536636736836937037137237337437537637737837938038138238338438538638738838939039139239339439539639739839940040140240340440540640740840941041141241341441541641741841942042142242342442542642742842943043143243343443543643743843944044144244344444544644744844945045145245345445545645745845946046146246346446546646746846947047147247347447547647747847948048148248348448548648748848949049149249349449549649749849950050150250350450550650750850951051151251351451551651751851952052152252352452552652752852953053153253353453553653753853954054154254354454554654754854955055155255355455555655755855956056156256356456556656756856957057157257357457557657757857958058158258358458558658758858959059159259359459559659759859960060160260360460560660760860961061161261361461561661761861962062162262362462562662762862963063163263363463563663763863964064164264364464564664764864965065165265365465565665765865966066166266366466566666766866967067167267367467567667767867968068168268368468568668768868969069169269369469569669769869970070170270370470570670770870971071171271371471571671771871972072172272372472572672772872973073173273373473573673773873974074174274374474574674774874975075175275375475575675775875976076176276376476576676776876977077177277377477577677777877978078178278378478578678778878979079179279379479579679779879980080180280380480580680780880981081181281381481581681781881982082182282382482582682782882983083183283383483583683783883984084184284384484584684784884985085185285385485585685785885986086186286386486586686786886987087187287387487587687787887988088188288388488588688788888989089189289389489589689789889990090190290390490590690790890991091191291391491591691791891992092192292392492592692792892993093193293393493593693793893994094194294394494594694794894995095195295395495595695795895996096196296396496596696796896997097197297397497597697797897998098198298398498598698798898999099199299399499599699799899910001001100210031004100510061007100810091010101110121013101410151016101710181019102010211022102310241025102610271028102910301031103210331034103510361037103810391040104110421043104410451046104710481049105010511052105310541055105610571058105910601061106210631064106510661067106810691070107110721073107410751076107710781079108010811082108310841085108610871088108910901091109210931094109510961097109810991100110111021103110411051106110711081109111011111112111311141115111611171118111911201121112211231124112511261127112811291130113111321133113411351136113711381139114011411142114311441145114611471148114911501151115211531154115511561157115811591160116111621163116411651166116711681169117011711172117311741175117611771178117911801181118211831184118511861187118811891190119111921193119411951196119711981199120012011202120312041205120612071208120912101211121212131214121512161217121812191220122112221223122412251226122712281229123012311232123312341235123612371238123912401241124212431244124512461247124812491250125112521253125412551256125712581259126012611262126312641265126612671268126912701271127212731274127512761277127812791280128112821283128412851286128712881289129012911292129312941295129612971298129913001301130213031304130513061307130813091310131113121313131413151316131713181319132013211322132313241325132613271328132913301331133213331334133513361337133813391340134113421343134413451346134713481349135013511352135313541355135613571358135913601361136213631364136513661367136813691370137113721373137413751376137713781379138013811382138313841385138613871388138913901391139213931394139513961397139813991400140114021403140414051406140714081409141014111412141314141415141614171418141914201421142214231424142514261427142814291430143114321433143414351436143714381439144014411442144314441445144614471448144914501451145214531454145514561457145814591460146114621463146414651466146714681469147014711472147314741475147614771478147914801481148214831484148514861487148814891490149114921493149414951496149714981499150015011502150315041505150615071508150915101511151215131514151515161517151815191520152115221523152415251526152715281529153015311532153315341535153615371538153915401541154215431544154515461547154815491550155115521553155415551556155715581559156015611562156315641565156615671568156915701571157215731574157515761577157815791580158115821583158415851586158715881589159015911592159315941595159615971598159916001601160216031604160516061607160816091610161116121613161416151616161716181619162016211622162316241625162616271628162916301631163216331634163516361637163816391640164116421643164416451646164716481649165016511652165316541655165616571658165916601661166216631664166516661667166816691670167116721673167416751676167716781679168016811682168316841685168616871688168916901691169216931694169516961697169816991700170117021703170417051706170717081709171017111712171317141715171617171718171917201721172217231724172517261727172817291730173117321733173417351736173717381739174017411742174317441745174617471748174917501751175217531754175517561757175817591760176117621763176417651766176717681769177017711772177317741775177617771778177917801781178217831784178517861787178817891790179117921793179417951796179717981799180018011802180318041805180618071808180918101811181218131814181518161817181818191820182118221823182418251826182718281829183018311832183318341835183618371838183918401841184218431844184518461847184818491850185118521853185418551856185718581859186018611862186318641865186618671868186918701871187218731874187518761877187818791880188118821883188418851886188718881889189018911892189318941895189618971898189919001901190219031904190519061907190819091910191119121913191419151916191719181919192019211922192319241925192619271928192919301931193219331934193519361937193819391940194119421943194419451946194719481949195019511952195319541955195619571958195919601961196219631964196519661967196819691970197119721973197419751976197719781979198019811982198319841985198619871988198919901991199219931994199519961997199819992000200120022003200420052006200720082009201020112012201320142015201620172018201920202021202220232024202520262027202820292030203120322033203420352036203720382039204020412042204320442045204620472048204920502051205220532054205520562057205820592060206120622063206420652066206720682069207020712072207320742075207620772078207920802081208220832084208520862087208820892090209120922093209420952096209720982099210021012102210321042105210621072108210921102111211221132114211521162117211821192120212121222123212421252126212721282129213021312132213321342135213621372138213921402141214221432144214521462147214821492150215121522153215421552156215721582159216021612162216321642165216621672168216921702171217221732174217521762177217821792180218121822183218421852186218721882189219021912192219321942195219621972198219922002201220222032204220522062207220822092210221122122213221422152216221722182219222022212222222322242225222622272228222922302231223222332234223522362237223822392240224122422243224422452246224722482249225022512252225322542255225622572258225922602261226222632264226522662267226822692270227122722273227422752276227722782279228022812282228322842285228622872288228922902291229222932294229522962297229822992300230123022303230423052306230723082309231023112312231323142315231623172318231923202321232223232324232523262327232823292330233123322333233423352336233723382339234023412342234323442345234623472348234923502351235223532354235523562357235823592360236123622363236423652366236723682369237023712372237323742375237623772378237923802381238223832384238523862387238823892390239123922393239423952396239723982399240024012402240324042405240624072408240924102411241224132414241524162417241824192420242124222423242424252426242724282429243024312432243324342435243624372438243924402441244224432444244524462447244824492450245124522453245424552456245724582459246024612462246324642465246624672468246924702471247224732474247524762477247824792480248124822483248424852486248724882489249024912492249324942495249624972498249925002501250225032504250525062507250825092510251125122513251425152516251725182519252025212522252325242525252625272528252925302531253225332534253525362537253825392540254125422543254425452546254725482549255025512552255325542555255625572558255925602561256225632564256525662567256825692570257125722573257425752576257725782579258025812582258325842585258625872588258925902591259225932594259525962597259825992600260126022603260426052606260726082609261026112612261326142615261626172618261926202621262226232624262526262627262826292630263126322633263426352636263726382639264026412642264326442645264626472648264926502651265226532654265526562657265826592660266126622663266426652666266726682669267026712672267326742675267626772678267926802681268226832684268526862687268826892690269126922693269426952696269726982699270027012702270327042705270627072708270927102711271227132714271527162717271827192720272127222723272427252726272727282729273027312732273327342735273627372738273927402741274227432744274527462747274827492750275127522753275427552756275727582759276027612762276327642765276627672768276927702771277227732774277527762777277827792780278127822783278427852786278727882789279027912792279327942795279627972798279928002801280228032804280528062807280828092810281128122813281428152816281728182819282028212822282328242825282628272828282928302831283228332834283528362837283828392840284128422843284428452846284728482849285028512852285328542855285628572858285928602861286228632864286528662867286828692870287128722873287428752876287728782879288028812882288328842885288628872888288928902891289228932894289528962897289828992900290129022903290429052906290729082909291029112912291329142915291629172918291929202921292229232924292529262927292829292930293129322933293429352936293729382939294029412942294329442945294629472948294929502951295229532954295529562957295829592960296129622963296429652966296729682969297029712972297329742975297629772978297929802981298229832984298529862987298829892990299129922993299429952996299729982999300030013002300330043005300630073008300930103011301230133014301530163017301830193020302130223023302430253026302730283029303030313032303330343035303630373038303930403041304230433044304530463047304830493050305130523053305430553056305730583059306030613062306330643065306630673068306930703071307230733074307530763077307830793080308130823083308430853086308730883089309030913092309330943095309630973098309931003101310231033104310531063107310831093110311131123113311431153116311731183119312031213122312331243125312631273128312931303131313231333134313531363137313831393140314131423143314431453146314731483149315031513152315331543155315631573158315931603161316231633164316531663167316831693170317131723173317431753176317731783179318031813182318331843185318631873188318931903191319231933194319531963197319831993200320132023203320432053206320732083209321032113212321332143215321632173218321932203221322232233224322532263227322832293230323132323233323432353236323732383239324032413242324332443245324632473248324932503251325232533254325532563257325832593260326132623263326432653266326732683269327032713272327332743275327632773278327932803281328232833284328532863287328832893290329132923293329432953296329732983299330033013302330333043305330633073308330933103311331233133314331533163317331833193320332133223323332433253326332733283329333033313332333333343335333633373338333933403341334233433344334533463347334833493350335133523353335433553356335733583359336033613362336333643365336633673368336933703371337233733374337533763377337833793380338133823383338433853386338733883389339033913392339333943395339633973398339934003401340234033404340534063407340834093410341134123413341434153416341734183419342034213422342334243425342634273428342934303431343234333434343534363437343834393440344134423443344434453446344734483449345034513452345334543455345634573458345934603461346234633464346534663467346834693470347134723473347434753476347734783479348034813482348334843485348634873488348934903491349234933494349534963497349834993500350135023503350435053506350735083509351035113512351335143515351635173518351935203521352235233524352535263527352835293530353135323533353435353536353735383539354035413542354335443545354635473548354935503551355235533554355535563557355835593560356135623563356435653566356735683569357035713572357335743575357635773578357935803581358235833584358535863587358835893590359135923593359435953596359735983599360036013602360336043605360636073608360936103611361236133614361536163617361836193620362136223623362436253626362736283629363036313632363336343635363636373638363936403641364236433644364536463647364836493650365136523653365436553656365736583659366036613662366336643665366636673668366936703671367236733674367536763677367836793680368136823683368436853686368736883689369036913692369336943695369636973698369937003701370237033704370537063707370837093710371137123713371437153716371737183719372037213722372337243725372637273728372937303731373237333734373537363737373837393740374137423743374437453746374737483749375037513752375337543755375637573758375937603761376237633764376537663767376837693770377137723773377437753776377737783779378037813782378337843785378637873788378937903791379237933794379537963797379837993800380138023803380438053806380738083809381038113812381338143815381638173818381938203821382238233824382538263827382838293830383138323833383438353836383738383839384038413842384338443845384638473848384938503851385238533854385538563857385838593860386138623863386438653866386738683869387038713872387338743875387638773878387938803881388238833884388538863887388838893890389138923893389438953896389738983899390039013902390339043905390639073908390939103911391239133914391539163917391839193920392139223923392439253926392739283929393039313932393339343935393639373938393939403941394239433944394539463947394839493950395139523953395439553956395739583959396039613962396339643965396639673968396939703971397239733974397539763977397839793980398139823983398439853986398739883989399039913992399339943995399639973998399940004001400240034004400540064007400840094010401140124013401440154016401740184019402040214022402340244025402640274028402940304031403240334034403540364037403840394040404140424043404440454046404740484049405040514052405340544055 
  1. package sftpd_test
    2. 

  2. 

  3. import (
    4. 

  4. 	"bufio"
    5. 

  5. 	"bytes"
    6. 

  6. 	"crypto/rand"
    7. 

  7. 	"crypto/sha256"
    8. 

  8. 	"crypto/sha512"
    9. 

  9. 	"fmt"
    10. 

  10. 	"hash"
    11. 

  11. 	"io"
    12. 

  12. 	"io/ioutil"
    13. 

  13. 	"math"
    14. 

  14. 	"net"
    15. 

  15. 	"net/http"
    16. 

  16. 	"os"
    17. 

  17. 	"os/exec"
    18. 

  18. 	"path"
    19. 

  19. 	"path/filepath"
    20. 

  20. 	"runtime"
    21. 

  21. 	"strings"
    22. 

  22. 	"testing"
    23. 

  23. 	"time"
    24. 

  24. 

  25. 	_ "github.com/go-sql-driver/mysql"
    26. 

  26. 	_ "github.com/lib/pq"
    27. 

  27. 	_ "github.com/mattn/go-sqlite3"
    28. 

  28. 

  29. 	"golang.org/x/crypto/ssh"
    30. 

  30. 

  31. 	"github.com/drakkan/sftpgo/config"
    32. 

  32. 	"github.com/drakkan/sftpgo/dataprovider"
    33. 

  33. 	"github.com/drakkan/sftpgo/httpd"
    34. 

  34. 	"github.com/drakkan/sftpgo/logger"
    35. 

  35. 	"github.com/drakkan/sftpgo/sftpd"
    36. 

  36. 	"github.com/drakkan/sftpgo/utils"
    37. 

  37. 	"github.com/pkg/sftp"
    38. 

  38. 	"github.com/rs/zerolog"
    39. 

  39. )
    40. 

  40. 

  41. const (
    42. 

  42. 	logSender       = "sftpdTesting"
    43. 

  43. 	sftpServerAddr  = "127.0.0.1:2022"
    44. 

  44. 	defaultUsername = "test_user_sftp"
    45. 

  45. 	defaultPassword = "test_password"
    46. 

  46. 	testPubKey      = "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQC03jj0D+djk7pxIf/0OhrxrchJTRZklofJ1NoIu4752Sq02mdXmarMVsqJ1cAjV5LBVy3D1F5U6XW4rppkXeVtd04Pxb09ehtH0pRRPaoHHlALiJt8CoMpbKYMA8b3KXPPriGxgGomvtU2T2RMURSwOZbMtpsugfjYSWenyYX+VORYhylWnSXL961LTyC21ehd6d6QnW9G7E5hYMITMY9TuQZz3bROYzXiTsgN0+g6Hn7exFQp50p45StUMfV/SftCMdCxlxuyGny2CrN/vfjO7xxOo2uv7q1qm10Q46KPWJQv+pgZ/OfL+EDjy07n5QVSKHlbx+2nT4Q0EgOSQaCTYwn3YjtABfIxWwgAFdyj6YlPulCL22qU4MYhDcA6PSBwDdf8hvxBfvsiHdM+JcSHvv8/VeJhk6CmnZxGY0fxBupov27z3yEO8nAg8k+6PaUiW1MSUfuGMF/ktB8LOstXsEPXSszuyXiOv4DaryOXUiSn7bmRqKcEFlJusO6aZP0= nicola@p1"
    47. 

  47. 	testPubKey1     = "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQCd60+/j+y8f0tLftihWV1YN9RSahMI9btQMDIMqts/jeNbD8jgoogM3nhF7KxfcaMKURuD47KC4Ey6iAJUJ0sWkSNNxOcIYuvA+5MlspfZDsa8Ag76Fe1vyz72WeHMHMeh/hwFo2TeIeIXg480T1VI6mzfDrVp2GzUx0SS0dMsQBjftXkuVR8YOiOwMCAH2a//M1OrvV7d/NBk6kBN0WnuIBb2jKm15PAA7+jQQG7tzwk2HedNH3jeL5GH31xkSRwlBczRK0xsCQXehAlx6cT/e/s44iJcJTHfpPKoSk6UAhPJYe7Z1QnuoawY9P9jQaxpyeImBZxxUEowhjpj2avBxKdRGBVK8R7EL8tSOeLbhdyWe5Mwc1+foEbq9Zz5j5Kd+hn3Wm1UnsGCrXUUUoZp1jnlNl0NakCto+5KmqnT9cHxaY+ix2RLUWAZyVFlRq71OYux1UHJnEJPiEI1/tr4jFBSL46qhQZv/TfpkfVW8FLz0lErfqu0gQEZnNHr3Fc= nicola@p1"
    48. 

  48. 	testPrivateKey  = `-----BEGIN OPENSSH PRIVATE KEY-----
    49. 

  49. b3BlbnNzaC1rZXktdjEAAAAABG5vbmUAAAAEbm9uZQAAAAAAAAABAAABlwAAAAdzc2gtcn
    50. 

  50. NhAAAAAwEAAQAAAYEAtN449A/nY5O6cSH/9Doa8a3ISU0WZJaHydTaCLuO+dkqtNpnV5mq
    51. 

  51. zFbKidXAI1eSwVctw9ReVOl1uK6aZF3lbXdOD8W9PXobR9KUUT2qBx5QC4ibfAqDKWymDA
    52. 

  52. PG9ylzz64hsYBqJr7VNk9kTFEUsDmWzLabLoH42Elnp8mF/lTkWIcpVp0ly/etS08gttXo
    53. 

  53. XenekJ1vRuxOYWDCEzGPU7kGc920TmM14k7IDdPoOh5+3sRUKedKeOUrVDH1f0n7QjHQsZ
    54. 

  54. cbshp8tgqzf734zu8cTqNrr+6taptdEOOij1iUL/qYGfzny/hA48tO5+UFUih5W8ftp0+E
    55. 

  55. NBIDkkGgk2MJ92I7QAXyMVsIABXco+mJT7pQi9tqlODGIQ3AOj0gcA3X/Ib8QX77Ih3TPi
    56. 

  56. XEh77/P1XiYZOgpp2cRmNH8QbqaL9u898hDvJwIPJPuj2lIltTElH7hjBf5LQfCzrLV7BD
    57. 

  57. 10rM7sl4jr+A2q8jl1Ikp+25kainBBZSbrDummT9AAAFgDU/VLk1P1S5AAAAB3NzaC1yc2
    58. 

  58. EAAAGBALTeOPQP52OTunEh//Q6GvGtyElNFmSWh8nU2gi7jvnZKrTaZ1eZqsxWyonVwCNX
    59. 

  59. ksFXLcPUXlTpdbiummRd5W13Tg/FvT16G0fSlFE9qgceUAuIm3wKgylspgwDxvcpc8+uIb
    60. 

  60. GAaia+1TZPZExRFLA5lsy2my6B+NhJZ6fJhf5U5FiHKVadJcv3rUtPILbV6F3p3pCdb0bs
    61. 

  61. TmFgwhMxj1O5BnPdtE5jNeJOyA3T6Doeft7EVCnnSnjlK1Qx9X9J+0Ix0LGXG7IafLYKs3
    62. 

  62. +9+M7vHE6ja6/urWqbXRDjoo9YlC/6mBn858v4QOPLTuflBVIoeVvH7adPhDQSA5JBoJNj
    63. 

  63. CfdiO0AF8jFbCAAV3KPpiU+6UIvbapTgxiENwDo9IHAN1/yG/EF++yId0z4lxIe+/z9V4m
    64. 

  64. GToKadnEZjR/EG6mi/bvPfIQ7ycCDyT7o9pSJbUxJR+4YwX+S0Hws6y1ewQ9dKzO7JeI6/
    65. 

  65. gNqvI5dSJKftuZGopwQWUm6w7ppk/QAAAAMBAAEAAAGAHKnC+Nq0XtGAkIFE4N18e6SAwy
    66. 

  66. 0WSWaZqmCzFQM0S2AhJnweOIG/0ZZHjsRzKKauOTmppQk40dgVsejpytIek9R+aH172gxJ
    67. 

  67. 2n4Cx0UwduRU5x8FFQlNc/kl722B0JWfJuB/snOZXv6LJ4o5aObIkozt2w9tVFeAqjYn2S
    68. 

  68. 1UsNOfRHBXGsTYwpRDwFWP56nKo2d2wBBTHDhCy6fb2dLW1fvSi/YspueOGIlHpvlYKi2/
    69. 

  69. CWqvs9xVrwcScMtiDoQYq0khhO0efLCxvg/o+W9CLMVM2ms4G1zoSUQKN0oYWWQJyW4+VI
    70. 

  70. YneWO8UpN0J3ElXKi7bhgAat7dBaM1g9IrAzk153DiEFZNsPxGOgL/+YdQN7zUBx/z7EkI
    71. 

  71. jyv80RV7fpUXvcq2p+qNl6UVig3VSzRrnsaJkUWu/A0u59ha7ocv6NxDIXjxpIDJme16GF
    72. 

  72. quiGVBQNnYJymS/vFEbGf6bgf7iRmMCRUMG4nqLA6fPYP9uAtch+CmDfVLZC/fIdC5AAAA
    73. 

  73. wQCDissV4zH6bfqgxJSuYNk8Vbb+19cF3b7gH1rVlB3zxpCAgcRgMHC+dP1z2NRx7UW9MR
    74. 

  74. nye6kjpkzZZ0OigLqo7TtEq8uTglD9o6W7mRXqhy5A/ySOmqPL3ernHHQhGuoNODYAHkOU
    75. 

  75. u2Rh8HXi+VLwKZcLInPOYJvcuLG4DxN8WfeVvlMHwhAOaTNNOtL4XZDHQeIPc4qHmJymmv
    76. 

  76. sV7GuyQ6yW5C10uoGdxRPd90Bh4z4h2bKfZFjvEBbSBVkqrlAAAADBAN/zNtNayd/dX7Cr
    77. 

  77. Nb4sZuzCh+CW4BH8GOePZWNCATwBbNXBVb5cR+dmuTqYm+Ekz0VxVQRA1TvKncluJOQpoa
    78. 

  78. Xj8r0xdIgqkehnfDPMKtYVor06B9Fl1jrXtXU0Vrr6QcBWruSVyK1ZxqcmcNK/+KolVepe
    79. 

  79. A6vcl/iKaG4U7su166nxLST06M2EgcSVsFJHpKn5+WAXC+X0Gx8kNjWIIb3GpiChdc0xZD
    80. 

  80. mq02xZthVJrTCVw/e7gfDoB2QRsNV8HwAAAMEAzsCghZVp+0YsYg9oOrw4tEqcbEXEMhwY
    81. 

  81. 0jW8JNL8Spr1Ibp5Dw6bRSk5azARjmJtnMJhJ3oeHfF0eoISqcNuQXGndGQbVM9YzzAzc1
    82. 

  82. NbbCNsVroqKlChT5wyPNGS+phi2bPARBno7WSDvshTZ7dAVEP2c9MJW0XwoSevwKlhgSdt
    83. 

  83. RLFFQ/5nclJSdzPBOmQouC0OBcMFSrYtMeknJ4VvueVvve5HcHFaEsaMc7ABAGaLYaBQOm
    84. 

  84. iixITGvaNZh/tjAAAACW5pY29sYUBwMQE=
    85. 

  85. -----END OPENSSH PRIVATE KEY-----`
    86. 

  86. 	configDir = ".."
    87. 

  87. )
    88. 

  88. 

  89. var (
    90. 

  90. 	allPerms       = []string{dataprovider.PermAny}
    91. 

  91. 	homeBasePath   string
    92. 

  92. 	scpPath        string
    93. 

  93. 	gitPath        string
    94. 

  94. 	sshPath        string
    95. 

  95. 	pubKeyPath     string
    96. 

  96. 	privateKeyPath string
    97. 

  97. 	gitWrapPath    string
    98. 

  98. 	logFilePath    string
    99. 

  99. )
    100. 

  100. 

  101. func TestMain(m *testing.M) {
    102. 

  102. 	logFilePath = filepath.Join(configDir, "sftpgo_sftpd_test.log")
    103. 

  103. 	loginBannerFileName := "login_banner"
    104. 

  104. 	loginBannerFile := filepath.Join(configDir, loginBannerFileName)
    105. 

  105. 	ioutil.WriteFile(loginBannerFile, []byte("simple login banner\n"), 0777)
    106. 

  106. 	logger.InitLogger(logFilePath, 5, 1, 28, false, zerolog.DebugLevel)
    107. 

  107. 	config.LoadConfig(configDir, "")
    108. 

  108. 	providerConf := config.GetProviderConf()
    109. 

  109. 

  110. 	err := dataprovider.Initialize(providerConf, configDir)
    111. 

  111. 	if err != nil {
    112. 

  112. 		logger.Warn(logSender, "", "error initializing data provider: %v", err)
    113. 

  113. 		os.Exit(1)
    114. 

  114. 	}
    115. 

  115. 	dataProvider := dataprovider.GetProvider()
    116. 

  116. 	sftpdConf := config.GetSFTPDConfig()
    117. 

  117. 	httpdConf := config.GetHTTPDConfig()
    118. 

  118. 	sftpdConf.BindPort = 2022
    119. 

  119. 	sftpdConf.KexAlgorithms = []string{"[email protected]", "ecdh-sha2-nistp256",
    120. 

  120. 		"ecdh-sha2-nistp384"}
    121. 

  121. 	sftpdConf.Ciphers = []string{"[email protected]", "[email protected]",
    122. 

  122. 		"aes256-ctr"}
    123. 

  123. 	sftpdConf.MACs = []string{"[email protected]", "hmac-sha2-256"}
    124. 

  124. 	sftpdConf.LoginBannerFile = loginBannerFileName
    125. 

  125. 	// we need to test all supported ssh commands
    126. 

  126. 	sftpdConf.EnabledSSHCommands = []string{"*"}
    127. 

  127. 	// we run the test cases with UploadMode atomic and resume support. The non atomic code path
    128. 

  128. 	// simply does not execute some code so if it works in atomic mode will
    129. 

  129. 	// work in non atomic mode too
    130. 

  130. 	sftpdConf.UploadMode = 2
    131. 

  131. 	homeBasePath = os.TempDir()
    132. 

  132. 	var scriptArgs string
    133. 

  133. 	if runtime.GOOS == "windows" {
    134. 

  134. 		scriptArgs = "%*"
    135. 

  135. 	} else {
    136. 

  136. 		sftpdConf.Actions.ExecuteOn = []string{"download", "upload", "rename", "delete", "ssh_cmd"}
    137. 

  137. 		sftpdConf.Actions.Command = "/usr/bin/true"
    138. 

  138. 		sftpdConf.Actions.HTTPNotificationURL = "http://127.0.0.1:8080/"
    139. 

  139. 		scriptArgs = "$@"
    140. 

  140. 	}
    141. 

  141. 

  142. 	scpPath, err = exec.LookPath("scp")
    143. 

  143. 	if err != nil {
    144. 

  144. 		logger.Warn(logSender, "", "unable to get scp command. SCP tests will be skipped, err: %v", err)
    145. 

  145. 		logger.WarnToConsole("unable to get scp command. SCP tests will be skipped, err: %v", err)
    146. 

  146. 		scpPath = ""
    147. 

  147. 	}
    148. 

  148. 

  149. 	gitPath, err = exec.LookPath("git")
    150. 

  150. 	if err != nil {
    151. 

  151. 		logger.Warn(logSender, "", "unable to get git command. GIT tests will be skipped, err: %v", err)
    152. 

  152. 		logger.WarnToConsole("unable to get git command. GIT tests will be skipped, err: %v", err)
    153. 

  153. 		gitPath = ""
    154. 

  154. 	}
    155. 

  155. 

  156. 	sshPath, err = exec.LookPath("ssh")
    157. 

  157. 	if err != nil {
    158. 

  158. 		logger.Warn(logSender, "", "unable to get ssh command. GIT tests will be skipped, err: %v", err)
    159. 

  159. 		logger.WarnToConsole("unable to get ssh command. GIT tests will be skipped, err: %v", err)
    160. 

  160. 		gitPath = ""
    161. 

  161. 	}
    162. 

  162. 

  163. 	pubKeyPath = filepath.Join(homeBasePath, "ssh_key.pub")
    164. 

  164. 	privateKeyPath = filepath.Join(homeBasePath, "ssh_key")
    165. 

  165. 	gitWrapPath = filepath.Join(homeBasePath, "gitwrap.sh")
    166. 

  166. 	err = ioutil.WriteFile(pubKeyPath, []byte(testPubKey+"\n"), 0600)
    167. 

  167. 	if err != nil {
    168. 

  168. 		logger.WarnToConsole("unable to save public key to file: %v", err)
    169. 

  169. 	}
    170. 

  170. 	err = ioutil.WriteFile(privateKeyPath, []byte(testPrivateKey+"\n"), 0600)
    171. 

  171. 	if err != nil {
    172. 

  172. 		logger.WarnToConsole("unable to save private key to file: %v", err)
    173. 

  173. 	}
    174. 

  174. 	err = ioutil.WriteFile(gitWrapPath, []byte(fmt.Sprintf("%v -i %v -oStrictHostKeyChecking=no %v\n",
    175. 

  175. 		sshPath, privateKeyPath, scriptArgs)), 0755)
    176. 

  176. 	if err != nil {
    177. 

  177. 		logger.WarnToConsole("unable to save gitwrap shell script: %v", err)
    178. 

  178. 	}
    179. 

  179. 

  180. 	sftpd.SetDataProvider(dataProvider)
    181. 

  181. 	httpd.SetDataProvider(dataProvider)
    182. 

  182. 

  183. 	go func() {
    184. 

  184. 		logger.Debug(logSender, "", "initializing SFTP server with config %+v", sftpdConf)
    185. 

  185. 		if err := sftpdConf.Initialize(configDir); err != nil {
    186. 

  186. 			logger.Error(logSender, "", "could not start SFTP server: %v", err)
    187. 

  187. 		}
    188. 

  188. 	}()
    189. 

  189. 

  190. 	go func() {
    191. 

  191. 		if err := httpdConf.Initialize(configDir); err != nil {
    192. 

  192. 			logger.Error(logSender, "", "could not start HTTP server: %v", err)
    193. 

  193. 		}
    194. 

  194. 	}()
    195. 

  195. 

  196. 	waitTCPListening(fmt.Sprintf("%s:%d", sftpdConf.BindAddress, sftpdConf.BindPort))
    197. 

  197. 	waitTCPListening(fmt.Sprintf("%s:%d", httpdConf.BindAddress, httpdConf.BindPort))
    198. 

  198. 

  199. 	exitCode := m.Run()
    200. 

  200. 	os.Remove(logFilePath)
    201. 

  201. 	os.Remove(loginBannerFile)
    202. 

  202. 	os.Remove(pubKeyPath)
    203. 

  203. 	os.Remove(privateKeyPath)
    204. 

  204. 	os.Remove(gitWrapPath)
    205. 

  205. 	os.Exit(exitCode)
    206. 

  206. }
    207. 

  207. 

  208. func TestInitialization(t *testing.T) {
    209. 

  209. 	config.LoadConfig(configDir, "")
    210. 

  210. 	sftpdConf := config.GetSFTPDConfig()
    211. 

  211. 	sftpdConf.Umask = "invalid umask"
    212. 

  212. 	sftpdConf.BindPort = 2022
    213. 

  213. 	sftpdConf.LoginBannerFile = "invalid_file"
    214. 

  214. 	sftpdConf.IsSCPEnabled = true
    215. 

  215. 	sftpdConf.EnabledSSHCommands = append(sftpdConf.EnabledSSHCommands, "ls")
    216. 

  216. 	err := sftpdConf.Initialize(configDir)
    217. 

  217. 	if err == nil {
    218. 

  218. 		t.Errorf("Inizialize must fail, a SFTP server should be already running")
    219. 

  219. 	}
    220. 

  220. }
    221. 

  221. 

  222. func TestBasicSFTPHandling(t *testing.T) {
    223. 

  223. 	usePubKey := false
    224. 

  224. 	u := getTestUser(usePubKey)
    225. 

  225. 	u.QuotaSize = 6553600
    226. 

  226. 	user, _, err := httpd.AddUser(u, http.StatusOK)
    227. 

  227. 	if err != nil {
    228. 

  228. 		t.Errorf("unable to add user: %v", err)
    229. 

  229. 	}
    230. 

  230. 	os.RemoveAll(user.GetHomeDir())
    231. 

  231. 	client, err := getSftpClient(user, usePubKey)
    232. 

  232. 	if err != nil {
    233. 

  233. 		t.Errorf("unable to create sftp client: %v", err)
    234. 

  234. 	} else {
    235. 

  235. 		defer client.Close()
    236. 

  236. 		testFileName := "test_file.dat"
    237. 

  237. 		testFilePath := filepath.Join(homeBasePath, testFileName)
    238. 

  238. 		testFileSize := int64(65535)
    239. 

  239. 		expectedQuotaSize := user.UsedQuotaSize + testFileSize
    240. 

  240. 		expectedQuotaFiles := user.UsedQuotaFiles + 1
    241. 

  241. 		createTestFile(testFilePath, testFileSize)
    242. 

  242. 		err = sftpUploadFile(testFilePath, path.Join("/missing_dir", testFileName), testFileSize, client)
    243. 

  243. 		if err == nil {
    244. 

  244. 			t.Errorf("upload a file to a missing dir must fail")
    245. 

  245. 		}
    246. 

  246. 		err = sftpUploadFile(testFilePath, testFileName, testFileSize, client)
    247. 

  247. 		if err != nil {
    248. 

  248. 			t.Errorf("file upload error: %v", err)
    249. 

  249. 		}
    250. 

  250. 		localDownloadPath := filepath.Join(homeBasePath, "test_download.dat")
    251. 

  251. 		err = sftpDownloadFile(testFileName, localDownloadPath, testFileSize, client)
    252. 

  252. 		if err != nil {
    253. 

  253. 			t.Errorf("file download error: %v", err)
    254. 

  254. 		}
    255. 

  255. 		user, _, err = httpd.GetUserByID(user.ID, http.StatusOK)
    256. 

  256. 		if err != nil {
    257. 

  257. 			t.Errorf("error getting user: %v", err)
    258. 

  258. 		}
    259. 

  259. 		if expectedQuotaFiles != user.UsedQuotaFiles {
    260. 

  260. 			t.Errorf("quota files does not match, expected: %v, actual: %v", expectedQuotaFiles, user.UsedQuotaFiles)
    261. 

  261. 		}
    262. 

  262. 		if expectedQuotaSize != user.UsedQuotaSize {
    263. 

  263. 			t.Errorf("quota size does not match, expected: %v, actual: %v", expectedQuotaSize, user.UsedQuotaSize)
    264. 

  264. 		}
    265. 

  265. 		err = client.Remove(testFileName)
    266. 

  266. 		if err != nil {
    267. 

  267. 			t.Errorf("error removing uploaded file: %v", err)
    268. 

  268. 		}
    269. 

  269. 		_, err = client.Lstat(testFileName)
    270. 

  270. 		if err == nil {
    271. 

  271. 			t.Errorf("stat for deleted file must not succeed")
    272. 

  272. 		}
    273. 

  273. 		user, _, err = httpd.GetUserByID(user.ID, http.StatusOK)
    274. 

  274. 		if err != nil {
    275. 

  275. 			t.Errorf("error getting user: %v", err)
    276. 

  276. 		}
    277. 

  277. 		if (expectedQuotaFiles - 1) != user.UsedQuotaFiles {
    278. 

  278. 			t.Errorf("quota files does not match after delete, expected: %v, actual: %v", expectedQuotaFiles-1, user.UsedQuotaFiles)
    279. 

  279. 		}
    280. 

  280. 		if (expectedQuotaSize - testFileSize) != user.UsedQuotaSize {
    281. 

  281. 			t.Errorf("quota size does not match, expected: %v, actual: %v", expectedQuotaSize-testFileSize, user.UsedQuotaSize)
    282. 

  282. 		}
    283. 

  283. 		os.Remove(testFilePath)
    284. 

  284. 		os.Remove(localDownloadPath)
    285. 

  285. 	}
    286. 

  286. 	_, err = httpd.RemoveUser(user, http.StatusOK)
    287. 

  287. 	if err != nil {
    288. 

  288. 		t.Errorf("unable to remove user: %v", err)
    289. 

  289. 	}
    290. 

  290. 	os.RemoveAll(user.GetHomeDir())
    291. 

  291. }
    292. 

  292. 

  293. func TestUploadResume(t *testing.T) {
    294. 

  294. 	usePubKey := false
    295. 

  295. 	u := getTestUser(usePubKey)
    296. 

  296. 	user, _, err := httpd.AddUser(u, http.StatusOK)
    297. 

  297. 	if err != nil {
    298. 

  298. 		t.Errorf("unable to add user: %v", err)
    299. 

  299. 	}
    300. 

  300. 	os.RemoveAll(user.GetHomeDir())
    301. 

  301. 	client, err := getSftpClient(user, usePubKey)
    302. 

  302. 	if err != nil {
    303. 

  303. 		t.Errorf("unable to create sftp client: %v", err)
    304. 

  304. 	} else {
    305. 

  305. 		defer client.Close()
    306. 

  306. 		testFileName := "test_file.dat"
    307. 

  307. 		testFilePath := filepath.Join(homeBasePath, testFileName)
    308. 

  308. 		testFileSize := int64(65535)
    309. 

  309. 		appendDataSize := int64(65535)
    310. 

  310. 		err = createTestFile(testFilePath, testFileSize)
    311. 

  311. 		if err != nil {
    312. 

  312. 			t.Errorf("unable to create test file: %v", err)
    313. 

  313. 		}
    314. 

  314. 		err = sftpUploadFile(testFilePath, testFileName, testFileSize, client)
    315. 

  315. 		if err != nil {
    316. 

  316. 			t.Errorf("file upload error: %v", err)
    317. 

  317. 		}
    318. 

  318. 		err = appendToTestFile(testFilePath, appendDataSize)
    319. 

  319. 		if err != nil {
    320. 

  320. 			t.Errorf("unable to append to test file: %v", err)
    321. 

  321. 		}
    322. 

  322. 		err = sftpUploadResumeFile(testFilePath, testFileName, testFileSize+appendDataSize, false, client)
    323. 

  323. 		if err != nil {
    324. 

  324. 			t.Errorf("file upload resume error: %v", err)
    325. 

  325. 		}
    326. 

  326. 		localDownloadPath := filepath.Join(homeBasePath, "test_download.dat")
    327. 

  327. 		err = sftpDownloadFile(testFileName, localDownloadPath, testFileSize+appendDataSize, client)
    328. 

  328. 		if err != nil {
    329. 

  329. 			t.Errorf("file download error: %v", err)
    330. 

  330. 		}
    331. 

  331. 		initialHash, err := computeHashForFile(sha256.New(), testFilePath)
    332. 

  332. 		if err != nil {
    333. 

  333. 			t.Errorf("error computing file hash: %v", err)
    334. 

  334. 		}
    335. 

  335. 		donwloadedFileHash, err := computeHashForFile(sha256.New(), localDownloadPath)
    336. 

  336. 		if err != nil {
    337. 

  337. 			t.Errorf("error computing downloaded file hash: %v", err)
    338. 

  338. 		}
    339. 

  339. 		if donwloadedFileHash != initialHash {
    340. 

  340. 			t.Errorf("resume failed: file hash does not match")
    341. 

  341. 		}
    342. 

  342. 		err = sftpUploadResumeFile(testFilePath, testFileName, testFileSize+appendDataSize, true, client)
    343. 

  343. 		if err == nil {
    344. 

  344. 			t.Errorf("file upload resume with invalid offset must fail")
    345. 

  345. 		}
    346. 

  346. 		os.Remove(testFilePath)
    347. 

  347. 		os.Remove(localDownloadPath)
    348. 

  348. 	}
    349. 

  349. 	_, err = httpd.RemoveUser(user, http.StatusOK)
    350. 

  350. 	if err != nil {
    351. 

  351. 		t.Errorf("unable to remove user: %v", err)
    352. 

  352. 	}
    353. 

  353. 	os.RemoveAll(user.GetHomeDir())
    354. 

  354. }
    355. 

  355. 

  356. func TestDirCommands(t *testing.T) {
    357. 

  357. 	usePubKey := false
    358. 

  358. 	user, _, err := httpd.AddUser(getTestUser(usePubKey), http.StatusOK)
    359. 

  359. 	if err != nil {
    360. 

  360. 		t.Errorf("unable to add user: %v", err)
    361. 

  361. 	}
    362. 

  362. 	// remove the home dir to test auto creation
    363. 

  363. 	os.RemoveAll(user.HomeDir)
    364. 

  364. 	client, err := getSftpClient(user, usePubKey)
    365. 

  365. 	if err != nil {
    366. 

  366. 		t.Errorf("unable to create sftp client: %v", err)
    367. 

  367. 	} else {
    368. 

  368. 		defer client.Close()
    369. 

  369. 		err = client.Mkdir("test1")
    370. 

  370. 		if err != nil {
    371. 

  371. 			t.Errorf("error mkdir: %v", err)
    372. 

  372. 		}
    373. 

  373. 		err = client.Rename("test1", "test")
    374. 

  374. 		if err != nil {
    375. 

  375. 			t.Errorf("error rename: %v", err)
    376. 

  376. 		}
    377. 

  377. 		_, err = client.Lstat("/test1")
    378. 

  378. 		if err == nil {
    379. 

  379. 			t.Errorf("stat for renamed dir must not succeed")
    380. 

  380. 		}
    381. 

  381. 		err = client.PosixRename("test", "test1")
    382. 

  382. 		if err != nil {
    383. 

  383. 			t.Errorf("error posix rename: %v", err)
    384. 

  384. 		}
    385. 

  385. 		err = client.Remove("test1")
    386. 

  386. 		if err != nil {
    387. 

  387. 			t.Errorf("error rmdir: %v", err)
    388. 

  388. 		}
    389. 

  389. 		err = client.Mkdir("/test/test1")
    390. 

  390. 		if err == nil {
    391. 

  391. 			t.Errorf("recursive mkdir must fail")
    392. 

  392. 		}
    393. 

  393. 		client.Mkdir("/test")
    394. 

  394. 		err = client.Mkdir("/test/test1")
    395. 

  395. 		if err != nil {
    396. 

  396. 			t.Errorf("mkdir dir error: %v", err)
    397. 

  397. 		}
    398. 

  398. 		_, err = client.ReadDir("/this/dir/does/not/exist")
    399. 

  399. 		if err == nil {
    400. 

  400. 			t.Errorf("reading a missing dir must fail")
    401. 

  401. 		}
    402. 

  402. 		err = client.RemoveDirectory("/test/test1")
    403. 

  403. 		if err != nil {
    404. 

  404. 			t.Errorf("remove dir error: %v", err)
    405. 

  405. 		}
    406. 

  406. 		err = client.RemoveDirectory("/test")
    407. 

  407. 		if err != nil {
    408. 

  408. 			t.Errorf("remove dir error: %v", err)
    409. 

  409. 		}
    410. 

  410. 		_, err = client.Lstat("/test")
    411. 

  411. 		if err == nil {
    412. 

  412. 			t.Errorf("stat for deleted dir must not succeed")
    413. 

  413. 		}
    414. 

  414. 		err = client.RemoveDirectory("/test")
    415. 

  415. 		if err == nil {
    416. 

  416. 			t.Errorf("remove missing path must fail")
    417. 

  417. 		}
    418. 

  418. 	}
    419. 

  419. 	httpd.RemoveUser(user, http.StatusOK)
    420. 

  420. 	os.RemoveAll(user.GetHomeDir())
    421. 

  421. }
    422. 

  422. 

  423. func TestRemove(t *testing.T) {
    424. 

  424. 	usePubKey := true
    425. 

  425. 	user, _, err := httpd.AddUser(getTestUser(usePubKey), http.StatusOK)
    426. 

  426. 	if err != nil {
    427. 

  427. 		t.Errorf("unable to add user: %v", err)
    428. 

  428. 	}
    429. 

  429. 	client, err := getSftpClient(user, usePubKey)
    430. 

  430. 	if err != nil {
    431. 

  431. 		t.Errorf("unable to create sftp client: %v", err)
    432. 

  432. 	} else {
    433. 

  433. 		defer client.Close()
    434. 

  434. 		err = client.Mkdir("test")
    435. 

  435. 		if err != nil {
    436. 

  436. 			t.Errorf("error mkdir: %v", err)
    437. 

  437. 		}
    438. 

  438. 		err = client.Mkdir("/test/test1")
    439. 

  439. 		if err != nil {
    440. 

  440. 			t.Errorf("error mkdir subdir: %v", err)
    441. 

  441. 		}
    442. 

  442. 		testFileName := "/test_file.dat"
    443. 

  443. 		testFilePath := filepath.Join(homeBasePath, testFileName)
    444. 

  444. 		testFileSize := int64(65535)
    445. 

  445. 		err = createTestFile(testFilePath, testFileSize)
    446. 

  446. 		if err != nil {
    447. 

  447. 			t.Errorf("unable to create test file: %v", err)
    448. 

  448. 		}
    449. 

  449. 		err = sftpUploadFile(testFilePath, path.Join("/test", testFileName), testFileSize, client)
    450. 

  450. 		if err != nil {
    451. 

  451. 			t.Errorf("file upload error: %v", err)
    452. 

  452. 		}
    453. 

  453. 		err = client.Remove("/test")
    454. 

  454. 		if err == nil {
    455. 

  455. 			t.Errorf("remove non empty dir must fail")
    456. 

  456. 		}
    457. 

  457. 		err = client.RemoveDirectory(path.Join("/test", testFileName))
    458. 

  458. 		if err == nil {
    459. 

  459. 			t.Errorf("remove a file with rmdir must fail")
    460. 

  460. 		}
    461. 

  461. 		err = client.Remove(path.Join("/test", testFileName))
    462. 

  462. 		if err != nil {
    463. 

  463. 			t.Errorf("remove file error: %v", err)
    464. 

  464. 		}
    465. 

  465. 		err = client.Remove(path.Join("/test", testFileName))
    466. 

  466. 		if err == nil {
    467. 

  467. 			t.Errorf("remove missing file must fail")
    468. 

  468. 		}
    469. 

  469. 		err = client.Remove("/test/test1")
    470. 

  470. 		if err != nil {
    471. 

  471. 			t.Errorf("remove dir error: %v", err)
    472. 

  472. 		}
    473. 

  473. 		err = client.Remove("/test")
    474. 

  474. 		if err != nil {
    475. 

  475. 			t.Errorf("remove dir error: %v", err)
    476. 

  476. 		}
    477. 

  477. 		os.Remove(testFilePath)
    478. 

  478. 	}
    479. 

  479. 	_, err = httpd.RemoveUser(user, http.StatusOK)
    480. 

  480. 	if err != nil {
    481. 

  481. 		t.Errorf("unable to remove user: %v", err)
    482. 

  482. 	}
    483. 

  483. 	os.RemoveAll(user.GetHomeDir())
    484. 

  484. }
    485. 

  485. 

  486. func TestLink(t *testing.T) {
    487. 

  487. 	usePubKey := false
    488. 

  488. 	user, _, err := httpd.AddUser(getTestUser(usePubKey), http.StatusOK)
    489. 

  489. 	if err != nil {
    490. 

  490. 		t.Errorf("unable to add user: %v", err)
    491. 

  491. 	}
    492. 

  492. 	client, err := getSftpClient(user, usePubKey)
    493. 

  493. 	if err != nil {
    494. 

  494. 		t.Errorf("unable to create sftp client: %v", err)
    495. 

  495. 	} else {
    496. 

  496. 		defer client.Close()
    497. 

  497. 		testFileName := "test_file.dat"
    498. 

  498. 		testFilePath := filepath.Join(homeBasePath, testFileName)
    499. 

  499. 		testFileSize := int64(65535)
    500. 

  500. 		err = createTestFile(testFilePath, testFileSize)
    501. 

  501. 		if err != nil {
    502. 

  502. 			t.Errorf("unable to create test file: %v", err)
    503. 

  503. 		}
    504. 

  504. 		err = sftpUploadFile(testFilePath, testFileName, testFileSize, client)
    505. 

  505. 		if err != nil {
    506. 

  506. 			t.Errorf("file upload error: %v", err)
    507. 

  507. 		}
    508. 

  508. 		err = client.Symlink(testFileName, testFileName+".link")
    509. 

  509. 		if err != nil {
    510. 

  510. 			t.Errorf("error creating symlink: %v", err)
    511. 

  511. 		}
    512. 

  512. 		_, err = client.ReadLink(testFileName + ".link")
    513. 

  513. 		if err == nil {
    514. 

  514. 			t.Errorf("readlink is currently not implemented so must fail")
    515. 

  515. 		}
    516. 

  516. 		err = client.Symlink(testFileName, testFileName+".link")
    517. 

  517. 		if err == nil {
    518. 

  518. 			t.Errorf("creating a symlink to an existing one must fail")
    519. 

  519. 		}
    520. 

  520. 		err = client.Link(testFileName, testFileName+".hlink")
    521. 

  521. 		if err == nil {
    522. 

  522. 			t.Errorf("hard link is not supported and must fail")
    523. 

  523. 		}
    524. 

  524. 		err = client.Remove(testFileName + ".link")
    525. 

  525. 		if err != nil {
    526. 

  526. 			t.Errorf("error removing symlink: %v", err)
    527. 

  527. 		}
    528. 

  528. 		err = client.Remove(testFileName)
    529. 

  529. 		if err != nil {
    530. 

  530. 			t.Errorf("error removing uploaded file: %v", err)
    531. 

  531. 		}
    532. 

  532. 		os.Remove(testFilePath)
    533. 

  533. 	}
    534. 

  534. 	_, err = httpd.RemoveUser(user, http.StatusOK)
    535. 

  535. 	if err != nil {
    536. 

  536. 		t.Errorf("unable to remove user: %v", err)
    537. 

  537. 	}
    538. 

  538. 	os.RemoveAll(user.GetHomeDir())
    539. 

  539. }
    540. 

  540. 

  541. func TestStat(t *testing.T) {
    542. 

  542. 	usePubKey := false
    543. 

  543. 	user, _, err := httpd.AddUser(getTestUser(usePubKey), http.StatusOK)
    544. 

  544. 	if err != nil {
    545. 

  545. 		t.Errorf("unable to add user: %v", err)
    546. 

  546. 	}
    547. 

  547. 	client, err := getSftpClient(user, usePubKey)
    548. 

  548. 	if err != nil {
    549. 

  549. 		t.Errorf("unable to create sftp client: %v", err)
    550. 

  550. 	} else {
    551. 

  551. 		defer client.Close()
    552. 

  552. 		testFileName := "test_file.dat"
    553. 

  553. 		testFilePath := filepath.Join(homeBasePath, testFileName)
    554. 

  554. 		testFileSize := int64(65535)
    555. 

  555. 		createTestFile(testFilePath, testFileSize)
    556. 

  556. 		err = sftpUploadFile(testFilePath, testFileName, testFileSize, client)
    557. 

  557. 		if err != nil {
    558. 

  558. 			t.Errorf("file upload error: %v", err)
    559. 

  559. 		}
    560. 

  560. 		_, err := client.Lstat(testFileName)
    561. 

  561. 		if err != nil {
    562. 

  562. 			t.Errorf("stat error: %v", err)
    563. 

  563. 		}
    564. 

  564. 		// mode 0666 and 0444 works on Windows too
    565. 

  565. 		newPerm := os.FileMode(0666)
    566. 

  566. 		err = client.Chmod(testFileName, newPerm)
    567. 

  567. 		if err != nil {
    568. 

  568. 			t.Errorf("chmod error: %v", err)
    569. 

  569. 		}
    570. 

  570. 		newFi, err := client.Lstat(testFileName)
    571. 

  571. 		if err != nil {
    572. 

  572. 			t.Errorf("stat error: %v", err)
    573. 

  573. 		}
    574. 

  574. 		if newPerm != newFi.Mode().Perm() {
    575. 

  575. 			t.Errorf("chmod failed expected: %v, actual: %v", newPerm, newFi.Mode().Perm())
    576. 

  576. 		}
    577. 

  577. 		newPerm = os.FileMode(0444)
    578. 

  578. 		err = client.Chmod(testFileName, newPerm)
    579. 

  579. 		if err != nil {
    580. 

  580. 			t.Errorf("chmod error: %v", err)
    581. 

  581. 		}
    582. 

  582. 		newFi, err = client.Lstat(testFileName)
    583. 

  583. 		if err != nil {
    584. 

  584. 			t.Errorf("stat error: %v", err)
    585. 

  585. 		}
    586. 

  586. 		if newPerm != newFi.Mode().Perm() {
    587. 

  587. 			t.Errorf("chmod failed expected: %v, actual: %v", newPerm, newFi.Mode().Perm())
    588. 

  588. 		}
    589. 

  589. 		_, err = client.ReadLink(testFileName)
    590. 

  590. 		if err == nil {
    591. 

  591. 			t.Errorf("readlink is not supported and must fail")
    592. 

  592. 		}
    593. 

  593. 		err = client.Truncate(testFileName, 0)
    594. 

  594. 		if err != nil {
    595. 

  595. 			t.Errorf("truncate must be silently ignored: %v", err)
    596. 

  596. 		}
    597. 

  597. 		os.Remove(testFilePath)
    598. 

  598. 	}
    599. 

  599. 	_, err = httpd.RemoveUser(user, http.StatusOK)
    600. 

  600. 	if err != nil {
    601. 

  601. 		t.Errorf("unable to remove user: %v", err)
    602. 

  602. 	}
    603. 

  603. 	os.RemoveAll(user.GetHomeDir())
    604. 

  604. }
    605. 

  605. 

  606. func TestStatChownChmod(t *testing.T) {
    607. 

  607. 	if runtime.GOOS == "windows" {
    608. 

  608. 		t.Skip("chown is not supported on Windows, chmod is partially supported")
    609. 

  609. 	}
    610. 

  610. 	usePubKey := true
    611. 

  611. 	user, _, err := httpd.AddUser(getTestUser(usePubKey), http.StatusOK)
    612. 

  612. 	if err != nil {
    613. 

  613. 		t.Errorf("unable to add user: %v", err)
    614. 

  614. 	}
    615. 

  615. 	client, err := getSftpClient(user, usePubKey)
    616. 

  616. 	if err != nil {
    617. 

  617. 		t.Errorf("unable to create sftp client: %v", err)
    618. 

  618. 	} else {
    619. 

  619. 		defer client.Close()
    620. 

  620. 		testFileName := "test_file.dat"
    621. 

  621. 		testFilePath := filepath.Join(homeBasePath, testFileName)
    622. 

  622. 		testFileSize := int64(65535)
    623. 

  623. 		createTestFile(testFilePath, testFileSize)
    624. 

  624. 		err = sftpUploadFile(testFilePath, testFileName, testFileSize, client)
    625. 

  625. 		if err != nil {
    626. 

  626. 			t.Errorf("file upload error: %v", err)
    627. 

  627. 		}
    628. 

  628. 		err = client.Chown(testFileName, os.Getuid(), os.Getgid())
    629. 

  629. 		if err != nil {
    630. 

  630. 			t.Errorf("chown error: %v", err)
    631. 

  631. 		}
    632. 

  632. 		newPerm := os.FileMode(0600)
    633. 

  633. 		err = client.Chmod(testFileName, newPerm)
    634. 

  634. 		if err != nil {
    635. 

  635. 			t.Errorf("chmod error: %v", err)
    636. 

  636. 		}
    637. 

  637. 		newFi, err := client.Lstat(testFileName)
    638. 

  638. 		if err != nil {
    639. 

  639. 			t.Errorf("stat error: %v", err)
    640. 

  640. 		}
    641. 

  641. 		if newPerm != newFi.Mode().Perm() {
    642. 

  642. 			t.Errorf("chown failed expected: %v, actual: %v", newPerm, newFi.Mode().Perm())
    643. 

  643. 		}
    644. 

  644. 		err = client.Remove(testFileName)
    645. 

  645. 		if err != nil {
    646. 

  646. 			t.Errorf("error removing uploaded file: %v", err)
    647. 

  647. 		}
    648. 

  648. 		// l'errore viene riconvertito da sftp.ErrSSHFxNoSuchFile in os.ErrNotExist
    649. 

  649. 		err = client.Chmod(testFileName, newPerm)
    650. 

  650. 		if err != os.ErrNotExist {
    651. 

  651. 			t.Errorf("unexpected chmod error: %v expected: %v", err, os.ErrNotExist)
    652. 

  652. 		}
    653. 

  653. 		err = client.Chown(testFileName, os.Getuid(), os.Getgid())
    654. 

  654. 		if err != os.ErrNotExist {
    655. 

  655. 			t.Errorf("unexpected chown error: %v expected: %v", err, os.ErrNotExist)
    656. 

  656. 		}
    657. 

  657. 		os.Remove(testFilePath)
    658. 

  658. 	}
    659. 

  659. 	_, err = httpd.RemoveUser(user, http.StatusOK)
    660. 

  660. 	if err != nil {
    661. 

  661. 		t.Errorf("unable to remove user: %v", err)
    662. 

  662. 	}
    663. 

  663. 	os.RemoveAll(user.GetHomeDir())
    664. 

  664. }
    665. 

  665. 

  666. func TestChtimes(t *testing.T) {
    667. 

  667. 	usePubKey := false
    668. 

  668. 	user, _, err := httpd.AddUser(getTestUser(usePubKey), http.StatusOK)
    669. 

  669. 	if err != nil {
    670. 

  670. 		t.Errorf("unable to add user: %v", err)
    671. 

  671. 	}
    672. 

  672. 	client, err := getSftpClient(user, usePubKey)
    673. 

  673. 	if err != nil {
    674. 

  674. 		t.Errorf("unable to create sftp client: %v", err)
    675. 

  675. 	} else {
    676. 

  676. 		defer client.Close()
    677. 

  677. 		testFileName := "test_file.dat"
    678. 

  678. 		testFilePath := filepath.Join(homeBasePath, testFileName)
    679. 

  679. 		testFileSize := int64(65535)
    680. 

  680. 		testDir := "test"
    681. 

  681. 		createTestFile(testFilePath, testFileSize)
    682. 

  682. 		err = sftpUploadFile(testFilePath, testFileName, testFileSize, client)
    683. 

  683. 		if err != nil {
    684. 

  684. 			t.Errorf("file upload error: %v", err)
    685. 

  685. 		}
    686. 

  686. 		acmodTime := time.Now()
    687. 

  687. 		err = client.Chtimes(testFileName, acmodTime, acmodTime)
    688. 

  688. 		if err != nil {
    689. 

  689. 			t.Errorf("error changing file times")
    690. 

  690. 		}
    691. 

  691. 		newFi, err := client.Lstat(testFileName)
    692. 

  692. 		if err != nil {
    693. 

  693. 			t.Errorf("file stat error: %v", err)
    694. 

  694. 		}
    695. 

  695. 		diff := math.Abs(newFi.ModTime().Sub(acmodTime).Seconds())
    696. 

  696. 		if diff > 1 {
    697. 

  697. 			t.Errorf("diff between wanted and real modification time too big: %v", diff)
    698. 

  698. 		}
    699. 

  699. 		err = client.Chtimes("invalidFile", acmodTime, acmodTime)
    700. 

  700. 		if !os.IsNotExist(err) {
    701. 

  701. 			t.Errorf("unexpected error: %v", err)
    702. 

  702. 		}
    703. 

  703. 		err = client.Mkdir(testDir)
    704. 

  704. 		if err != nil {
    705. 

  705. 			t.Errorf("unable to create dir: %v", err)
    706. 

  706. 		}
    707. 

  707. 		err = client.Chtimes(testDir, acmodTime, acmodTime)
    708. 

  708. 		if err != nil {
    709. 

  709. 			t.Errorf("error changing dir times")
    710. 

  710. 		}
    711. 

  711. 		newFi, err = client.Lstat(testDir)
    712. 

  712. 		if err != nil {
    713. 

  713. 			t.Errorf("dir stat error: %v", err)
    714. 

  714. 		}
    715. 

  715. 		diff = math.Abs(newFi.ModTime().Sub(acmodTime).Seconds())
    716. 

  716. 		if diff > 1 {
    717. 

  717. 			t.Errorf("diff between wanted and real modification time too big: %v", diff)
    718. 

  718. 		}
    719. 

  719. 		os.Remove(testFilePath)
    720. 

  720. 	}
    721. 

  721. 	_, err = httpd.RemoveUser(user, http.StatusOK)
    722. 

  722. 	if err != nil {
    723. 

  723. 		t.Errorf("unable to remove user: %v", err)
    724. 

  724. 	}
    725. 

  725. 	os.RemoveAll(user.GetHomeDir())
    726. 

  726. }
    727. 

  727. 

  728. // basic tests to verify virtual chroot, should be improved to cover more cases ...
    729. 

  729. func TestEscapeHomeDir(t *testing.T) {
    730. 

  730. 	usePubKey := true
    731. 

  731. 	user, _, err := httpd.AddUser(getTestUser(usePubKey), http.StatusOK)
    732. 

  732. 	if err != nil {
    733. 

  733. 		t.Errorf("unable to add user: %v", err)
    734. 

  734. 	}
    735. 

  735. 	client, err := getSftpClient(user, usePubKey)
    736. 

  736. 	if err != nil {
    737. 

  737. 		t.Errorf("unable to create sftp client: %v", err)
    738. 

  738. 	} else {
    739. 

  739. 		defer client.Close()
    740. 

  740. 		_, err := client.Getwd()
    741. 

  741. 		if err != nil {
    742. 

  742. 			t.Errorf("unable to get working dir: %v", err)
    743. 

  743. 		}
    744. 

  744. 		testDir := "testDir"
    745. 

  745. 		linkPath := filepath.Join(homeBasePath, defaultUsername, testDir)
    746. 

  746. 		err = os.Symlink(homeBasePath, linkPath)
    747. 

  747. 		if err != nil {
    748. 

  748. 			t.Errorf("error making local symlink: %v", err)
    749. 

  749. 		}
    750. 

  750. 		_, err = client.ReadDir(testDir)
    751. 

  751. 		if err == nil {
    752. 

  752. 			t.Errorf("reading a symbolic link outside home dir should not succeeded")
    753. 

  753. 		}
    754. 

  754. 		os.Remove(linkPath)
    755. 

  755. 		testFileName := "test_file.dat"
    756. 

  756. 		testFilePath := filepath.Join(homeBasePath, testFileName)
    757. 

  757. 		testFileSize := int64(65535)
    758. 

  758. 		err = createTestFile(testFilePath, testFileSize)
    759. 

  759. 		if err != nil {
    760. 

  760. 			t.Errorf("unable to create test file: %v", err)
    761. 

  761. 		}
    762. 

  762. 		remoteDestPath := path.Join("..", "..", testFileName)
    763. 

  763. 		err = sftpUploadFile(testFilePath, remoteDestPath, testFileSize, client)
    764. 

  764. 		if err != nil {
    765. 

  765. 			t.Errorf("file upload error: %v", err)
    766. 

  766. 		}
    767. 

  767. 		_, err = client.Lstat(testFileName)
    768. 

  768. 		if err != nil {
    769. 

  769. 			t.Errorf("file stat error: %v the file was created outside the user dir!", err)
    770. 

  770. 		}
    771. 

  771. 		err = client.Remove(testFileName)
    772. 

  772. 		if err != nil {
    773. 

  773. 			t.Errorf("error removing uploaded file: %v", err)
    774. 

  774. 		}
    775. 

  775. 		linkPath = filepath.Join(homeBasePath, defaultUsername, testFileName)
    776. 

  776. 		err = os.Symlink(homeBasePath, linkPath)
    777. 

  777. 		if err != nil {
    778. 

  778. 			t.Errorf("error making local symlink: %v", err)
    779. 

  779. 		}
    780. 

  780. 		err = sftpDownloadFile(testFileName, testFilePath, 0, client)
    781. 

  781. 		if err == nil {
    782. 

  782. 			t.Errorf("download file outside home dir must fail")
    783. 

  783. 		}
    784. 

  784. 		err = sftpUploadFile(testFilePath, remoteDestPath, testFileSize, client)
    785. 

  785. 		if err == nil {
    786. 

  786. 			t.Errorf("overwrite a file outside home dir must fail")
    787. 

  787. 		}
    788. 

  788. 		err = client.Chmod(remoteDestPath, 0644)
    789. 

  789. 		if err == nil {
    790. 

  790. 			t.Errorf("setstat on a file outside home dir must fail")
    791. 

  791. 		}
    792. 

  792. 		os.Remove(linkPath)
    793. 

  793. 		os.Remove(testFilePath)
    794. 

  794. 	}
    795. 

  795. 	_, err = httpd.RemoveUser(user, http.StatusOK)
    796. 

  796. 	if err != nil {
    797. 

  797. 		t.Errorf("unable to remove user: %v", err)
    798. 

  798. 	}
    799. 

  799. 	os.RemoveAll(user.GetHomeDir())
    800. 

  800. }
    801. 

  801. 

  802. func TestHomeSpecialChars(t *testing.T) {
    803. 

  803. 	usePubKey := true
    804. 

  804. 	u := getTestUser(usePubKey)
    805. 

  805. 	u.HomeDir = filepath.Join(homeBasePath, "abc açà#&%lk")
    806. 

  806. 	user, _, err := httpd.AddUser(u, http.StatusOK)
    807. 

  807. 	if err != nil {
    808. 

  808. 		t.Errorf("unable to add user: %v", err)
    809. 

  809. 	}
    810. 

  810. 	client, err := getSftpClient(user, usePubKey)
    811. 

  811. 	if err != nil {
    812. 

  812. 		t.Errorf("unable to create sftp client: %v", err)
    813. 

  813. 	} else {
    814. 

  814. 		defer client.Close()
    815. 

  815. 		_, err := client.Getwd()
    816. 

  816. 		if err != nil {
    817. 

  817. 			t.Errorf("unable to get working dir: %v", err)
    818. 

  818. 		}
    819. 

  819. 		testFileName := "test_file.dat"
    820. 

  820. 		testFilePath := filepath.Join(homeBasePath, testFileName)
    821. 

  821. 		testFileSize := int64(65535)
    822. 

  822. 		err = createTestFile(testFilePath, testFileSize)
    823. 

  823. 		if err != nil {
    824. 

  824. 			t.Errorf("unable to create test file: %v", err)
    825. 

  825. 		}
    826. 

  826. 		err = sftpUploadFile(testFilePath, testFileName, testFileSize, client)
    827. 

  827. 		if err != nil {
    828. 

  828. 			t.Errorf("file upload error: %v", err)
    829. 

  829. 		}
    830. 

  830. 		files, err := client.ReadDir(".")
    831. 

  831. 		if err != nil {
    832. 

  832. 			t.Errorf("unable to read remote dir: %v", err)
    833. 

  833. 		}
    834. 

  834. 		if len(files) < 1 {
    835. 

  835. 			t.Errorf("expected at least 1 file in this dir")
    836. 

  836. 		}
    837. 

  837. 		err = client.Remove(testFileName)
    838. 

  838. 		if err != nil {
    839. 

  839. 			t.Errorf("error removing uploaded file: %v", err)
    840. 

  840. 		}
    841. 

  841. 		os.Remove(testFilePath)
    842. 

  842. 	}
    843. 

  843. 	_, err = httpd.RemoveUser(user, http.StatusOK)
    844. 

  844. 	if err != nil {
    845. 

  845. 		t.Errorf("unable to remove user: %v", err)
    846. 

  846. 	}
    847. 

  847. 	os.RemoveAll(user.GetHomeDir())
    848. 

  848. }
    849. 

  849. 

  850. func TestLogin(t *testing.T) {
    851. 

  851. 	u := getTestUser(false)
    852. 

  852. 	u.PublicKeys = []string{testPubKey}
    853. 

  853. 	user, _, err := httpd.AddUser(u, http.StatusOK)
    854. 

  854. 	if err != nil {
    855. 

  855. 		t.Errorf("unable to add user: %v", err)
    856. 

  856. 	}
    857. 

  857. 	client, err := getSftpClient(user, false)
    858. 

  858. 	if err != nil {
    859. 

  859. 		t.Errorf("unable to create sftp client: %v", err)
    860. 

  860. 	} else {
    861. 

  861. 		defer client.Close()
    862. 

  862. 		_, err := client.Getwd()
    863. 

  863. 		if err != nil {
    864. 

  864. 			t.Errorf("sftp client with valid password must work")
    865. 

  865. 		}
    866. 

  866. 		user, _, err = httpd.GetUserByID(user.ID, http.StatusOK)
    867. 

  867. 		if err != nil {
    868. 

  868. 			t.Errorf("error getting user: %v", err)
    869. 

  869. 		}
    870. 

  870. 		if user.LastLogin <= 0 {
    871. 

  871. 			t.Errorf("last login must be updated after a successful login: %v", user.LastLogin)
    872. 

  872. 		}
    873. 

  873. 	}
    874. 

  874. 	client, err = getSftpClient(user, true)
    875. 

  875. 	if err != nil {
    876. 

  876. 		t.Errorf("unable to create sftp client: %v", err)
    877. 

  877. 	} else {
    878. 

  878. 		defer client.Close()
    879. 

  879. 		_, err := client.Getwd()
    880. 

  880. 		if err != nil {
    881. 

  881. 			t.Errorf("sftp client with valid public key must work")
    882. 

  882. 		}
    883. 

  883. 	}
    884. 

  884. 	user.Password = "invalid password"
    885. 

  885. 	client, err = getSftpClient(user, false)
    886. 

  886. 	if err == nil {
    887. 

  887. 		t.Errorf("login with invalid password must fail")
    888. 

  888. 		defer client.Close()
    889. 

  889. 	}
    890. 

  890. 	// testPubKey1 is not authorized
    891. 

  891. 	user.PublicKeys = []string{testPubKey1}
    892. 

  892. 	user.Password = ""
    893. 

  893. 	_, _, err = httpd.UpdateUser(user, http.StatusOK)
    894. 

  894. 	if err != nil {
    895. 

  895. 		t.Errorf("unable to update user: %v", err)
    896. 

  896. 	}
    897. 

  897. 	client, err = getSftpClient(user, true)
    898. 

  898. 	if err == nil {
    899. 

  899. 		t.Errorf("login with invalid public key must fail")
    900. 

  900. 		defer client.Close()
    901. 

  901. 	}
    902. 

  902. 	// login a user with multiple public keys, only the second one is valid
    903. 

  903. 	user.PublicKeys = []string{testPubKey1, testPubKey}
    904. 

  904. 	user.Password = ""
    905. 

  905. 	_, _, err = httpd.UpdateUser(user, http.StatusOK)
    906. 

  906. 	if err != nil {
    907. 

  907. 		t.Errorf("unable to update user: %v", err)
    908. 

  908. 	}
    909. 

  909. 	client, err = getSftpClient(user, true)
    910. 

  910. 	if err != nil {
    911. 

  911. 		t.Errorf("unable to create sftp client: %v", err)
    912. 

  912. 	} else {
    913. 

  913. 		defer client.Close()
    914. 

  914. 		_, err := client.Getwd()
    915. 

  915. 		if err != nil {
    916. 

  916. 			t.Errorf("sftp client with multiple public key must work if at least one public key is valid")
    917. 

  917. 		}
    918. 

  918. 	}
    919. 

  919. 	_, err = httpd.RemoveUser(user, http.StatusOK)
    920. 

  920. 	if err != nil {
    921. 

  921. 		t.Errorf("unable to remove user: %v", err)
    922. 

  922. 	}
    923. 

  923. 	os.RemoveAll(user.GetHomeDir())
    924. 

  924. }
    925. 

  925. 

  926. func TestLoginUserStatus(t *testing.T) {
    927. 

  927. 	usePubKey := true
    928. 

  928. 	user, _, err := httpd.AddUser(getTestUser(usePubKey), http.StatusOK)
    929. 

  929. 	if err != nil {
    930. 

  930. 		t.Errorf("unable to add user: %v", err)
    931. 

  931. 	}
    932. 

  932. 	client, err := getSftpClient(user, usePubKey)
    933. 

  933. 	if err != nil {
    934. 

  934. 		t.Errorf("unable to create sftp client: %v", err)
    935. 

  935. 	} else {
    936. 

  936. 		defer client.Close()
    937. 

  937. 		_, err := client.Getwd()
    938. 

  938. 		if err != nil {
    939. 

  939. 			t.Errorf("sftp client with valid credentials must work")
    940. 

  940. 		}
    941. 

  941. 		user, _, err = httpd.GetUserByID(user.ID, http.StatusOK)
    942. 

  942. 		if err != nil {
    943. 

  943. 			t.Errorf("error getting user: %v", err)
    944. 

  944. 		}
    945. 

  945. 		if user.LastLogin <= 0 {
    946. 

  946. 			t.Errorf("last login must be updated after a successful login: %v", user.LastLogin)
    947. 

  947. 		}
    948. 

  948. 	}
    949. 

  949. 	user.Status = 0
    950. 

  950. 	user, _, err = httpd.UpdateUser(user, http.StatusOK)
    951. 

  951. 	if err != nil {
    952. 

  952. 		t.Errorf("unable to update user: %v", err)
    953. 

  953. 	}
    954. 

  954. 	client, err = getSftpClient(user, usePubKey)
    955. 

  955. 	if err == nil {
    956. 

  956. 		t.Errorf("login for a disabled user must fail")
    957. 

  957. 		defer client.Close()
    958. 

  958. 	}
    959. 

  959. 	_, err = httpd.RemoveUser(user, http.StatusOK)
    960. 

  960. 	if err != nil {
    961. 

  961. 		t.Errorf("unable to remove user: %v", err)
    962. 

  962. 	}
    963. 

  963. 	os.RemoveAll(user.GetHomeDir())
    964. 

  964. }
    965. 

  965. 

  966. func TestLoginUserExpiration(t *testing.T) {
    967. 

  967. 	usePubKey := true
    968. 

  968. 	user, _, err := httpd.AddUser(getTestUser(usePubKey), http.StatusOK)
    969. 

  969. 	if err != nil {
    970. 

  970. 		t.Errorf("unable to add user: %v", err)
    971. 

  971. 	}
    972. 

  972. 	client, err := getSftpClient(user, usePubKey)
    973. 

  973. 	if err != nil {
    974. 

  974. 		t.Errorf("unable to create sftp client: %v", err)
    975. 

  975. 	} else {
    976. 

  976. 		defer client.Close()
    977. 

  977. 		_, err := client.Getwd()
    978. 

  978. 		if err != nil {
    979. 

  979. 			t.Errorf("sftp client with valid credentials must work")
    980. 

  980. 		}
    981. 

  981. 		user, _, err = httpd.GetUserByID(user.ID, http.StatusOK)
    982. 

  982. 		if err != nil {
    983. 

  983. 			t.Errorf("error getting user: %v", err)
    984. 

  984. 		}
    985. 

  985. 		if user.LastLogin <= 0 {
    986. 

  986. 			t.Errorf("last login must be updated after a successful login: %v", user.LastLogin)
    987. 

  987. 		}
    988. 

  988. 	}
    989. 

  989. 	user.ExpirationDate = utils.GetTimeAsMsSinceEpoch(time.Now()) - 120000
    990. 

  990. 	user, _, err = httpd.UpdateUser(user, http.StatusOK)
    991. 

  991. 	if err != nil {
    992. 

  992. 		t.Errorf("unable to update user: %v", err)
    993. 

  993. 	}
    994. 

  994. 	client, err = getSftpClient(user, usePubKey)
    995. 

  995. 	if err == nil {
    996. 

  996. 		t.Errorf("login for an expired user must fail")
    997. 

  997. 		defer client.Close()
    998. 

  998. 	}
    999. 

  999. 	user.ExpirationDate = utils.GetTimeAsMsSinceEpoch(time.Now()) + 120000
    1000. 

  1000. 	_, _, err = httpd.UpdateUser(user, http.StatusOK)
    1001. 

  1001. 	if err != nil {
    1002. 

  1002. 		t.Errorf("unable to update user: %v", err)
    1003. 

  1003. 	}
    1004. 

  1004. 	client, err = getSftpClient(user, usePubKey)
    1005. 

  1005. 	if err != nil {
    1006. 

  1006. 		t.Errorf("login for a non expired user must succeed: %v", err)
    1007. 

  1007. 	} else {
    1008. 

  1008. 		defer client.Close()
    1009. 

  1009. 	}
    1010. 

  1010. 	_, err = httpd.RemoveUser(user, http.StatusOK)
    1011. 

  1011. 	if err != nil {
    1012. 

  1012. 		t.Errorf("unable to remove user: %v", err)
    1013. 

  1013. 	}
    1014. 

  1014. 	os.RemoveAll(user.GetHomeDir())
    1015. 

  1015. }
    1016. 

  1016. 

  1017. func TestLoginWithIPFilters(t *testing.T) {
    1018. 

  1018. 	usePubKey := true
    1019. 

  1019. 	u := getTestUser(usePubKey)
    1020. 

  1020. 	u.Filters.DeniedIP = []string{"192.167.0.0/24", "172.18.0.0/16"}
    1021. 

  1021. 	u.Filters.AllowedIP = []string{}
    1022. 

  1022. 	user, _, err := httpd.AddUser(u, http.StatusOK)
    1023. 

  1023. 	if err != nil {
    1024. 

  1024. 		t.Errorf("unable to add user: %v", err)
    1025. 

  1025. 	}
    1026. 

  1026. 	client, err := getSftpClient(user, usePubKey)
    1027. 

  1027. 	if err != nil {
    1028. 

  1028. 		t.Errorf("unable to create sftp client: %v", err)
    1029. 

  1029. 	} else {
    1030. 

  1030. 		defer client.Close()
    1031. 

  1031. 		_, err := client.Getwd()
    1032. 

  1032. 		if err != nil {
    1033. 

  1033. 			t.Errorf("sftp client with valid credentials must work")
    1034. 

  1034. 		}
    1035. 

  1035. 		user, _, err = httpd.GetUserByID(user.ID, http.StatusOK)
    1036. 

  1036. 		if err != nil {
    1037. 

  1037. 			t.Errorf("error getting user: %v", err)
    1038. 

  1038. 		}
    1039. 

  1039. 		if user.LastLogin <= 0 {
    1040. 

  1040. 			t.Errorf("last login must be updated after a successful login: %v", user.LastLogin)
    1041. 

  1041. 		}
    1042. 

  1042. 	}
    1043. 

  1043. 	user.Filters.AllowedIP = []string{"127.0.0.0/8"}
    1044. 

  1044. 	_, _, err = httpd.UpdateUser(user, http.StatusOK)
    1045. 

  1045. 	if err != nil {
    1046. 

  1046. 		t.Errorf("unable to update user: %v", err)
    1047. 

  1047. 	}
    1048. 

  1048. 	client, err = getSftpClient(user, usePubKey)
    1049. 

  1049. 	if err != nil {
    1050. 

  1050. 		t.Errorf("login from an allowed IP must succeed: %v", err)
    1051. 

  1051. 	} else {
    1052. 

  1052. 		defer client.Close()
    1053. 

  1053. 	}
    1054. 

  1054. 	user.Filters.AllowedIP = []string{"172.19.0.0/16"}
    1055. 

  1055. 	_, _, err = httpd.UpdateUser(user, http.StatusOK)
    1056. 

  1056. 	if err != nil {
    1057. 

  1057. 		t.Errorf("unable to update user: %v", err)
    1058. 

  1058. 	}
    1059. 

  1059. 	client, err = getSftpClient(user, usePubKey)
    1060. 

  1060. 	if err == nil {
    1061. 

  1061. 		t.Errorf("login from an not allowed IP must fail")
    1062. 

  1062. 		client.Close()
    1063. 

  1063. 	}
    1064. 

  1064. 	_, err = httpd.RemoveUser(user, http.StatusOK)
    1065. 

  1065. 	if err != nil {
    1066. 

  1066. 		t.Errorf("unable to remove user: %v", err)
    1067. 

  1067. 	}
    1068. 

  1068. 	os.RemoveAll(user.GetHomeDir())
    1069. 

  1069. }
    1070. 

  1070. 

  1071. func TestLoginAfterUserUpdateEmptyPwd(t *testing.T) {
    1072. 

  1072. 	usePubKey := false
    1073. 

  1073. 	user, _, err := httpd.AddUser(getTestUser(usePubKey), http.StatusOK)
    1074. 

  1074. 	if err != nil {
    1075. 

  1075. 		t.Errorf("unable to add user: %v", err)
    1076. 

  1076. 	}
    1077. 

  1077. 	user.Password = ""
    1078. 

  1078. 	user.PublicKeys = []string{}
    1079. 

  1079. 	// password and public key should remain unchanged
    1080. 

  1080. 	_, _, err = httpd.UpdateUser(user, http.StatusOK)
    1081. 

  1081. 	if err != nil {
    1082. 

  1082. 		t.Errorf("unable to update user: %v", err)
    1083. 

  1083. 	}
    1084. 

  1084. 	client, err := getSftpClient(user, usePubKey)
    1085. 

  1085. 	if err != nil {
    1086. 

  1086. 		t.Errorf("unable to create sftp client: %v", err)
    1087. 

  1087. 	} else {
    1088. 

  1088. 		defer client.Close()
    1089. 

  1089. 		_, err := client.Getwd()
    1090. 

  1090. 		if err != nil {
    1091. 

  1091. 			t.Errorf("unable to get working dir: %v", err)
    1092. 

  1092. 		}
    1093. 

  1093. 		_, err = client.ReadDir(".")
    1094. 

  1094. 		if err != nil {
    1095. 

  1095. 			t.Errorf("unable to read remote dir: %v", err)
    1096. 

  1096. 		}
    1097. 

  1097. 	}
    1098. 

  1098. 	_, err = httpd.RemoveUser(user, http.StatusOK)
    1099. 

  1099. 	if err != nil {
    1100. 

  1100. 		t.Errorf("unable to remove user: %v", err)
    1101. 

  1101. 	}
    1102. 

  1102. 	os.RemoveAll(user.GetHomeDir())
    1103. 

  1103. }
    1104. 

  1104. 

  1105. func TestLoginAfterUserUpdateEmptyPubKey(t *testing.T) {
    1106. 

  1106. 	usePubKey := true
    1107. 

  1107. 	user, _, err := httpd.AddUser(getTestUser(usePubKey), http.StatusOK)
    1108. 

  1108. 	if err != nil {
    1109. 

  1109. 		t.Errorf("unable to add user: %v", err)
    1110. 

  1110. 	}
    1111. 

  1111. 	user.Password = ""
    1112. 

  1112. 	user.PublicKeys = []string{}
    1113. 

  1113. 	// password and public key should remain unchanged
    1114. 

  1114. 	_, _, err = httpd.UpdateUser(user, http.StatusOK)
    1115. 

  1115. 	if err != nil {
    1116. 

  1116. 		t.Errorf("unable to update user: %v", err)
    1117. 

  1117. 	}
    1118. 

  1118. 	client, err := getSftpClient(user, usePubKey)
    1119. 

  1119. 	if err != nil {
    1120. 

  1120. 		t.Errorf("unable to create sftp client: %v", err)
    1121. 

  1121. 	} else {
    1122. 

  1122. 		defer client.Close()
    1123. 

  1123. 		_, err := client.Getwd()
    1124. 

  1124. 		if err != nil {
    1125. 

  1125. 			t.Errorf("unable to get working dir: %v", err)
    1126. 

  1126. 		}
    1127. 

  1127. 		_, err = client.ReadDir(".")
    1128. 

  1128. 		if err != nil {
    1129. 

  1129. 			t.Errorf("unable to read remote dir: %v", err)
    1130. 

  1130. 		}
    1131. 

  1131. 	}
    1132. 

  1132. 	_, err = httpd.RemoveUser(user, http.StatusOK)
    1133. 

  1133. 	if err != nil {
    1134. 

  1134. 		t.Errorf("unable to remove user: %v", err)
    1135. 

  1135. 	}
    1136. 

  1136. 	os.RemoveAll(user.GetHomeDir())
    1137. 

  1137. }
    1138. 

  1138. 

  1139. func TestMaxSessions(t *testing.T) {
    1140. 

  1140. 	usePubKey := false
    1141. 

  1141. 	u := getTestUser(usePubKey)
    1142. 

  1142. 	u.MaxSessions = 1
    1143. 

  1143. 	user, _, err := httpd.AddUser(u, http.StatusOK)
    1144. 

  1144. 	if err != nil {
    1145. 

  1145. 		t.Errorf("unable to add user: %v", err)
    1146. 

  1146. 	}
    1147. 

  1147. 	client, err := getSftpClient(user, usePubKey)
    1148. 

  1148. 	if err != nil {
    1149. 

  1149. 		t.Errorf("unable to create sftp client: %v", err)
    1150. 

  1150. 	} else {
    1151. 

  1151. 		defer client.Close()
    1152. 

  1152. 		_, err := client.Getwd()
    1153. 

  1153. 		if err != nil {
    1154. 

  1154. 			t.Errorf("unable to get working dir: %v", err)
    1155. 

  1155. 		}
    1156. 

  1156. 		_, err = client.ReadDir(".")
    1157. 

  1157. 		if err != nil {
    1158. 

  1158. 			t.Errorf("unable to read remote dir: %v", err)
    1159. 

  1159. 		}
    1160. 

  1160. 		_, err = getSftpClient(user, usePubKey)
    1161. 

  1161. 		if err == nil {
    1162. 

  1162. 			t.Errorf("max sessions exceeded, new login should not succeed")
    1163. 

  1163. 		}
    1164. 

  1164. 	}
    1165. 

  1165. 	_, err = httpd.RemoveUser(user, http.StatusOK)
    1166. 

  1166. 	if err != nil {
    1167. 

  1167. 		t.Errorf("unable to remove user: %v", err)
    1168. 

  1168. 	}
    1169. 

  1169. 	os.RemoveAll(user.GetHomeDir())
    1170. 

  1170. }
    1171. 

  1171. 

  1172. func TestQuotaFileReplace(t *testing.T) {
    1173. 

  1173. 	usePubKey := false
    1174. 

  1174. 	u := getTestUser(usePubKey)
    1175. 

  1175. 	u.QuotaFiles = 1000
    1176. 

  1176. 	user, _, err := httpd.AddUser(u, http.StatusOK)
    1177. 

  1177. 	if err != nil {
    1178. 

  1178. 		t.Errorf("unable to add user: %v", err)
    1179. 

  1179. 	}
    1180. 

  1180. 	os.RemoveAll(user.GetHomeDir())
    1181. 

  1181. 	testFileSize := int64(65535)
    1182. 

  1182. 	testFileName := "test_file.dat"
    1183. 

  1183. 	testFilePath := filepath.Join(homeBasePath, testFileName)
    1184. 

  1184. 	client, err := getSftpClient(user, usePubKey)
    1185. 

  1185. 	if err != nil {
    1186. 

  1186. 		t.Errorf("unable to create sftp client: %v", err)
    1187. 

  1187. 	} else {
    1188. 

  1188. 		defer client.Close()
    1189. 

  1189. 		expectedQuotaSize := user.UsedQuotaSize + testFileSize
    1190. 

  1190. 		expectedQuotaFiles := user.UsedQuotaFiles + 1
    1191. 

  1191. 		err = createTestFile(testFilePath, testFileSize)
    1192. 

  1192. 		if err != nil {
    1193. 

  1193. 			t.Errorf("unable to create test file: %v", err)
    1194. 

  1194. 		}
    1195. 

  1195. 		err = sftpUploadFile(testFilePath, testFileName, testFileSize, client)
    1196. 

  1196. 		if err != nil {
    1197. 

  1197. 			t.Errorf("file upload error: %v", err)
    1198. 

  1198. 		}
    1199. 

  1199. 		user, _, err = httpd.GetUserByID(user.ID, http.StatusOK)
    1200. 

  1200. 		if err != nil {
    1201. 

  1201. 			t.Errorf("error getting user: %v", err)
    1202. 

  1202. 		}
    1203. 

  1203. 		// now replace the same file, the quota must not change
    1204. 

  1204. 		err = sftpUploadFile(testFilePath, testFileName, testFileSize, client)
    1205. 

  1205. 		if err != nil {
    1206. 

  1206. 			t.Errorf("file upload error: %v", err)
    1207. 

  1207. 		}
    1208. 

  1208. 		user, _, err = httpd.GetUserByID(user.ID, http.StatusOK)
    1209. 

  1209. 		if err != nil {
    1210. 

  1210. 			t.Errorf("error getting user: %v", err)
    1211. 

  1211. 		}
    1212. 

  1212. 		if expectedQuotaFiles != user.UsedQuotaFiles {
    1213. 

  1213. 			t.Errorf("quota files does not match, expected: %v, actual: %v", expectedQuotaFiles, user.UsedQuotaFiles)
    1214. 

  1214. 		}
    1215. 

  1215. 		if expectedQuotaSize != user.UsedQuotaSize {
    1216. 

  1216. 			t.Errorf("quota size does not match, expected: %v, actual: %v", expectedQuotaSize, user.UsedQuotaSize)
    1217. 

  1217. 		}
    1218. 

  1218. 	}
    1219. 

  1219. 	// now set a quota size restriction and upload the same file, upload should fail for space limit exceeded
    1220. 

  1220. 	user.QuotaSize = testFileSize - 1
    1221. 

  1221. 	user, _, err = httpd.UpdateUser(user, http.StatusOK)
    1222. 

  1222. 	if err != nil {
    1223. 

  1223. 		t.Errorf("error updating user: %v", err)
    1224. 

  1224. 	}
    1225. 

  1225. 	client, err = getSftpClient(user, usePubKey)
    1226. 

  1226. 	if err != nil {
    1227. 

  1227. 		t.Errorf("unable to create sftp client: %v", err)
    1228. 

  1228. 	} else {
    1229. 

  1229. 		err = sftpUploadFile(testFilePath, testFileName, testFileSize, client)
    1230. 

  1230. 		if err == nil {
    1231. 

  1231. 			t.Errorf("quota size exceeded, file upload must fail")
    1232. 

  1232. 		}
    1233. 

  1233. 		err = client.Remove(testFileName)
    1234. 

  1234. 		if err != nil {
    1235. 

  1235. 			t.Errorf("error removing uploaded file: %v", err)
    1236. 

  1236. 		}
    1237. 

  1237. 	}
    1238. 

  1238. 	_, err = httpd.RemoveUser(user, http.StatusOK)
    1239. 

  1239. 	if err != nil {
    1240. 

  1240. 		t.Errorf("unable to remove user: %v", err)
    1241. 

  1241. 	}
    1242. 

  1242. 	os.Remove(testFilePath)
    1243. 

  1243. 	os.RemoveAll(user.GetHomeDir())
    1244. 

  1244. }
    1245. 

  1245. 

  1246. func TestQuotaScan(t *testing.T) {
    1247. 

  1247. 	usePubKey := false
    1248. 

  1248. 	user, _, err := httpd.AddUser(getTestUser(usePubKey), http.StatusOK)
    1249. 

  1249. 	if err != nil {
    1250. 

  1250. 		t.Errorf("unable to add user: %v", err)
    1251. 

  1251. 	}
    1252. 

  1252. 	testFileSize := int64(65535)
    1253. 

  1253. 	expectedQuotaSize := user.UsedQuotaSize + testFileSize
    1254. 

  1254. 	expectedQuotaFiles := user.UsedQuotaFiles + 1
    1255. 

  1255. 	client, err := getSftpClient(user, usePubKey)
    1256. 

  1256. 	if err != nil {
    1257. 

  1257. 		t.Errorf("unable to create sftp client: %v", err)
    1258. 

  1258. 	} else {
    1259. 

  1259. 		defer client.Close()
    1260. 

  1260. 		testFileName := "test_file.dat"
    1261. 

  1261. 		testFilePath := filepath.Join(homeBasePath, testFileName)
    1262. 

  1262. 		err = createTestFile(testFilePath, testFileSize)
    1263. 

  1263. 		if err != nil {
    1264. 

  1264. 			t.Errorf("unable to create test file: %v", err)
    1265. 

  1265. 		}
    1266. 

  1266. 		err = sftpUploadFile(testFilePath, testFileName, testFileSize, client)
    1267. 

  1267. 		if err != nil {
    1268. 

  1268. 			t.Errorf("file upload error: %v", err)
    1269. 

  1269. 		}
    1270. 

  1270. 		os.Remove(testFilePath)
    1271. 

  1271. 	}
    1272. 

  1272. 	_, err = httpd.RemoveUser(user, http.StatusOK)
    1273. 

  1273. 	if err != nil {
    1274. 

  1274. 		t.Errorf("unable to remove user: %v", err)
    1275. 

  1275. 	}
    1276. 

  1276. 	// create user with the same home dir, so there is at least an untracked file
    1277. 

  1277. 	user, _, err = httpd.AddUser(getTestUser(usePubKey), http.StatusOK)
    1278. 

  1278. 	if err != nil {
    1279. 

  1279. 		t.Errorf("unable to add user: %v", err)
    1280. 

  1280. 	}
    1281. 

  1281. 	_, err = httpd.StartQuotaScan(user, http.StatusCreated)
    1282. 

  1282. 	if err != nil {
    1283. 

  1283. 		t.Errorf("error starting quota scan: %v", err)
    1284. 

  1284. 	}
    1285. 

  1285. 	err = waitQuotaScans()
    1286. 

  1286. 	if err != nil {
    1287. 

  1287. 		t.Errorf("error waiting for active quota scans: %v", err)
    1288. 

  1288. 	}
    1289. 

  1289. 	user, _, err = httpd.GetUserByID(user.ID, http.StatusOK)
    1290. 

  1290. 	if err != nil {
    1291. 

  1291. 		t.Errorf("error getting user: %v", err)
    1292. 

  1292. 	}
    1293. 

  1293. 	if expectedQuotaFiles != user.UsedQuotaFiles {
    1294. 

  1294. 		t.Errorf("quota files does not match after scan, expected: %v, actual: %v", expectedQuotaFiles, user.UsedQuotaFiles)
    1295. 

  1295. 	}
    1296. 

  1296. 	if expectedQuotaSize != user.UsedQuotaSize {
    1297. 

  1297. 		t.Errorf("quota size does not match after scan, expected: %v, actual: %v", expectedQuotaSize, user.UsedQuotaSize)
    1298. 

  1298. 	}
    1299. 

  1299. 	_, err = httpd.RemoveUser(user, http.StatusOK)
    1300. 

  1300. 	if err != nil {
    1301. 

  1301. 		t.Errorf("unable to remove user: %v", err)
    1302. 

  1302. 	}
    1303. 

  1303. 	os.RemoveAll(user.GetHomeDir())
    1304. 

  1304. }
    1305. 

  1305. 

  1306. func TestMultipleQuotaScans(t *testing.T) {
    1307. 

  1307. 	if !sftpd.AddQuotaScan(defaultUsername) {
    1308. 

  1308. 		t.Errorf("add quota failed")
    1309. 

  1309. 	}
    1310. 

  1310. 	if sftpd.AddQuotaScan(defaultUsername) {
    1311. 

  1311. 		t.Errorf("add quota must fail if another scan is already active")
    1312. 

  1312. 	}
    1313. 

  1313. 	sftpd.RemoveQuotaScan(defaultUsername)
    1314. 

  1314. 	activeScans := sftpd.GetQuotaScans()
    1315. 

  1315. 	if len(activeScans) > 0 {
    1316. 

  1316. 		t.Errorf("no quota scan must be active: %v", len(activeScans))
    1317. 

  1317. 	}
    1318. 

  1318. }
    1319. 

  1319. 

  1320. func TestQuotaSize(t *testing.T) {
    1321. 

  1321. 	usePubKey := false
    1322. 

  1322. 	testFileSize := int64(65535)
    1323. 

  1323. 	u := getTestUser(usePubKey)
    1324. 

  1324. 	u.QuotaFiles = 1
    1325. 

  1325. 	u.QuotaSize = testFileSize - 1
    1326. 

  1326. 	user, _, err := httpd.AddUser(u, http.StatusOK)
    1327. 

  1327. 	if err != nil {
    1328. 

  1328. 		t.Errorf("unable to add user: %v", err)
    1329. 

  1329. 	}
    1330. 

  1330. 	client, err := getSftpClient(user, usePubKey)
    1331. 

  1331. 	if err != nil {
    1332. 

  1332. 		t.Errorf("unable to create sftp client: %v", err)
    1333. 

  1333. 	} else {
    1334. 

  1334. 		defer client.Close()
    1335. 

  1335. 		testFileName := "test_file.dat"
    1336. 

  1336. 		testFilePath := filepath.Join(homeBasePath, testFileName)
    1337. 

  1337. 		err = createTestFile(testFilePath, testFileSize)
    1338. 

  1338. 		if err != nil {
    1339. 

  1339. 			t.Errorf("unable to create test file: %v", err)
    1340. 

  1340. 		}
    1341. 

  1341. 		err = sftpUploadFile(testFilePath, testFileName+".quota", testFileSize, client)
    1342. 

  1342. 		if err != nil {
    1343. 

  1343. 			t.Errorf("file upload error: %v", err)
    1344. 

  1344. 		}
    1345. 

  1345. 		err = sftpUploadFile(testFilePath, testFileName+".quota.1", testFileSize, client)
    1346. 

  1346. 		if err == nil {
    1347. 

  1347. 			t.Errorf("user is over quota file upload must fail")
    1348. 

  1348. 		}
    1349. 

  1349. 		err = client.Remove(testFileName + ".quota")
    1350. 

  1350. 		if err != nil {
    1351. 

  1351. 			t.Errorf("error removing uploaded file: %v", err)
    1352. 

  1352. 		}
    1353. 

  1353. 		os.Remove(testFilePath)
    1354. 

  1354. 	}
    1355. 

  1355. 	_, err = httpd.RemoveUser(user, http.StatusOK)
    1356. 

  1356. 	if err != nil {
    1357. 

  1357. 		t.Errorf("unable to remove user: %v", err)
    1358. 

  1358. 	}
    1359. 

  1359. 	os.RemoveAll(user.GetHomeDir())
    1360. 

  1360. }
    1361. 

  1361. 

  1362. func TestBandwidthAndConnections(t *testing.T) {
    1363. 

  1363. 	usePubKey := false
    1364. 

  1364. 	testFileSize := int64(131072)
    1365. 

  1365. 	u := getTestUser(usePubKey)
    1366. 

  1366. 	u.UploadBandwidth = 30
    1367. 

  1367. 	u.DownloadBandwidth = 25
    1368. 

  1368. 	wantedUploadElapsed := 1000 * (testFileSize / 1000) / u.UploadBandwidth
    1369. 

  1369. 	wantedDownloadElapsed := 1000 * (testFileSize / 1000) / u.DownloadBandwidth
    1370. 

  1370. 	// 100 ms tolerance
    1371. 

  1371. 	wantedUploadElapsed -= 100
    1372. 

  1372. 	wantedDownloadElapsed -= 100
    1373. 

  1373. 	user, _, err := httpd.AddUser(u, http.StatusOK)
    1374. 

  1374. 	if err != nil {
    1375. 

  1375. 		t.Errorf("unable to add user: %v", err)
    1376. 

  1376. 	}
    1377. 

  1377. 	client, err := getSftpClient(user, usePubKey)
    1378. 

  1378. 	if err != nil {
    1379. 

  1379. 		t.Errorf("unable to create sftp client: %v", err)
    1380. 

  1380. 	} else {
    1381. 

  1381. 		defer client.Close()
    1382. 

  1382. 		testFileName := "test_file.dat"
    1383. 

  1383. 		testFilePath := filepath.Join(homeBasePath, testFileName)
    1384. 

  1384. 		err = createTestFile(testFilePath, testFileSize)
    1385. 

  1385. 		if err != nil {
    1386. 

  1386. 			t.Errorf("unable to create test file: %v", err)
    1387. 

  1387. 		}
    1388. 

  1388. 		startTime := time.Now()
    1389. 

  1389. 		err = sftpUploadFile(testFilePath, testFileName, testFileSize, client)
    1390. 

  1390. 		if err != nil {
    1391. 

  1391. 			t.Errorf("file upload error: %v", err)
    1392. 

  1392. 		}
    1393. 

  1393. 		elapsed := time.Since(startTime).Nanoseconds() / 1000000
    1394. 

  1394. 		if elapsed < (wantedUploadElapsed) {
    1395. 

  1395. 			t.Errorf("upload bandwidth throttling not respected, elapsed: %v, wanted: %v", elapsed, wantedUploadElapsed)
    1396. 

  1396. 		}
    1397. 

  1397. 		startTime = time.Now()
    1398. 

  1398. 		localDownloadPath := filepath.Join(homeBasePath, "test_download.dat")
    1399. 

  1399. 		c := sftpDownloadNonBlocking(testFileName, localDownloadPath, testFileSize, client)
    1400. 

  1400. 		waitForActiveTransfer()
    1401. 

  1401. 		// wait some additional arbitrary time to wait for transfer activity to happen
    1402. 

  1402. 		// it is need to reach all the code in CheckIdleConnections
    1403. 

  1403. 		time.Sleep(100 * time.Millisecond)
    1404. 

  1404. 		sftpd.CheckIdleConnections()
    1405. 

  1405. 		err = <-c
    1406. 

  1406. 		if err != nil {
    1407. 

  1407. 			t.Errorf("file download error: %v", err)
    1408. 

  1408. 		}
    1409. 

  1409. 		elapsed = time.Since(startTime).Nanoseconds() / 1000000
    1410. 

  1410. 		if elapsed < (wantedDownloadElapsed) {
    1411. 

  1411. 			t.Errorf("download bandwidth throttling not respected, elapsed: %v, wanted: %v", elapsed, wantedDownloadElapsed)
    1412. 

  1412. 		}
    1413. 

  1413. 		// test disconnection
    1414. 

  1414. 		c = sftpUploadNonBlocking(testFilePath, testFileName+"_partial", testFileSize, client)
    1415. 

  1415. 		waitForActiveTransfer()
    1416. 

  1416. 		time.Sleep(100 * time.Millisecond)
    1417. 

  1417. 		sftpd.CheckIdleConnections()
    1418. 

  1418. 		stats := sftpd.GetConnectionsStats()
    1419. 

  1419. 		for _, stat := range stats {
    1420. 

  1420. 			sftpd.CloseActiveConnection(stat.ConnectionID)
    1421. 

  1421. 		}
    1422. 

  1422. 		err = <-c
    1423. 

  1423. 		if err == nil {
    1424. 

  1424. 			t.Errorf("connection closed upload must fail")
    1425. 

  1425. 		}
    1426. 

  1426. 		os.Remove(testFilePath)
    1427. 

  1427. 		os.Remove(localDownloadPath)
    1428. 

  1428. 	}
    1429. 

  1429. 	_, err = httpd.RemoveUser(user, http.StatusOK)
    1430. 

  1430. 	if err != nil {
    1431. 

  1431. 		t.Errorf("unable to remove user: %v", err)
    1432. 

  1432. 	}
    1433. 

  1433. 	os.RemoveAll(user.GetHomeDir())
    1434. 

  1434. }
    1435. 

  1435. 

  1436. func TestMissingFile(t *testing.T) {
    1437. 

  1437. 	usePubKey := false
    1438. 

  1438. 	u := getTestUser(usePubKey)
    1439. 

  1439. 	user, _, err := httpd.AddUser(u, http.StatusOK)
    1440. 

  1440. 	if err != nil {
    1441. 

  1441. 		t.Errorf("unable to add user: %v", err)
    1442. 

  1442. 	}
    1443. 

  1443. 	client, err := getSftpClient(user, usePubKey)
    1444. 

  1444. 	if err != nil {
    1445. 

  1445. 		t.Errorf("unable to create sftp client: %v", err)
    1446. 

  1446. 	} else {
    1447. 

  1447. 		defer client.Close()
    1448. 

  1448. 		localDownloadPath := filepath.Join(homeBasePath, "test_download.dat")
    1449. 

  1449. 		err = sftpDownloadFile("missing_file", localDownloadPath, 0, client)
    1450. 

  1450. 		if err == nil {
    1451. 

  1451. 			t.Errorf("download missing file must fail")
    1452. 

  1452. 		}
    1453. 

  1453. 		os.Remove(localDownloadPath)
    1454. 

  1454. 	}
    1455. 

  1455. 	_, err = httpd.RemoveUser(user, http.StatusOK)
    1456. 

  1456. 	if err != nil {
    1457. 

  1457. 		t.Errorf("unable to remove user: %v", err)
    1458. 

  1458. 	}
    1459. 

  1459. 	os.RemoveAll(user.GetHomeDir())
    1460. 

  1460. }
    1461. 

  1461. 

  1462. func TestOpenError(t *testing.T) {
    1463. 

  1463. 	if runtime.GOOS == "windows" {
    1464. 

  1464. 		t.Skip("this test is not available on Windows")
    1465. 

  1465. 	}
    1466. 

  1466. 	usePubKey := false
    1467. 

  1467. 	u := getTestUser(usePubKey)
    1468. 

  1468. 	user, _, err := httpd.AddUser(u, http.StatusOK)
    1469. 

  1469. 	if err != nil {
    1470. 

  1470. 		t.Errorf("unable to add user: %v", err)
    1471. 

  1471. 	}
    1472. 

  1472. 	os.RemoveAll(user.GetHomeDir())
    1473. 

  1473. 	client, err := getSftpClient(user, usePubKey)
    1474. 

  1474. 	if err != nil {
    1475. 

  1475. 		t.Errorf("unable to create sftp client: %v", err)
    1476. 

  1476. 	} else {
    1477. 

  1477. 		defer client.Close()
    1478. 

  1478. 		os.Chmod(user.GetHomeDir(), 0001)
    1479. 

  1479. 		_, err = client.ReadDir(".")
    1480. 

  1480. 		if err == nil {
    1481. 

  1481. 			t.Errorf("read dir must fail if we have no filesystem read permissions")
    1482. 

  1482. 		}
    1483. 

  1483. 		os.Chmod(user.GetHomeDir(), 0755)
    1484. 

  1484. 		testFileSize := int64(65535)
    1485. 

  1485. 		testFileName := "test_file.dat"
    1486. 

  1486. 		testFilePath := filepath.Join(user.GetHomeDir(), testFileName)
    1487. 

  1487. 		err = createTestFile(testFilePath, testFileSize)
    1488. 

  1488. 		if err != nil {
    1489. 

  1489. 			t.Errorf("unable to create test file: %v", err)
    1490. 

  1490. 		}
    1491. 

  1491. 		_, err = client.Stat(testFileName)
    1492. 

  1492. 		if err != nil {
    1493. 

  1493. 			t.Errorf("file stat error: %v", err)
    1494. 

  1494. 		}
    1495. 

  1495. 		localDownloadPath := filepath.Join(homeBasePath, "test_download.dat")
    1496. 

  1496. 		err = sftpDownloadFile(testFileName, localDownloadPath, testFileSize, client)
    1497. 

  1497. 		if err != nil {
    1498. 

  1498. 			t.Errorf("file download error: %v", err)
    1499. 

  1499. 		}
    1500. 

  1500. 		os.Chmod(testFilePath, 0001)
    1501. 

  1501. 		err = sftpDownloadFile(testFileName, localDownloadPath, testFileSize, client)
    1502. 

  1502. 		if err == nil {
    1503. 

  1503. 			t.Errorf("file download must fail if we have no filesystem read permissions")
    1504. 

  1504. 		}
    1505. 

  1505. 		err = sftpUploadFile(localDownloadPath, testFileName, testFileSize, client)
    1506. 

  1506. 		if err == nil {
    1507. 

  1507. 			t.Errorf("upload must fail if we have no filesystem write permissions")
    1508. 

  1508. 		}
    1509. 

  1509. 		err = client.Mkdir("test")
    1510. 

  1510. 		if err != nil {
    1511. 

  1511. 			t.Errorf("error making dir: %v", err)
    1512. 

  1512. 		}
    1513. 

  1513. 		os.Chmod(user.GetHomeDir(), 0000)
    1514. 

  1514. 		_, err = client.Lstat(testFileName)
    1515. 

  1515. 		if err == nil {
    1516. 

  1516. 			t.Errorf("file stat must fail if we have no filesystem read permissions")
    1517. 

  1517. 		}
    1518. 

  1518. 		os.Chmod(user.GetHomeDir(), 0755)
    1519. 

  1519. 		os.Chmod(filepath.Join(user.GetHomeDir(), "test"), 0000)
    1520. 

  1520. 		err = client.Rename(testFileName, path.Join("test", testFileName))
    1521. 

  1521. 		if err == nil || !strings.Contains(err.Error(), sftp.ErrSSHFxPermissionDenied.Error()) {
    1522. 

  1522. 			t.Errorf("unexpected error: %v expected: %v", err, sftp.ErrSSHFxPermissionDenied)
    1523. 

  1523. 		}
    1524. 

  1524. 		os.Chmod(filepath.Join(user.GetHomeDir(), "test"), 0755)
    1525. 

  1525. 		os.Remove(testFilePath)
    1526. 

  1526. 		os.Remove(localDownloadPath)
    1527. 

  1527. 	}
    1528. 

  1528. 	_, err = httpd.RemoveUser(user, http.StatusOK)
    1529. 

  1529. 	if err != nil {
    1530. 

  1530. 		t.Errorf("unable to remove user: %v", err)
    1531. 

  1531. 	}
    1532. 

  1532. 	os.RemoveAll(user.GetHomeDir())
    1533. 

  1533. }
    1534. 

  1534. 

  1535. func TestOverwriteDirWithFile(t *testing.T) {
    1536. 

  1536. 	usePubKey := false
    1537. 

  1537. 	u := getTestUser(usePubKey)
    1538. 

  1538. 	user, _, err := httpd.AddUser(u, http.StatusOK)
    1539. 

  1539. 	if err != nil {
    1540. 

  1540. 		t.Errorf("unable to add user: %v", err)
    1541. 

  1541. 	}
    1542. 

  1542. 	client, err := getSftpClient(user, usePubKey)
    1543. 

  1543. 	if err != nil {
    1544. 

  1544. 		t.Errorf("unable to create sftp client: %v", err)
    1545. 

  1545. 	} else {
    1546. 

  1546. 		defer client.Close()
    1547. 

  1547. 		testFileSize := int64(65535)
    1548. 

  1548. 		testFileName := "test_file.dat"
    1549. 

  1549. 		testDirName := "test_dir"
    1550. 

  1550. 		testFilePath := filepath.Join(homeBasePath, testFileName)
    1551. 

  1551. 		err = createTestFile(testFilePath, testFileSize)
    1552. 

  1552. 		if err != nil {
    1553. 

  1553. 			t.Errorf("unable to create test file: %v", err)
    1554. 

  1554. 		}
    1555. 

  1555. 		err = client.Mkdir(testDirName)
    1556. 

  1556. 		if err != nil {
    1557. 

  1557. 			t.Errorf("mkdir error: %v", err)
    1558. 

  1558. 		}
    1559. 

  1559. 		err = sftpUploadFile(testFilePath, testDirName, testFileSize, client)
    1560. 

  1560. 		if err == nil {
    1561. 

  1561. 			t.Errorf("copying a file over an existing dir must fail")
    1562. 

  1562. 		}
    1563. 

  1563. 		err = sftpUploadFile(testFilePath, testFileName, testFileSize, client)
    1564. 

  1564. 		if err != nil {
    1565. 

  1565. 			t.Errorf("file upload error: %v", err)
    1566. 

  1566. 		}
    1567. 

  1567. 		err = client.Rename(testFileName, testDirName)
    1568. 

  1568. 		if err == nil {
    1569. 

  1569. 			t.Errorf("rename a file over an existing dir must fail")
    1570. 

  1570. 		}
    1571. 

  1571. 		err = client.RemoveDirectory(testDirName)
    1572. 

  1572. 		if err != nil {
    1573. 

  1573. 			t.Errorf("dir remove error: %v", err)
    1574. 

  1574. 		}
    1575. 

  1575. 		err = client.Remove(testFileName)
    1576. 

  1576. 		if err != nil {
    1577. 

  1577. 			t.Errorf("error removing uploaded file: %v", err)
    1578. 

  1578. 		}
    1579. 

  1579. 		os.Remove(testFilePath)
    1580. 

  1580. 	}
    1581. 

  1581. 	_, err = httpd.RemoveUser(user, http.StatusOK)
    1582. 

  1582. 	if err != nil {
    1583. 

  1583. 		t.Errorf("unable to remove user: %v", err)
    1584. 

  1584. 	}
    1585. 

  1585. 	os.RemoveAll(user.GetHomeDir())
    1586. 

  1586. }
    1587. 

  1587. 

  1588. func TestPasswordsHashPbkdf2Sha1(t *testing.T) {
    1589. 

  1589. 	pbkdf2Pwd := "$pbkdf2-sha1$150000$DveVjgYUD05R$X6ydQZdyMeOvpgND2nqGR/0GGic="
    1590. 

  1590. 	pbkdf2ClearPwd := "password"
    1591. 

  1591. 	usePubKey := false
    1592. 

  1592. 	u := getTestUser(usePubKey)
    1593. 

  1593. 	u.Password = pbkdf2Pwd
    1594. 

  1594. 	user, _, err := httpd.AddUser(u, http.StatusOK)
    1595. 

  1595. 	if err != nil {
    1596. 

  1596. 		t.Errorf("unable to add user: %v", err)
    1597. 

  1597. 	}
    1598. 

  1598. 	user.Password = pbkdf2ClearPwd
    1599. 

  1599. 	client, err := getSftpClient(user, usePubKey)
    1600. 

  1600. 	if err != nil {
    1601. 

  1601. 		t.Errorf("unable to login with pkkdf2 sha1 password: %v", err)
    1602. 

  1602. 	} else {
    1603. 

  1603. 		defer client.Close()
    1604. 

  1604. 		_, err = client.Getwd()
    1605. 

  1605. 		if err != nil {
    1606. 

  1606. 			t.Errorf("unable to get working dir with pkkdf2 sha1 password: %v", err)
    1607. 

  1607. 		}
    1608. 

  1608. 	}
    1609. 

  1609. 	user.Password = pbkdf2Pwd
    1610. 

  1610. 	_, err = getSftpClient(user, usePubKey)
    1611. 

  1611. 	if err == nil {
    1612. 

  1612. 		t.Errorf("login with wrong password must fail")
    1613. 

  1613. 	}
    1614. 

  1614. 	_, err = httpd.RemoveUser(user, http.StatusOK)
    1615. 

  1615. 	if err != nil {
    1616. 

  1616. 		t.Errorf("unable to remove user: %v", err)
    1617. 

  1617. 	}
    1618. 

  1618. 	os.RemoveAll(user.GetHomeDir())
    1619. 

  1619. }
    1620. 

  1620. 

  1621. func TestPasswordsHashPbkdf2Sha256(t *testing.T) {
    1622. 

  1622. 	pbkdf2Pwd := "$pbkdf2-sha256$150000$E86a9YMX3zC7$R5J62hsSq+pYw00hLLPKBbcGXmq7fj5+/M0IFoYtZbo="
    1623. 

  1623. 	pbkdf2ClearPwd := "password"
    1624. 

  1624. 	usePubKey := false
    1625. 

  1625. 	u := getTestUser(usePubKey)
    1626. 

  1626. 	u.Password = pbkdf2Pwd
    1627. 

  1627. 	user, _, err := httpd.AddUser(u, http.StatusOK)
    1628. 

  1628. 	if err != nil {
    1629. 

  1629. 		t.Errorf("unable to add user: %v", err)
    1630. 

  1630. 	}
    1631. 

  1631. 	user.Password = pbkdf2ClearPwd
    1632. 

  1632. 	client, err := getSftpClient(user, usePubKey)
    1633. 

  1633. 	if err != nil {
    1634. 

  1634. 		t.Errorf("unable to login with pkkdf2 sha1 password: %v", err)
    1635. 

  1635. 	} else {
    1636. 

  1636. 		defer client.Close()
    1637. 

  1637. 		_, err = client.Getwd()
    1638. 

  1638. 		if err != nil {
    1639. 

  1639. 			t.Errorf("unable to get working dir with pkkdf2 sha1 password: %v", err)
    1640. 

  1640. 		}
    1641. 

  1641. 	}
    1642. 

  1642. 	user.Password = pbkdf2Pwd
    1643. 

  1643. 	_, err = getSftpClient(user, usePubKey)
    1644. 

  1644. 	if err == nil {
    1645. 

  1645. 		t.Errorf("login with wrong password must fail")
    1646. 

  1646. 	}
    1647. 

  1647. 	_, err = httpd.RemoveUser(user, http.StatusOK)
    1648. 

  1648. 	if err != nil {
    1649. 

  1649. 		t.Errorf("unable to remove user: %v", err)
    1650. 

  1650. 	}
    1651. 

  1651. 	os.RemoveAll(user.GetHomeDir())
    1652. 

  1652. }
    1653. 

  1653. 

  1654. func TestPasswordsHashPbkdf2Sha512(t *testing.T) {
    1655. 

  1655. 	pbkdf2Pwd := "$pbkdf2-sha512$150000$dsu7T5R3IaVQ$1hFXPO1ntRBcoWkSLKw+s4sAP09Xtu4Ya7CyxFq64jM9zdUg8eRJVr3NcR2vQgb0W9HHvZaILHsL4Q/Vr6arCg=="
    1656. 

  1656. 	pbkdf2ClearPwd := "password"
    1657. 

  1657. 	usePubKey := false
    1658. 

  1658. 	u := getTestUser(usePubKey)
    1659. 

  1659. 	u.Password = pbkdf2Pwd
    1660. 

  1660. 	user, _, err := httpd.AddUser(u, http.StatusOK)
    1661. 

  1661. 	if err != nil {
    1662. 

  1662. 		t.Errorf("unable to add user: %v", err)
    1663. 

  1663. 	}
    1664. 

  1664. 	user.Password = pbkdf2ClearPwd
    1665. 

  1665. 	client, err := getSftpClient(user, usePubKey)
    1666. 

  1666. 	if err != nil {
    1667. 

  1667. 		t.Errorf("unable to login with pkkdf2 sha1 password: %v", err)
    1668. 

  1668. 	} else {
    1669. 

  1669. 		defer client.Close()
    1670. 

  1670. 		_, err = client.Getwd()
    1671. 

  1671. 		if err != nil {
    1672. 

  1672. 			t.Errorf("unable to get working dir with pkkdf2 sha1 password: %v", err)
    1673. 

  1673. 		}
    1674. 

  1674. 	}
    1675. 

  1675. 	user.Password = pbkdf2Pwd
    1676. 

  1676. 	_, err = getSftpClient(user, usePubKey)
    1677. 

  1677. 	if err == nil {
    1678. 

  1678. 		t.Errorf("login with wrong password must fail")
    1679. 

  1679. 	}
    1680. 

  1680. 	_, err = httpd.RemoveUser(user, http.StatusOK)
    1681. 

  1681. 	if err != nil {
    1682. 

  1682. 		t.Errorf("unable to remove user: %v", err)
    1683. 

  1683. 	}
    1684. 

  1684. 	os.RemoveAll(user.GetHomeDir())
    1685. 

  1685. }
    1686. 

  1686. 

  1687. func TestPasswordsHashBcrypt(t *testing.T) {
    1688. 

  1688. 	bcryptPwd := "$2a$14$ajq8Q7fbtFRQvXpdCq7Jcuy.Rx1h/L4J60Otx.gyNLbAYctGMJ9tK"
    1689. 

  1689. 	bcryptClearPwd := "secret"
    1690. 

  1690. 	usePubKey := false
    1691. 

  1691. 	u := getTestUser(usePubKey)
    1692. 

  1692. 	u.Password = bcryptPwd
    1693. 

  1693. 	user, _, err := httpd.AddUser(u, http.StatusOK)
    1694. 

  1694. 	if err != nil {
    1695. 

  1695. 		t.Errorf("unable to add user: %v", err)
    1696. 

  1696. 	}
    1697. 

  1697. 	user.Password = bcryptClearPwd
    1698. 

  1698. 	client, err := getSftpClient(user, usePubKey)
    1699. 

  1699. 	if err != nil {
    1700. 

  1700. 		t.Errorf("unable to login with bcrypt password: %v", err)
    1701. 

  1701. 	} else {
    1702. 

  1702. 		defer client.Close()
    1703. 

  1703. 		_, err = client.Getwd()
    1704. 

  1704. 		if err != nil {
    1705. 

  1705. 			t.Errorf("unable to get working dir with bcrypt password: %v", err)
    1706. 

  1706. 		}
    1707. 

  1707. 	}
    1708. 

  1708. 	user.Password = bcryptPwd
    1709. 

  1709. 	_, err = getSftpClient(user, usePubKey)
    1710. 

  1710. 	if err == nil {
    1711. 

  1711. 		t.Errorf("login with wrong password must fail")
    1712. 

  1712. 	}
    1713. 

  1713. 	_, err = httpd.RemoveUser(user, http.StatusOK)
    1714. 

  1714. 	if err != nil {
    1715. 

  1715. 		t.Errorf("unable to remove user: %v", err)
    1716. 

  1716. 	}
    1717. 

  1717. 	os.RemoveAll(user.GetHomeDir())
    1718. 

  1718. }
    1719. 

  1719. 

  1720. func TestPasswordsHashSHA512Crypt(t *testing.T) {
    1721. 

  1721. 	sha512CryptPwd := "$6$459ead56b72e44bc$uog86fUxscjt28BZxqFBE2pp2QD8P/1e98MNF75Z9xJfQvOckZnQ/1YJqiq1XeytPuDieHZvDAMoP7352ELkO1"
    1722. 

  1722. 	clearPwd := "secret"
    1723. 

  1723. 	usePubKey := false
    1724. 

  1724. 	u := getTestUser(usePubKey)
    1725. 

  1725. 	u.Password = sha512CryptPwd
    1726. 

  1726. 	user, _, err := httpd.AddUser(u, http.StatusOK)
    1727. 

  1727. 	if err != nil {
    1728. 

  1728. 		t.Errorf("unable to add user: %v", err)
    1729. 

  1729. 	}
    1730. 

  1730. 	user.Password = clearPwd
    1731. 

  1731. 	client, err := getSftpClient(user, usePubKey)
    1732. 

  1732. 	if err != nil {
    1733. 

  1733. 		t.Errorf("unable to login with sha512 crypt password: %v", err)
    1734. 

  1734. 	} else {
    1735. 

  1735. 		defer client.Close()
    1736. 

  1736. 		_, err = client.Getwd()
    1737. 

  1737. 		if err != nil {
    1738. 

  1738. 			t.Errorf("unable to get working dir with sha512 crypt password: %v", err)
    1739. 

  1739. 		}
    1740. 

  1740. 	}
    1741. 

  1741. 	user.Password = sha512CryptPwd
    1742. 

  1742. 	_, err = getSftpClient(user, usePubKey)
    1743. 

  1743. 	if err == nil {
    1744. 

  1744. 		t.Errorf("login with wrong password must fail")
    1745. 

  1745. 	}
    1746. 

  1746. 	_, err = httpd.RemoveUser(user, http.StatusOK)
    1747. 

  1747. 	if err != nil {
    1748. 

  1748. 		t.Errorf("unable to remove user: %v", err)
    1749. 

  1749. 	}
    1750. 

  1750. 	os.RemoveAll(user.GetHomeDir())
    1751. 

  1751. }
    1752. 

  1752. 

  1753. func TestPasswordsHashMD5Crypt(t *testing.T) {
    1754. 

  1754. 	md5CryptPwd := "$1$b5caebda$VODr/nyhGWgZaY8sJ4x05."
    1755. 

  1755. 	clearPwd := "password"
    1756. 

  1756. 	usePubKey := false
    1757. 

  1757. 	u := getTestUser(usePubKey)
    1758. 

  1758. 	u.Password = md5CryptPwd
    1759. 

  1759. 	user, _, err := httpd.AddUser(u, http.StatusOK)
    1760. 

  1760. 	if err != nil {
    1761. 

  1761. 		t.Errorf("unable to add user: %v", err)
    1762. 

  1762. 	}
    1763. 

  1763. 	user.Password = clearPwd
    1764. 

  1764. 	client, err := getSftpClient(user, usePubKey)
    1765. 

  1765. 	if err != nil {
    1766. 

  1766. 		t.Errorf("unable to login with md5 crypt password: %v", err)
    1767. 

  1767. 	} else {
    1768. 

  1768. 		defer client.Close()
    1769. 

  1769. 		_, err = client.Getwd()
    1770. 

  1770. 		if err != nil {
    1771. 

  1771. 			t.Errorf("unable to get working dir with md5 crypt password: %v", err)
    1772. 

  1772. 		}
    1773. 

  1773. 	}
    1774. 

  1774. 	user.Password = md5CryptPwd
    1775. 

  1775. 	_, err = getSftpClient(user, usePubKey)
    1776. 

  1776. 	if err == nil {
    1777. 

  1777. 		t.Errorf("login with wrong password must fail")
    1778. 

  1778. 	}
    1779. 

  1779. 	_, err = httpd.RemoveUser(user, http.StatusOK)
    1780. 

  1780. 	if err != nil {
    1781. 

  1781. 		t.Errorf("unable to remove user: %v", err)
    1782. 

  1782. 	}
    1783. 

  1783. 	os.RemoveAll(user.GetHomeDir())
    1784. 

  1784. }
    1785. 

  1785. 

  1786. func TestPermList(t *testing.T) {
    1787. 

  1787. 	usePubKey := true
    1788. 

  1788. 	u := getTestUser(usePubKey)
    1789. 

  1789. 	u.Permissions["/"] = []string{dataprovider.PermDownload, dataprovider.PermUpload, dataprovider.PermDelete, dataprovider.PermRename,
    1790. 

  1790. 		dataprovider.PermCreateDirs, dataprovider.PermCreateSymlinks, dataprovider.PermOverwrite, dataprovider.PermChmod,
    1791. 

  1791. 		dataprovider.PermChown, dataprovider.PermChtimes}
    1792. 

  1792. 	user, _, err := httpd.AddUser(u, http.StatusOK)
    1793. 

  1793. 	if err != nil {
    1794. 

  1794. 		t.Errorf("unable to add user: %v", err)
    1795. 

  1795. 	}
    1796. 

  1796. 	client, err := getSftpClient(user, usePubKey)
    1797. 

  1797. 	if err != nil {
    1798. 

  1798. 		t.Errorf("unable to create sftp client: %v", err)
    1799. 

  1799. 	} else {
    1800. 

  1800. 		defer client.Close()
    1801. 

  1801. 		_, err = client.ReadDir(".")
    1802. 

  1802. 		if err == nil {
    1803. 

  1803. 			t.Errorf("read remote dir without permission should not succeed")
    1804. 

  1804. 		}
    1805. 

  1805. 		_, err = client.Stat("test_file")
    1806. 

  1806. 		if err == nil {
    1807. 

  1807. 			t.Errorf("stat remote file without permission should not succeed")
    1808. 

  1808. 		}
    1809. 

  1809. 	}
    1810. 

  1810. 	_, err = httpd.RemoveUser(user, http.StatusOK)
    1811. 

  1811. 	if err != nil {
    1812. 

  1812. 		t.Errorf("unable to remove user: %v", err)
    1813. 

  1813. 	}
    1814. 

  1814. 	os.RemoveAll(user.GetHomeDir())
    1815. 

  1815. }
    1816. 

  1816. 

  1817. func TestPermDownload(t *testing.T) {
    1818. 

  1818. 	usePubKey := true
    1819. 

  1819. 	u := getTestUser(usePubKey)
    1820. 

  1820. 	u.Permissions["/"] = []string{dataprovider.PermListItems, dataprovider.PermUpload, dataprovider.PermDelete, dataprovider.PermRename,
    1821. 

  1821. 		dataprovider.PermCreateDirs, dataprovider.PermCreateSymlinks, dataprovider.PermOverwrite, dataprovider.PermChmod,
    1822. 

  1822. 		dataprovider.PermChown, dataprovider.PermChtimes}
    1823. 

  1823. 	user, _, err := httpd.AddUser(u, http.StatusOK)
    1824. 

  1824. 	if err != nil {
    1825. 

  1825. 		t.Errorf("unable to add user: %v", err)
    1826. 

  1826. 	}
    1827. 

  1827. 	client, err := getSftpClient(user, usePubKey)
    1828. 

  1828. 	if err != nil {
    1829. 

  1829. 		t.Errorf("unable to create sftp client: %v", err)
    1830. 

  1830. 	} else {
    1831. 

  1831. 		defer client.Close()
    1832. 

  1832. 		testFileName := "test_file.dat"
    1833. 

  1833. 		testFilePath := filepath.Join(homeBasePath, testFileName)
    1834. 

  1834. 		testFileSize := int64(65535)
    1835. 

  1835. 		err = createTestFile(testFilePath, testFileSize)
    1836. 

  1836. 		if err != nil {
    1837. 

  1837. 			t.Errorf("unable to create test file: %v", err)
    1838. 

  1838. 		}
    1839. 

  1839. 		err = sftpUploadFile(testFilePath, testFileName, testFileSize, client)
    1840. 

  1840. 		if err != nil {
    1841. 

  1841. 			t.Errorf("file upload error: %v", err)
    1842. 

  1842. 		}
    1843. 

  1843. 		localDownloadPath := filepath.Join(homeBasePath, "test_download.dat")
    1844. 

  1844. 		err = sftpDownloadFile(testFileName, localDownloadPath, testFileSize, client)
    1845. 

  1845. 		if err == nil {
    1846. 

  1846. 			t.Errorf("file download without permission should not succeed")
    1847. 

  1847. 		}
    1848. 

  1848. 		err = client.Remove(testFileName)
    1849. 

  1849. 		if err != nil {
    1850. 

  1850. 			t.Errorf("error removing uploaded file: %v", err)
    1851. 

  1851. 		}
    1852. 

  1852. 		os.Remove(testFilePath)
    1853. 

  1853. 		os.Remove(localDownloadPath)
    1854. 

  1854. 	}
    1855. 

  1855. 	_, err = httpd.RemoveUser(user, http.StatusOK)
    1856. 

  1856. 	if err != nil {
    1857. 

  1857. 		t.Errorf("unable to remove user: %v", err)
    1858. 

  1858. 	}
    1859. 

  1859. 	os.RemoveAll(user.GetHomeDir())
    1860. 

  1860. }
    1861. 

  1861. 

  1862. func TestPermUpload(t *testing.T) {
    1863. 

  1863. 	usePubKey := false
    1864. 

  1864. 	u := getTestUser(usePubKey)
    1865. 

  1865. 	u.Permissions["/"] = []string{dataprovider.PermListItems, dataprovider.PermDownload, dataprovider.PermDelete, dataprovider.PermRename,
    1866. 

  1866. 		dataprovider.PermCreateDirs, dataprovider.PermCreateSymlinks, dataprovider.PermOverwrite, dataprovider.PermChmod,
    1867. 

  1867. 		dataprovider.PermChown, dataprovider.PermChtimes}
    1868. 

  1868. 	user, _, err := httpd.AddUser(u, http.StatusOK)
    1869. 

  1869. 	if err != nil {
    1870. 

  1870. 		t.Errorf("unable to add user: %v", err)
    1871. 

  1871. 	}
    1872. 

  1872. 	client, err := getSftpClient(user, usePubKey)
    1873. 

  1873. 	if err != nil {
    1874. 

  1874. 		t.Errorf("unable to create sftp client: %v", err)
    1875. 

  1875. 	} else {
    1876. 

  1876. 		defer client.Close()
    1877. 

  1877. 		testFileName := "test_file.dat"
    1878. 

  1878. 		testFilePath := filepath.Join(homeBasePath, testFileName)
    1879. 

  1879. 		testFileSize := int64(65535)
    1880. 

  1880. 		err = createTestFile(testFilePath, testFileSize)
    1881. 

  1881. 		if err != nil {
    1882. 

  1882. 			t.Errorf("unable to create test file: %v", err)
    1883. 

  1883. 		}
    1884. 

  1884. 		err = sftpUploadFile(testFilePath, testFileName, testFileSize, client)
    1885. 

  1885. 		if err == nil {
    1886. 

  1886. 			t.Errorf("file upload without permission should not succeed")
    1887. 

  1887. 		}
    1888. 

  1888. 		os.Remove(testFilePath)
    1889. 

  1889. 	}
    1890. 

  1890. 	_, err = httpd.RemoveUser(user, http.StatusOK)
    1891. 

  1891. 	if err != nil {
    1892. 

  1892. 		t.Errorf("unable to remove user: %v", err)
    1893. 

  1893. 	}
    1894. 

  1894. 	os.RemoveAll(user.GetHomeDir())
    1895. 

  1895. }
    1896. 

  1896. 

  1897. func TestPermOverwrite(t *testing.T) {
    1898. 

  1898. 	usePubKey := false
    1899. 

  1899. 	u := getTestUser(usePubKey)
    1900. 

  1900. 	u.Permissions["/"] = []string{dataprovider.PermListItems, dataprovider.PermDownload, dataprovider.PermUpload, dataprovider.PermDelete,
    1901. 

  1901. 		dataprovider.PermRename, dataprovider.PermCreateDirs, dataprovider.PermCreateSymlinks, dataprovider.PermChmod,
    1902. 

  1902. 		dataprovider.PermChown, dataprovider.PermChtimes}
    1903. 

  1903. 	user, _, err := httpd.AddUser(u, http.StatusOK)
    1904. 

  1904. 	if err != nil {
    1905. 

  1905. 		t.Errorf("unable to add user: %v", err)
    1906. 

  1906. 	}
    1907. 

  1907. 	client, err := getSftpClient(user, usePubKey)
    1908. 

  1908. 	if err != nil {
    1909. 

  1909. 		t.Errorf("unable to create sftp client: %v", err)
    1910. 

  1910. 	} else {
    1911. 

  1911. 		defer client.Close()
    1912. 

  1912. 		testFileName := "test_file.dat"
    1913. 

  1913. 		testFilePath := filepath.Join(homeBasePath, testFileName)
    1914. 

  1914. 		testFileSize := int64(65535)
    1915. 

  1915. 		err = createTestFile(testFilePath, testFileSize)
    1916. 

  1916. 		if err != nil {
    1917. 

  1917. 			t.Errorf("unable to create test file: %v", err)
    1918. 

  1918. 		}
    1919. 

  1919. 		err = sftpUploadFile(testFilePath, testFileName, testFileSize, client)
    1920. 

  1920. 		if err != nil {
    1921. 

  1921. 			t.Errorf("error uploading file: %v", err)
    1922. 

  1922. 		}
    1923. 

  1923. 		err = sftpUploadFile(testFilePath, testFileName, testFileSize, client)
    1924. 

  1924. 		if err == nil {
    1925. 

  1925. 			t.Errorf("file overwrite without permission should not succeed")
    1926. 

  1926. 		}
    1927. 

  1927. 		os.Remove(testFilePath)
    1928. 

  1928. 	}
    1929. 

  1929. 	_, err = httpd.RemoveUser(user, http.StatusOK)
    1930. 

  1930. 	if err != nil {
    1931. 

  1931. 		t.Errorf("unable to remove user: %v", err)
    1932. 

  1932. 	}
    1933. 

  1933. 	os.RemoveAll(user.GetHomeDir())
    1934. 

  1934. }
    1935. 

  1935. 

  1936. func TestPermDelete(t *testing.T) {
    1937. 

  1937. 	usePubKey := false
    1938. 

  1938. 	u := getTestUser(usePubKey)
    1939. 

  1939. 	u.Permissions["/"] = []string{dataprovider.PermListItems, dataprovider.PermDownload, dataprovider.PermUpload, dataprovider.PermRename,
    1940. 

  1940. 		dataprovider.PermCreateDirs, dataprovider.PermCreateSymlinks, dataprovider.PermOverwrite, dataprovider.PermChmod,
    1941. 

  1941. 		dataprovider.PermChown, dataprovider.PermChtimes}
    1942. 

  1942. 	user, _, err := httpd.AddUser(u, http.StatusOK)
    1943. 

  1943. 	if err != nil {
    1944. 

  1944. 		t.Errorf("unable to add user: %v", err)
    1945. 

  1945. 	}
    1946. 

  1946. 	client, err := getSftpClient(user, usePubKey)
    1947. 

  1947. 	if err != nil {
    1948. 

  1948. 		t.Errorf("unable to create sftp client: %v", err)
    1949. 

  1949. 	} else {
    1950. 

  1950. 		defer client.Close()
    1951. 

  1951. 		testFileName := "test_file.dat"
    1952. 

  1952. 		testFilePath := filepath.Join(homeBasePath, testFileName)
    1953. 

  1953. 		testFileSize := int64(65535)
    1954. 

  1954. 		err = createTestFile(testFilePath, testFileSize)
    1955. 

  1955. 		if err != nil {
    1956. 

  1956. 			t.Errorf("unable to create test file: %v", err)
    1957. 

  1957. 		}
    1958. 

  1958. 		err = sftpUploadFile(testFilePath, testFileName, testFileSize, client)
    1959. 

  1959. 		if err != nil {
    1960. 

  1960. 			t.Errorf("file upload error: %v", err)
    1961. 

  1961. 		}
    1962. 

  1962. 		err = client.Remove(testFileName)
    1963. 

  1963. 		if err == nil {
    1964. 

  1964. 			t.Errorf("delete without permission should not succeed")
    1965. 

  1965. 		}
    1966. 

  1966. 		os.Remove(testFilePath)
    1967. 

  1967. 	}
    1968. 

  1968. 	_, err = httpd.RemoveUser(user, http.StatusOK)
    1969. 

  1969. 	if err != nil {
    1970. 

  1970. 		t.Errorf("unable to remove user: %v", err)
    1971. 

  1971. 	}
    1972. 

  1972. 	os.RemoveAll(user.GetHomeDir())
    1973. 

  1973. }
    1974. 

  1974. 

  1975. func TestPermRename(t *testing.T) {
    1976. 

  1976. 	usePubKey := false
    1977. 

  1977. 	u := getTestUser(usePubKey)
    1978. 

  1978. 	u.Permissions["/"] = []string{dataprovider.PermListItems, dataprovider.PermDownload, dataprovider.PermUpload, dataprovider.PermDelete,
    1979. 

  1979. 		dataprovider.PermCreateDirs, dataprovider.PermCreateSymlinks, dataprovider.PermOverwrite, dataprovider.PermChmod,
    1980. 

  1980. 		dataprovider.PermChown, dataprovider.PermChtimes}
    1981. 

  1981. 	user, _, err := httpd.AddUser(u, http.StatusOK)
    1982. 

  1982. 	if err != nil {
    1983. 

  1983. 		t.Errorf("unable to add user: %v", err)
    1984. 

  1984. 	}
    1985. 

  1985. 	client, err := getSftpClient(user, usePubKey)
    1986. 

  1986. 	if err != nil {
    1987. 

  1987. 		t.Errorf("unable to create sftp client: %v", err)
    1988. 

  1988. 	} else {
    1989. 

  1989. 		defer client.Close()
    1990. 

  1990. 		testFileName := "test_file.dat"
    1991. 

  1991. 		testFilePath := filepath.Join(homeBasePath, testFileName)
    1992. 

  1992. 		testFileSize := int64(65535)
    1993. 

  1993. 		err = createTestFile(testFilePath, testFileSize)
    1994. 

  1994. 		if err != nil {
    1995. 

  1995. 			t.Errorf("unable to create test file: %v", err)
    1996. 

  1996. 		}
    1997. 

  1997. 		err = sftpUploadFile(testFilePath, testFileName, testFileSize, client)
    1998. 

  1998. 		if err != nil {
    1999. 

  1999. 			t.Errorf("file upload error: %v", err)
    2000. 

  2000. 		}
    2001. 

  2001. 		err = client.Rename(testFileName, testFileName+".rename")
    2002. 

  2002. 		if err == nil {
    2003. 

  2003. 			t.Errorf("rename without permission should not succeed")
    2004. 

  2004. 		}
    2005. 

  2005. 		err = client.Remove(testFileName)
    2006. 

  2006. 		if err != nil {
    2007. 

  2007. 			t.Errorf("error removing uploaded file: %v", err)
    2008. 

  2008. 		}
    2009. 

  2009. 		os.Remove(testFilePath)
    2010. 

  2010. 	}
    2011. 

  2011. 	_, err = httpd.RemoveUser(user, http.StatusOK)
    2012. 

  2012. 	if err != nil {
    2013. 

  2013. 		t.Errorf("unable to remove user: %v", err)
    2014. 

  2014. 	}
    2015. 

  2015. 	os.RemoveAll(user.GetHomeDir())
    2016. 

  2016. }
    2017. 

  2017. 

  2018. func TestPermCreateDirs(t *testing.T) {
    2019. 

  2019. 	usePubKey := false
    2020. 

  2020. 	u := getTestUser(usePubKey)
    2021. 

  2021. 	u.Permissions["/"] = []string{dataprovider.PermListItems, dataprovider.PermDownload, dataprovider.PermUpload, dataprovider.PermDelete,
    2022. 

  2022. 		dataprovider.PermRename, dataprovider.PermCreateSymlinks, dataprovider.PermOverwrite, dataprovider.PermChmod,
    2023. 

  2023. 		dataprovider.PermChown, dataprovider.PermChtimes}
    2024. 

  2024. 	user, _, err := httpd.AddUser(u, http.StatusOK)
    2025. 

  2025. 	if err != nil {
    2026. 

  2026. 		t.Errorf("unable to add user: %v", err)
    2027. 

  2027. 	}
    2028. 

  2028. 	client, err := getSftpClient(user, usePubKey)
    2029. 

  2029. 	if err != nil {
    2030. 

  2030. 		t.Errorf("unable to create sftp client: %v", err)
    2031. 

  2031. 	} else {
    2032. 

  2032. 		defer client.Close()
    2033. 

  2033. 		err = client.Mkdir("testdir")
    2034. 

  2034. 		if err == nil {
    2035. 

  2035. 			t.Errorf("mkdir without permission should not succeed")
    2036. 

  2036. 		}
    2037. 

  2037. 	}
    2038. 

  2038. 	_, err = httpd.RemoveUser(user, http.StatusOK)
    2039. 

  2039. 	if err != nil {
    2040. 

  2040. 		t.Errorf("unable to remove user: %v", err)
    2041. 

  2041. 	}
    2042. 

  2042. 	os.RemoveAll(user.GetHomeDir())
    2043. 

  2043. }
    2044. 

  2044. 

  2045. func TestPermSymlink(t *testing.T) {
    2046. 

  2046. 	usePubKey := false
    2047. 

  2047. 	u := getTestUser(usePubKey)
    2048. 

  2048. 	u.Permissions["/"] = []string{dataprovider.PermListItems, dataprovider.PermDownload, dataprovider.PermUpload, dataprovider.PermDelete,
    2049. 

  2049. 		dataprovider.PermRename, dataprovider.PermCreateDirs, dataprovider.PermOverwrite, dataprovider.PermChmod, dataprovider.PermChown,
    2050. 

  2050. 		dataprovider.PermChtimes}
    2051. 

  2051. 	user, _, err := httpd.AddUser(u, http.StatusOK)
    2052. 

  2052. 	if err != nil {
    2053. 

  2053. 		t.Errorf("unable to add user: %v", err)
    2054. 

  2054. 	}
    2055. 

  2055. 	client, err := getSftpClient(user, usePubKey)
    2056. 

  2056. 	if err != nil {
    2057. 

  2057. 		t.Errorf("unable to create sftp client: %v", err)
    2058. 

  2058. 	} else {
    2059. 

  2059. 		defer client.Close()
    2060. 

  2060. 		testFileName := "test_file.dat"
    2061. 

  2061. 		testFilePath := filepath.Join(homeBasePath, testFileName)
    2062. 

  2062. 		testFileSize := int64(65535)
    2063. 

  2063. 		err = createTestFile(testFilePath, testFileSize)
    2064. 

  2064. 		if err != nil {
    2065. 

  2065. 			t.Errorf("unable to create test file: %v", err)
    2066. 

  2066. 		}
    2067. 

  2067. 		err = sftpUploadFile(testFilePath, testFileName, testFileSize, client)
    2068. 

  2068. 		if err != nil {
    2069. 

  2069. 			t.Errorf("file upload error: %v", err)
    2070. 

  2070. 		}
    2071. 

  2071. 		err = client.Symlink(testFilePath, testFilePath+".symlink")
    2072. 

  2072. 		if err == nil {
    2073. 

  2073. 			t.Errorf("symlink without permission should not succeed")
    2074. 

  2074. 		}
    2075. 

  2075. 		err = client.Remove(testFileName)
    2076. 

  2076. 		if err != nil {
    2077. 

  2077. 			t.Errorf("error removing uploaded file: %v", err)
    2078. 

  2078. 		}
    2079. 

  2079. 		os.Remove(testFilePath)
    2080. 

  2080. 	}
    2081. 

  2081. 	_, err = httpd.RemoveUser(user, http.StatusOK)
    2082. 

  2082. 	if err != nil {
    2083. 

  2083. 		t.Errorf("unable to remove user: %v", err)
    2084. 

  2084. 	}
    2085. 

  2085. 	os.RemoveAll(user.GetHomeDir())
    2086. 

  2086. }
    2087. 

  2087. 

  2088. func TestPermChmod(t *testing.T) {
    2089. 

  2089. 	usePubKey := false
    2090. 

  2090. 	u := getTestUser(usePubKey)
    2091. 

  2091. 	u.Permissions["/"] = []string{dataprovider.PermListItems, dataprovider.PermDownload, dataprovider.PermUpload, dataprovider.PermDelete,
    2092. 

  2092. 		dataprovider.PermRename, dataprovider.PermCreateDirs, dataprovider.PermCreateSymlinks, dataprovider.PermOverwrite,
    2093. 

  2093. 		dataprovider.PermChown, dataprovider.PermChtimes}
    2094. 

  2094. 	user, _, err := httpd.AddUser(u, http.StatusOK)
    2095. 

  2095. 	if err != nil {
    2096. 

  2096. 		t.Errorf("unable to add user: %v", err)
    2097. 

  2097. 	}
    2098. 

  2098. 	client, err := getSftpClient(user, usePubKey)
    2099. 

  2099. 	if err != nil {
    2100. 

  2100. 		t.Errorf("unable to create sftp client: %v", err)
    2101. 

  2101. 	} else {
    2102. 

  2102. 		defer client.Close()
    2103. 

  2103. 		testFileName := "test_file.dat"
    2104. 

  2104. 		testFilePath := filepath.Join(homeBasePath, testFileName)
    2105. 

  2105. 		testFileSize := int64(65535)
    2106. 

  2106. 		err = createTestFile(testFilePath, testFileSize)
    2107. 

  2107. 		if err != nil {
    2108. 

  2108. 			t.Errorf("unable to create test file: %v", err)
    2109. 

  2109. 		}
    2110. 

  2110. 		err = sftpUploadFile(testFilePath, testFileName, testFileSize, client)
    2111. 

  2111. 		if err != nil {
    2112. 

  2112. 			t.Errorf("file upload error: %v", err)
    2113. 

  2113. 		}
    2114. 

  2114. 		err = client.Chmod(testFileName, 0666)
    2115. 

  2115. 		if err == nil {
    2116. 

  2116. 			t.Errorf("chmod without permission should not succeed")
    2117. 

  2117. 		}
    2118. 

  2118. 		err = client.Remove(testFileName)
    2119. 

  2119. 		if err != nil {
    2120. 

  2120. 			t.Errorf("error removing uploaded file: %v", err)
    2121. 

  2121. 		}
    2122. 

  2122. 		os.Remove(testFilePath)
    2123. 

  2123. 	}
    2124. 

  2124. 	_, err = httpd.RemoveUser(user, http.StatusOK)
    2125. 

  2125. 	if err != nil {
    2126. 

  2126. 		t.Errorf("unable to remove user: %v", err)
    2127. 

  2127. 	}
    2128. 

  2128. 	os.RemoveAll(user.GetHomeDir())
    2129. 

  2129. }
    2130. 

  2130. 

  2131. func TestPermChown(t *testing.T) {
    2132. 

  2132. 	usePubKey := false
    2133. 

  2133. 	u := getTestUser(usePubKey)
    2134. 

  2134. 	u.Permissions["/"] = []string{dataprovider.PermListItems, dataprovider.PermDownload, dataprovider.PermUpload, dataprovider.PermDelete,
    2135. 

  2135. 		dataprovider.PermRename, dataprovider.PermCreateDirs, dataprovider.PermCreateSymlinks, dataprovider.PermOverwrite,
    2136. 

  2136. 		dataprovider.PermChmod, dataprovider.PermChtimes}
    2137. 

  2137. 	user, _, err := httpd.AddUser(u, http.StatusOK)
    2138. 

  2138. 	if err != nil {
    2139. 

  2139. 		t.Errorf("unable to add user: %v", err)
    2140. 

  2140. 	}
    2141. 

  2141. 	client, err := getSftpClient(user, usePubKey)
    2142. 

  2142. 	if err != nil {
    2143. 

  2143. 		t.Errorf("unable to create sftp client: %v", err)
    2144. 

  2144. 	} else {
    2145. 

  2145. 		defer client.Close()
    2146. 

  2146. 		testFileName := "test_file.dat"
    2147. 

  2147. 		testFilePath := filepath.Join(homeBasePath, testFileName)
    2148. 

  2148. 		testFileSize := int64(65535)
    2149. 

  2149. 		err = createTestFile(testFilePath, testFileSize)
    2150. 

  2150. 		if err != nil {
    2151. 

  2151. 			t.Errorf("unable to create test file: %v", err)
    2152. 

  2152. 		}
    2153. 

  2153. 		err = sftpUploadFile(testFilePath, testFileName, testFileSize, client)
    2154. 

  2154. 		if err != nil {
    2155. 

  2155. 			t.Errorf("file upload error: %v", err)
    2156. 

  2156. 		}
    2157. 

  2157. 		err = client.Chown(testFileName, os.Getuid(), os.Getgid())
    2158. 

  2158. 		if err == nil {
    2159. 

  2159. 			t.Errorf("chown without permission should not succeed")
    2160. 

  2160. 		}
    2161. 

  2161. 		err = client.Remove(testFileName)
    2162. 

  2162. 		if err != nil {
    2163. 

  2163. 			t.Errorf("error removing uploaded file: %v", err)
    2164. 

  2164. 		}
    2165. 

  2165. 		os.Remove(testFilePath)
    2166. 

  2166. 	}
    2167. 

  2167. 	_, err = httpd.RemoveUser(user, http.StatusOK)
    2168. 

  2168. 	if err != nil {
    2169. 

  2169. 		t.Errorf("unable to remove user: %v", err)
    2170. 

  2170. 	}
    2171. 

  2171. 	os.RemoveAll(user.GetHomeDir())
    2172. 

  2172. }
    2173. 

  2173. 

  2174. func TestPermChtimes(t *testing.T) {
    2175. 

  2175. 	usePubKey := false
    2176. 

  2176. 	u := getTestUser(usePubKey)
    2177. 

  2177. 	u.Permissions["/"] = []string{dataprovider.PermListItems, dataprovider.PermDownload, dataprovider.PermUpload, dataprovider.PermDelete,
    2178. 

  2178. 		dataprovider.PermRename, dataprovider.PermCreateDirs, dataprovider.PermCreateSymlinks, dataprovider.PermOverwrite,
    2179. 

  2179. 		dataprovider.PermChmod, dataprovider.PermChown}
    2180. 

  2180. 	user, _, err := httpd.AddUser(u, http.StatusOK)
    2181. 

  2181. 	if err != nil {
    2182. 

  2182. 		t.Errorf("unable to add user: %v", err)
    2183. 

  2183. 	}
    2184. 

  2184. 	client, err := getSftpClient(user, usePubKey)
    2185. 

  2185. 	if err != nil {
    2186. 

  2186. 		t.Errorf("unable to create sftp client: %v", err)
    2187. 

  2187. 	} else {
    2188. 

  2188. 		defer client.Close()
    2189. 

  2189. 		testFileName := "test_file.dat"
    2190. 

  2190. 		testFilePath := filepath.Join(homeBasePath, testFileName)
    2191. 

  2191. 		testFileSize := int64(65535)
    2192. 

  2192. 		err = createTestFile(testFilePath, testFileSize)
    2193. 

  2193. 		if err != nil {
    2194. 

  2194. 			t.Errorf("unable to create test file: %v", err)
    2195. 

  2195. 		}
    2196. 

  2196. 		err = sftpUploadFile(testFilePath, testFileName, testFileSize, client)
    2197. 

  2197. 		if err != nil {
    2198. 

  2198. 			t.Errorf("file upload error: %v", err)
    2199. 

  2199. 		}
    2200. 

  2200. 		err = client.Chtimes(testFileName, time.Now(), time.Now())
    2201. 

  2201. 		if err == nil {
    2202. 

  2202. 			t.Errorf("chtimes without permission should not succeed")
    2203. 

  2203. 		}
    2204. 

  2204. 		err = client.Remove(testFileName)
    2205. 

  2205. 		if err != nil {
    2206. 

  2206. 			t.Errorf("error removing uploaded file: %v", err)
    2207. 

  2207. 		}
    2208. 

  2208. 		os.Remove(testFilePath)
    2209. 

  2209. 	}
    2210. 

  2210. 	_, err = httpd.RemoveUser(user, http.StatusOK)
    2211. 

  2211. 	if err != nil {
    2212. 

  2212. 		t.Errorf("unable to remove user: %v", err)
    2213. 

  2213. 	}
    2214. 

  2214. 	os.RemoveAll(user.GetHomeDir())
    2215. 

  2215. }
    2216. 

  2216. 

  2217. func TestSubDirsUploads(t *testing.T) {
    2218. 

  2218. 	usePubKey := true
    2219. 

  2219. 	u := getTestUser(usePubKey)
    2220. 

  2220. 	u.Permissions["/"] = []string{dataprovider.PermAny}
    2221. 

  2221. 	u.Permissions["/subdir"] = []string{dataprovider.PermChtimes, dataprovider.PermDownload}
    2222. 

  2222. 	user, _, err := httpd.AddUser(u, http.StatusOK)
    2223. 

  2223. 	if err != nil {
    2224. 

  2224. 		t.Errorf("unable to add user: %v", err)
    2225. 

  2225. 	}
    2226. 

  2226. 	client, err := getSftpClient(user, usePubKey)
    2227. 

  2227. 	if err != nil {
    2228. 

  2228. 		t.Errorf("unable to create sftp client: %v", err)
    2229. 

  2229. 	} else {
    2230. 

  2230. 		defer client.Close()
    2231. 

  2231. 		err = client.Mkdir("subdir")
    2232. 

  2232. 		if err != nil {
    2233. 

  2233. 			t.Errorf("unexpected mkdir error: %v", err)
    2234. 

  2234. 		}
    2235. 

  2235. 		testFileName := "test_file.dat"
    2236. 

  2236. 		testFileNameSub := "/subdir/test_file_dat"
    2237. 

  2237. 		testFilePath := filepath.Join(homeBasePath, testFileName)
    2238. 

  2238. 		testFileSize := int64(65535)
    2239. 

  2239. 		err = createTestFile(testFilePath, testFileSize)
    2240. 

  2240. 		if err != nil {
    2241. 

  2241. 			t.Errorf("unable to create test file: %v", err)
    2242. 

  2242. 		}
    2243. 

  2243. 		err = sftpUploadFile(testFilePath, testFileName, testFileSize, client)
    2244. 

  2244. 		if err != nil {
    2245. 

  2245. 			t.Errorf("file upload error: %v", err)
    2246. 

  2246. 		}
    2247. 

  2247. 		err = sftpUploadFile(testFilePath, testFileNameSub, testFileSize, client)
    2248. 

  2248. 		if !strings.Contains(err.Error(), "Permission Denied") {
    2249. 

  2249. 			t.Errorf("unexpected upload error: %v", err)
    2250. 

  2250. 		}
    2251. 

  2251. 		err = client.Symlink(testFileName, testFileNameSub+".link")
    2252. 

  2252. 		if !strings.Contains(err.Error(), "Permission Denied") {
    2253. 

  2253. 			t.Errorf("unexpected upload error: %v", err)
    2254. 

  2254. 		}
    2255. 

  2255. 		err = client.Symlink(testFileName, testFileName+".link")
    2256. 

  2256. 		if err != nil {
    2257. 

  2257. 			t.Errorf("symlink error: %v", err)
    2258. 

  2258. 		}
    2259. 

  2259. 		err = client.Rename(testFileName, testFileNameSub+".rename")
    2260. 

  2260. 		if !strings.Contains(err.Error(), "Permission Denied") {
    2261. 

  2261. 			t.Errorf("unexpected rename error: %v", err)
    2262. 

  2262. 		}
    2263. 

  2263. 		err = client.Rename(testFileName, testFileName+".rename")
    2264. 

  2264. 		if err != nil {
    2265. 

  2265. 			t.Errorf("rename error: %v", err)
    2266. 

  2266. 		}
    2267. 

  2267. 		err = client.Remove(testFileNameSub)
    2268. 

  2268. 		if !strings.Contains(err.Error(), "Permission Denied") {
    2269. 

  2269. 			t.Errorf("unexpected upload error: %v", err)
    2270. 

  2270. 		}
    2271. 

  2271. 		err = client.Remove(testFileName + ".rename")
    2272. 

  2272. 		if err != nil {
    2273. 

  2273. 			t.Errorf("remove error: %v", err)
    2274. 

  2274. 		}
    2275. 

  2275. 		os.Remove(testFilePath)
    2276. 

  2276. 	}
    2277. 

  2277. 	httpd.RemoveUser(user, http.StatusOK)
    2278. 

  2278. 	os.RemoveAll(user.GetHomeDir())
    2279. 

  2279. }
    2280. 

  2280. 

  2281. func TestSubDirsOverwrite(t *testing.T) {
    2282. 

  2282. 	usePubKey := true
    2283. 

  2283. 	u := getTestUser(usePubKey)
    2284. 

  2284. 	u.Permissions["/"] = []string{dataprovider.PermAny}
    2285. 

  2285. 	u.Permissions["/subdir"] = []string{dataprovider.PermOverwrite, dataprovider.PermListItems}
    2286. 

  2286. 	user, _, err := httpd.AddUser(u, http.StatusOK)
    2287. 

  2287. 	if err != nil {
    2288. 

  2288. 		t.Errorf("unable to add user: %v", err)
    2289. 

  2289. 	}
    2290. 

  2290. 	client, err := getSftpClient(user, usePubKey)
    2291. 

  2291. 	if err != nil {
    2292. 

  2292. 		t.Errorf("unable to create sftp client: %v", err)
    2293. 

  2293. 	} else {
    2294. 

  2294. 		defer client.Close()
    2295. 

  2295. 		testFileName := "/subdir/test_file.dat"
    2296. 

  2296. 		testFilePath := filepath.Join(homeBasePath, "test_file.dat")
    2297. 

  2297. 		testFileSFTPPath := filepath.Join(u.GetHomeDir(), "subdir", "test_file.dat")
    2298. 

  2298. 		testFileSize := int64(65535)
    2299. 

  2299. 		err = createTestFile(testFilePath, testFileSize)
    2300. 

  2300. 		if err != nil {
    2301. 

  2301. 			t.Errorf("unable to create test file: %v", err)
    2302. 

  2302. 		}
    2303. 

  2303. 		err = createTestFile(testFileSFTPPath, 16384)
    2304. 

  2304. 		if err != nil {
    2305. 

  2305. 			t.Errorf("unable to create test file: %v", err)
    2306. 

  2306. 		}
    2307. 

  2307. 		err = sftpUploadFile(testFilePath, testFileName+".new", testFileSize, client)
    2308. 

  2308. 		if !strings.Contains(err.Error(), "Permission Denied") {
    2309. 

  2309. 			t.Errorf("unexpected upload error: %v", err)
    2310. 

  2310. 		}
    2311. 

  2311. 		err = sftpUploadFile(testFilePath, testFileName, testFileSize, client)
    2312. 

  2312. 		if err != nil {
    2313. 

  2313. 			t.Errorf("unexpected overwrite error: %v", err)
    2314. 

  2314. 		}
    2315. 

  2315. 		os.Remove(testFilePath)
    2316. 

  2316. 	}
    2317. 

  2317. 	httpd.RemoveUser(user, http.StatusOK)
    2318. 

  2318. 	os.RemoveAll(user.GetHomeDir())
    2319. 

  2319. }
    2320. 

  2320. 

  2321. func TestSubDirsDownloads(t *testing.T) {
    2322. 

  2322. 	usePubKey := true
    2323. 

  2323. 	u := getTestUser(usePubKey)
    2324. 

  2324. 	u.Permissions["/"] = []string{dataprovider.PermAny}
    2325. 

  2325. 	u.Permissions["/subdir"] = []string{dataprovider.PermChmod, dataprovider.PermUpload, dataprovider.PermListItems}
    2326. 

  2326. 	user, _, err := httpd.AddUser(u, http.StatusOK)
    2327. 

  2327. 	if err != nil {
    2328. 

  2328. 		t.Errorf("unable to add user: %v", err)
    2329. 

  2329. 	}
    2330. 

  2330. 	client, err := getSftpClient(user, usePubKey)
    2331. 

  2331. 	if err != nil {
    2332. 

  2332. 		t.Errorf("unable to create sftp client: %v", err)
    2333. 

  2333. 	} else {
    2334. 

  2334. 		defer client.Close()
    2335. 

  2335. 		err = client.Mkdir("subdir")
    2336. 

  2336. 		if err != nil {
    2337. 

  2337. 			t.Errorf("unexpected mkdir error: %v", err)
    2338. 

  2338. 		}
    2339. 

  2339. 		testFileName := "/subdir/test_file.dat"
    2340. 

  2340. 		testFilePath := filepath.Join(homeBasePath, "test_file.dat")
    2341. 

  2341. 		testFileSize := int64(65535)
    2342. 

  2342. 		err = createTestFile(testFilePath, testFileSize)
    2343. 

  2343. 		if err != nil {
    2344. 

  2344. 			t.Errorf("unable to create test file: %v", err)
    2345. 

  2345. 		}
    2346. 

  2346. 		err = sftpUploadFile(testFilePath, testFileName, testFileSize, client)
    2347. 

  2347. 		if err != nil {
    2348. 

  2348. 			t.Errorf("file upload error: %v", err)
    2349. 

  2349. 		}
    2350. 

  2350. 		localDownloadPath := filepath.Join(homeBasePath, "test_download.dat")
    2351. 

  2351. 		err = sftpDownloadFile(testFileName, localDownloadPath, testFileSize, client)
    2352. 

  2352. 		if !strings.Contains(err.Error(), "Permission Denied") {
    2353. 

  2353. 			t.Errorf("unexpected upload error: %v", err)
    2354. 

  2354. 		}
    2355. 

  2355. 		err = sftpUploadFile(testFilePath, testFileName, testFileSize, client)
    2356. 

  2356. 		if !strings.Contains(err.Error(), "Permission Denied") {
    2357. 

  2357. 			t.Errorf("unexpected overwrite error: %v", err)
    2358. 

  2358. 		}
    2359. 

  2359. 		err = client.Chtimes(testFileName, time.Now(), time.Now())
    2360. 

  2360. 		if !strings.Contains(err.Error(), "Permission Denied") {
    2361. 

  2361. 			t.Errorf("unexpected chtimes error: %v", err)
    2362. 

  2362. 		}
    2363. 

  2363. 		err = client.Rename(testFileName, testFileName+".rename")
    2364. 

  2364. 		if !strings.Contains(err.Error(), "Permission Denied") {
    2365. 

  2365. 			t.Errorf("unexpected rename error: %v", err)
    2366. 

  2366. 		}
    2367. 

  2367. 		err = client.Symlink(testFileName, testFileName+".link")
    2368. 

  2368. 		if !strings.Contains(err.Error(), "Permission Denied") {
    2369. 

  2369. 			t.Errorf("unexpected symlink error: %v", err)
    2370. 

  2370. 		}
    2371. 

  2371. 		err = client.Remove(testFileName)
    2372. 

  2372. 		if !strings.Contains(err.Error(), "Permission Denied") {
    2373. 

  2373. 			t.Errorf("unexpected remove error: %v", err)
    2374. 

  2374. 		}
    2375. 

  2375. 		os.Remove(localDownloadPath)
    2376. 

  2376. 		os.Remove(testFilePath)
    2377. 

  2377. 	}
    2378. 

  2378. 	httpd.RemoveUser(user, http.StatusOK)
    2379. 

  2379. 	os.RemoveAll(user.GetHomeDir())
    2380. 

  2380. }
    2381. 

  2381. 

  2382. func TestPermsSubDirsSetstat(t *testing.T) {
    2383. 

  2383. 	// for setstat we check the parent dir permission if the requested path is a dir
    2384. 

  2384. 	// otherwise the path permission
    2385. 

  2385. 	usePubKey := true
    2386. 

  2386. 	u := getTestUser(usePubKey)
    2387. 

  2387. 	u.Permissions["/"] = []string{dataprovider.PermListItems, dataprovider.PermCreateDirs}
    2388. 

  2388. 	u.Permissions["/subdir"] = []string{dataprovider.PermAny}
    2389. 

  2389. 	user, _, err := httpd.AddUser(u, http.StatusOK)
    2390. 

  2390. 	if err != nil {
    2391. 

  2391. 		t.Errorf("unable to add user: %v", err)
    2392. 

  2392. 	}
    2393. 

  2393. 	client, err := getSftpClient(user, usePubKey)
    2394. 

  2394. 	if err != nil {
    2395. 

  2395. 		t.Errorf("unable to create sftp client: %v", err)
    2396. 

  2396. 	} else {
    2397. 

  2397. 		defer client.Close()
    2398. 

  2398. 		err = client.Mkdir("subdir")
    2399. 

  2399. 		if err != nil {
    2400. 

  2400. 			t.Errorf("unexpected mkdir error: %v", err)
    2401. 

  2401. 		}
    2402. 

  2402. 		testFileName := "/subdir/test_file.dat"
    2403. 

  2403. 		testFilePath := filepath.Join(homeBasePath, "test_file.dat")
    2404. 

  2404. 		testFileSize := int64(65535)
    2405. 

  2405. 		err = createTestFile(testFilePath, testFileSize)
    2406. 

  2406. 		if err != nil {
    2407. 

  2407. 			t.Errorf("unable to create test file: %v", err)
    2408. 

  2408. 		}
    2409. 

  2409. 		err = sftpUploadFile(testFilePath, testFileName, testFileSize, client)
    2410. 

  2410. 		if err != nil {
    2411. 

  2411. 			t.Errorf("file upload error: %v", err)
    2412. 

  2412. 		}
    2413. 

  2413. 		err = client.Chtimes("/subdir/", time.Now(), time.Now())
    2414. 

  2414. 		if !strings.Contains(err.Error(), "Permission Denied") {
    2415. 

  2415. 			t.Errorf("unexpected chtimes error: %v", err)
    2416. 

  2416. 		}
    2417. 

  2417. 		err = client.Chtimes("subdir/", time.Now(), time.Now())
    2418. 

  2418. 		if !strings.Contains(err.Error(), "Permission Denied") {
    2419. 

  2419. 			t.Errorf("unexpected chtimes error: %v", err)
    2420. 

  2420. 		}
    2421. 

  2421. 		err = client.Chtimes(testFileName, time.Now(), time.Now())
    2422. 

  2422. 		if err != nil {
    2423. 

  2423. 			t.Errorf("unexpected chtimes error: %v", err)
    2424. 

  2424. 		}
    2425. 

  2425. 		os.Remove(testFilePath)
    2426. 

  2426. 	}
    2427. 

  2427. 	httpd.RemoveUser(user, http.StatusOK)
    2428. 

  2428. 	os.RemoveAll(user.GetHomeDir())
    2429. 

  2429. }
    2430. 

  2430. 

  2431. func TestPermsSubDirsCommands(t *testing.T) {
    2432. 

  2432. 	usePubKey := true
    2433. 

  2433. 	u := getTestUser(usePubKey)
    2434. 

  2434. 	u.Permissions["/"] = []string{dataprovider.PermAny}
    2435. 

  2435. 	u.Permissions["/subdir"] = []string{dataprovider.PermDownload, dataprovider.PermUpload}
    2436. 

  2436. 	user, _, err := httpd.AddUser(u, http.StatusOK)
    2437. 

  2437. 	if err != nil {
    2438. 

  2438. 		t.Errorf("unable to add user: %v", err)
    2439. 

  2439. 	}
    2440. 

  2440. 	client, err := getSftpClient(user, usePubKey)
    2441. 

  2441. 	if err != nil {
    2442. 

  2442. 		t.Errorf("unable to create sftp client: %v", err)
    2443. 

  2443. 	} else {
    2444. 

  2444. 		defer client.Close()
    2445. 

  2445. 		client.Mkdir("subdir")
    2446. 

  2446. 		acmodTime := time.Now()
    2447. 

  2447. 		err = client.Chtimes("/subdir", acmodTime, acmodTime)
    2448. 

  2448. 		if err != nil {
    2449. 

  2449. 			t.Errorf("unexpected chtimes error: %v", err)
    2450. 

  2450. 		}
    2451. 

  2451. 		_, err = client.Stat("/subdir")
    2452. 

  2452. 		if err != nil {
    2453. 

  2453. 			t.Errorf("unexpected stat error: %v", err)
    2454. 

  2454. 		}
    2455. 

  2455. 		_, err = client.ReadDir("/")
    2456. 

  2456. 		if err != nil {
    2457. 

  2457. 			t.Errorf("unexpected readdir error: %v", err)
    2458. 

  2458. 		}
    2459. 

  2459. 		_, err = client.ReadDir("/subdir")
    2460. 

  2460. 		if !strings.Contains(err.Error(), "Permission Denied") {
    2461. 

  2461. 			t.Errorf("unexpected error: %v", err)
    2462. 

  2462. 		}
    2463. 

  2463. 		err = client.RemoveDirectory("/subdir/dir")
    2464. 

  2464. 		if !strings.Contains(err.Error(), "Permission Denied") {
    2465. 

  2465. 			t.Errorf("unexpected error: %v", err)
    2466. 

  2466. 		}
    2467. 

  2467. 		err = client.Mkdir("/subdir/dir")
    2468. 

  2468. 		if !strings.Contains(err.Error(), "Permission Denied") {
    2469. 

  2469. 			t.Errorf("unexpected error: %v", err)
    2470. 

  2470. 		}
    2471. 

  2471. 		client.Mkdir("/otherdir")
    2472. 

  2472. 		err = client.Rename("/otherdir", "/subdir/otherdir")
    2473. 

  2473. 		if !strings.Contains(err.Error(), "Permission Denied") {
    2474. 

  2474. 			t.Errorf("unexpected error: %v", err)
    2475. 

  2475. 		}
    2476. 

  2476. 		err = client.Symlink("/otherdir", "/subdir/otherdir")
    2477. 

  2477. 		if !strings.Contains(err.Error(), "Permission Denied") {
    2478. 

  2478. 			t.Errorf("unexpected error: %v", err)
    2479. 

  2479. 		}
    2480. 

  2480. 		err = client.Symlink("/otherdir", "/otherdir_link")
    2481. 

  2481. 		if err != nil {
    2482. 

  2482. 			t.Errorf("unexpected rename dir error: %v", err)
    2483. 

  2483. 		}
    2484. 

  2484. 		err = client.Rename("/otherdir", "/otherdir1")
    2485. 

  2485. 		if err != nil {
    2486. 

  2486. 			t.Errorf("unexpected rename dir error: %v", err)
    2487. 

  2487. 		}
    2488. 

  2488. 		err = client.RemoveDirectory("/subdir")
    2489. 

  2489. 		if err != nil {
    2490. 

  2490. 			t.Errorf("unexpected remove dir error: %v", err)
    2491. 

  2491. 		}
    2492. 

  2492. 	}
    2493. 

  2493. 	httpd.RemoveUser(user, http.StatusOK)
    2494. 

  2494. 	os.RemoveAll(user.GetHomeDir())
    2495. 

  2495. }
    2496. 

  2496. 

  2497. func TestRootDirCommands(t *testing.T) {
    2498. 

  2498. 	usePubKey := true
    2499. 

  2499. 	u := getTestUser(usePubKey)
    2500. 

  2500. 	u.Permissions["/"] = []string{dataprovider.PermAny}
    2501. 

  2501. 	u.Permissions["/subdir"] = []string{dataprovider.PermDownload, dataprovider.PermUpload}
    2502. 

  2502. 	user, _, err := httpd.AddUser(u, http.StatusOK)
    2503. 

  2503. 	if err != nil {
    2504. 

  2504. 		t.Errorf("unable to add user: %v", err)
    2505. 

  2505. 	}
    2506. 

  2506. 	client, err := getSftpClient(user, usePubKey)
    2507. 

  2507. 	if err != nil {
    2508. 

  2508. 		t.Errorf("unable to create sftp client: %v", err)
    2509. 

  2509. 	} else {
    2510. 

  2510. 		defer client.Close()
    2511. 

  2511. 		err = client.Rename("/", "rootdir")
    2512. 

  2512. 		if !strings.Contains(err.Error(), "Permission Denied") {
    2513. 

  2513. 			t.Errorf("unexpected error renaming root dir: %v", err)
    2514. 

  2514. 		}
    2515. 

  2515. 		err = client.Symlink("/", "rootdir")
    2516. 

  2516. 		if !strings.Contains(err.Error(), "Permission Denied") {
    2517. 

  2517. 			t.Errorf("unexpected error symlinking root dir: %v", err)
    2518. 

  2518. 		}
    2519. 

  2519. 		err = client.RemoveDirectory("/")
    2520. 

  2520. 		if !strings.Contains(err.Error(), "Permission Denied") {
    2521. 

  2521. 			t.Errorf("unexpected error removing root dir: %v", err)
    2522. 

  2522. 		}
    2523. 

  2523. 	}
    2524. 

  2524. 	httpd.RemoveUser(user, http.StatusOK)
    2525. 

  2525. 	os.RemoveAll(user.GetHomeDir())
    2526. 

  2526. }
    2527. 

  2527. 

  2528. func TestRelativePaths(t *testing.T) {
    2529. 

  2529. 	user := getTestUser(true)
    2530. 

  2530. 	path := filepath.Join(user.HomeDir, "/")
    2531. 

  2531. 	rel := user.GetRelativePath(path)
    2532. 

  2532. 	if rel != "/" {
    2533. 

  2533. 		t.Errorf("Unexpected relative path: %v", rel)
    2534. 

  2534. 	}
    2535. 

  2535. 	path = filepath.Join(user.HomeDir, "//")
    2536. 

  2536. 	rel = user.GetRelativePath(path)
    2537. 

  2537. 	if rel != "/" {
    2538. 

  2538. 		t.Errorf("Unexpected relative path: %v", rel)
    2539. 

  2539. 	}
    2540. 

  2540. 	path = filepath.Join(user.HomeDir, "../..")
    2541. 

  2541. 	rel = user.GetRelativePath(path)
    2542. 

  2542. 	if rel != "/" {
    2543. 

  2543. 		t.Errorf("Unexpected relative path: %v", rel)
    2544. 

  2544. 	}
    2545. 

  2545. 	path = filepath.Join(user.HomeDir, "../../../../../")
    2546. 

  2546. 	rel = user.GetRelativePath(path)
    2547. 

  2547. 	if rel != "/" {
    2548. 

  2548. 		t.Errorf("Unexpected relative path: %v", rel)
    2549. 

  2549. 	}
    2550. 

  2550. 	path = filepath.Join(user.HomeDir, "/..")
    2551. 

  2551. 	rel = user.GetRelativePath(path)
    2552. 

  2552. 	if rel != "/" {
    2553. 

  2553. 		t.Errorf("Unexpected relative path: %v", rel)
    2554. 

  2554. 	}
    2555. 

  2555. 	path = filepath.Join(user.HomeDir, "/../../../..")
    2556. 

  2556. 	rel = user.GetRelativePath(path)
    2557. 

  2557. 	if rel != "/" {
    2558. 

  2558. 		t.Errorf("Unexpected relative path: %v", rel)
    2559. 

  2559. 	}
    2560. 

  2560. 	path = filepath.Join(user.HomeDir, "")
    2561. 

  2561. 	rel = user.GetRelativePath(path)
    2562. 

  2562. 	if rel != "/" {
    2563. 

  2563. 		t.Errorf("Unexpected relative path: %v", rel)
    2564. 

  2564. 	}
    2565. 

  2565. 	path = filepath.Join(user.HomeDir, ".")
    2566. 

  2566. 	rel = user.GetRelativePath(path)
    2567. 

  2567. 	if rel != "/" {
    2568. 

  2568. 		t.Errorf("Unexpected relative path: %v", rel)
    2569. 

  2569. 	}
    2570. 

  2570. 	path = filepath.Join(user.HomeDir, "somedir")
    2571. 

  2571. 	rel = user.GetRelativePath(path)
    2572. 

  2572. 	if rel != "/somedir" {
    2573. 

  2573. 		t.Errorf("Unexpected relative path: %v", rel)
    2574. 

  2574. 	}
    2575. 

  2575. 	path = filepath.Join(user.HomeDir, "/somedir/subdir")
    2576. 

  2576. 	rel = user.GetRelativePath(path)
    2577. 

  2577. 	if rel != "/somedir/subdir" {
    2578. 

  2578. 		t.Errorf("Unexpected relative path: %v", rel)
    2579. 

  2579. 	}
    2580. 

  2580. }
    2581. 

  2581. 

  2582. func TestUserPerms(t *testing.T) {
    2583. 

  2583. 	user := getTestUser(true)
    2584. 

  2584. 	user.Permissions = make(map[string][]string)
    2585. 

  2585. 	user.Permissions["/"] = []string{dataprovider.PermListItems}
    2586. 

  2586. 	user.Permissions["/p"] = []string{dataprovider.PermDelete}
    2587. 

  2587. 	user.Permissions["/p/1"] = []string{dataprovider.PermDownload, dataprovider.PermUpload}
    2588. 

  2588. 	user.Permissions["/p/2"] = []string{dataprovider.PermCreateDirs}
    2589. 

  2589. 	user.Permissions["/p/3"] = []string{dataprovider.PermChmod}
    2590. 

  2590. 	user.Permissions["/p/3/4"] = []string{dataprovider.PermChtimes}
    2591. 

  2591. 	user.Permissions["/tmp"] = []string{dataprovider.PermRename}
    2592. 

  2592. 	if !user.HasPerm(dataprovider.PermListItems, filepath.Join(user.HomeDir, "/")) {
    2593. 

  2593. 		t.Error("expected permission not found")
    2594. 

  2594. 	}
    2595. 

  2595. 	if !user.HasPerm(dataprovider.PermListItems, filepath.Join(user.HomeDir, ".")) {
    2596. 

  2596. 		t.Error("expected permission not found")
    2597. 

  2597. 	}
    2598. 

  2598. 	if !user.HasPerm(dataprovider.PermListItems, filepath.Join(user.HomeDir, "")) {
    2599. 

  2599. 		t.Error("expected permission not found")
    2600. 

  2600. 	}
    2601. 

  2601. 	if !user.HasPerm(dataprovider.PermListItems, filepath.Join(user.HomeDir, "../")) {
    2602. 

  2602. 		t.Error("expected permission not found")
    2603. 

  2603. 	}
    2604. 

  2604. 	// path p and /p are the same
    2605. 

  2605. 	if !user.HasPerm(dataprovider.PermDelete, filepath.Join(user.HomeDir, "/p")) {
    2606. 

  2606. 		t.Error("expected permission not found")
    2607. 

  2607. 	}
    2608. 

  2608. 	if !user.HasPerm(dataprovider.PermDownload, filepath.Join(user.HomeDir, "/p/1")) {
    2609. 

  2609. 		t.Error("expected permission not found")
    2610. 

  2610. 	}
    2611. 

  2611. 	if !user.HasPerm(dataprovider.PermCreateDirs, filepath.Join(user.HomeDir, "p/2")) {
    2612. 

  2612. 		t.Error("expected permission not found")
    2613. 

  2613. 	}
    2614. 

  2614. 	if !user.HasPerm(dataprovider.PermChmod, filepath.Join(user.HomeDir, "/p/3")) {
    2615. 

  2615. 		t.Error("expected permission not found")
    2616. 

  2616. 	}
    2617. 

  2617. 	if !user.HasPerm(dataprovider.PermChtimes, filepath.Join(user.HomeDir, "p/3/4")) {
    2618. 

  2618. 		t.Error("expected permission not found")
    2619. 

  2619. 	}
    2620. 

  2620. 	if !user.HasPerm(dataprovider.PermChtimes, filepath.Join(user.HomeDir, "p/3/4/../4")) {
    2621. 

  2621. 		t.Error("expected permission not found")
    2622. 

  2622. 	}
    2623. 

  2623. 	// undefined paths have permissions of the nearest path
    2624. 

  2624. 	if !user.HasPerm(dataprovider.PermListItems, filepath.Join(user.HomeDir, "/p34")) {
    2625. 

  2625. 		t.Error("expected permission not found")
    2626. 

  2626. 	}
    2627. 

  2627. 	if !user.HasPerm(dataprovider.PermListItems, filepath.Join(user.HomeDir, "/p34/p1/file.dat")) {
    2628. 

  2628. 		t.Error("expected permission not found")
    2629. 

  2629. 	}
    2630. 

  2630. 	if !user.HasPerm(dataprovider.PermChtimes, filepath.Join(user.HomeDir, "/p/3/4/5/6")) {
    2631. 

  2631. 		t.Error("expected permission not found")
    2632. 

  2632. 	}
    2633. 

  2633. 	if !user.HasPerm(dataprovider.PermDownload, filepath.Join(user.HomeDir, "/p/1/test/file.dat")) {
    2634. 

  2634. 		t.Error("expected permission not found")
    2635. 

  2635. 	}
    2636. 

  2636. }
    2637. 

  2637. 

  2638. func TestUserFiltersIPMaskConditions(t *testing.T) {
    2639. 

  2639. 	user := getTestUser(true)
    2640. 

  2640. 	// with no filter login must be allowed even if the remoteIP is invalid
    2641. 

  2641. 	if !user.IsLoginAllowed("192.168.1.5") {
    2642. 

  2642. 		t.Error("unexpected login denied")
    2643. 

  2643. 	}
    2644. 

  2644. 	if !user.IsLoginAllowed("invalid") {
    2645. 

  2645. 		t.Error("unexpected login denied")
    2646. 

  2646. 	}
    2647. 

  2647. 	user.Filters.DeniedIP = append(user.Filters.DeniedIP, "192.168.1.0/24")
    2648. 

  2648. 	if user.IsLoginAllowed("192.168.1.5") {
    2649. 

  2649. 		t.Error("unexpected login allowed")
    2650. 

  2650. 	}
    2651. 

  2651. 	if !user.IsLoginAllowed("192.168.2.6") {
    2652. 

  2652. 		t.Error("unexpected login denied")
    2653. 

  2653. 	}
    2654. 

  2654. 	user.Filters.AllowedIP = append(user.Filters.AllowedIP, "192.168.1.5/32")
    2655. 

  2655. 	// if the same ip/mask is both denied and allowed then login must be denied
    2656. 

  2656. 	if user.IsLoginAllowed("192.168.1.5") {
    2657. 

  2657. 		t.Error("unexpected login allowed")
    2658. 

  2658. 	}
    2659. 

  2659. 	if user.IsLoginAllowed("192.168.3.6") {
    2660. 

  2660. 		t.Error("unexpected login allowed")
    2661. 

  2661. 	}
    2662. 

  2662. 	user.Filters.DeniedIP = []string{}
    2663. 

  2663. 	if !user.IsLoginAllowed("192.168.1.5") {
    2664. 

  2664. 		t.Error("unexpected login denied")
    2665. 

  2665. 	}
    2666. 

  2666. 	if user.IsLoginAllowed("192.168.1.6") {
    2667. 

  2667. 		t.Error("unexpected login allowed")
    2668. 

  2668. 	}
    2669. 

  2669. 	user.Filters.DeniedIP = []string{"192.168.0.0/16", "172.16.0.0/16"}
    2670. 

  2670. 	user.Filters.AllowedIP = []string{}
    2671. 

  2671. 	if user.IsLoginAllowed("192.168.5.255") {
    2672. 

  2672. 		t.Error("unexpected login allowed")
    2673. 

  2673. 	}
    2674. 

  2674. 	if user.IsLoginAllowed("172.16.1.2") {
    2675. 

  2675. 		t.Error("unexpected login allowed")
    2676. 

  2676. 	}
    2677. 

  2677. 	if !user.IsLoginAllowed("172.18.2.1") {
    2678. 

  2678. 		t.Error("unexpected login denied")
    2679. 

  2679. 	}
    2680. 

  2680. 	user.Filters.AllowedIP = []string{"10.4.4.0/24"}
    2681. 

  2681. 	if user.IsLoginAllowed("10.5.4.2") {
    2682. 

  2682. 		t.Error("unexpected login allowed")
    2683. 

  2683. 	}
    2684. 

  2684. 	if !user.IsLoginAllowed("10.4.4.2") {
    2685. 

  2685. 		t.Error("unexpected login denied")
    2686. 

  2686. 	}
    2687. 

  2687. 	if !user.IsLoginAllowed("invalid") {
    2688. 

  2688. 		t.Error("unexpected login denied")
    2689. 

  2689. 	}
    2690. 

  2690. }
    2691. 

  2691. 

  2692. func TestSSHCommands(t *testing.T) {
    2693. 

  2693. 	usePubKey := false
    2694. 

  2694. 	user, _, err := httpd.AddUser(getTestUser(usePubKey), http.StatusOK)
    2695. 

  2695. 	if err != nil {
    2696. 

  2696. 		t.Errorf("unable to add user: %v", err)
    2697. 

  2697. 	}
    2698. 

  2698. 	_, err = runSSHCommand("ls", user, usePubKey)
    2699. 

  2699. 	if err == nil {
    2700. 

  2700. 		t.Errorf("unsupported ssh command must fail")
    2701. 

  2701. 	}
    2702. 

  2702. 	_, err = runSSHCommand("cd", user, usePubKey)
    2703. 

  2703. 	if err != nil {
    2704. 

  2704. 		t.Errorf("unexpected error for ssh cd command: %v", err)
    2705. 

  2705. 	}
    2706. 

  2706. 	out, err := runSSHCommand("pwd", user, usePubKey)
    2707. 

  2707. 	if err != nil {
    2708. 

  2708. 		t.Errorf("unexpected error: %v", err)
    2709. 

  2709. 		t.Fail()
    2710. 

  2710. 	}
    2711. 

  2711. 	if string(out) != "/\n" {
    2712. 

  2712. 		t.Errorf("invalid response for ssh pwd command: %v", string(out))
    2713. 

  2713. 	}
    2714. 

  2714. 	out, err = runSSHCommand("md5sum", user, usePubKey)
    2715. 

  2715. 	if err != nil {
    2716. 

  2716. 		t.Errorf("unexpected error: %v", err)
    2717. 

  2717. 		t.Fail()
    2718. 

  2718. 	}
    2719. 

  2719. 	// echo -n '' | md5sum
    2720. 

  2720. 	if !strings.Contains(string(out), "d41d8cd98f00b204e9800998ecf8427e") {
    2721. 

  2721. 		t.Errorf("invalid md5sum: %v", string(out))
    2722. 

  2722. 	}
    2723. 

  2723. 	out, err = runSSHCommand("sha1sum", user, usePubKey)
    2724. 

  2724. 	if err != nil {
    2725. 

  2725. 		t.Errorf("unexpected error: %v", err)
    2726. 

  2726. 		t.Fail()
    2727. 

  2727. 	}
    2728. 

  2728. 	if !strings.Contains(string(out), "da39a3ee5e6b4b0d3255bfef95601890afd80709") {
    2729. 

  2729. 		t.Errorf("invalid sha1sum: %v", string(out))
    2730. 

  2730. 	}
    2731. 

  2731. 	out, err = runSSHCommand("sha256sum", user, usePubKey)
    2732. 

  2732. 	if err != nil {
    2733. 

  2733. 		t.Errorf("unexpected error: %v", err)
    2734. 

  2734. 		t.Fail()
    2735. 

  2735. 	}
    2736. 

  2736. 	if !strings.Contains(string(out), "e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855") {
    2737. 

  2737. 		t.Errorf("invalid sha256sum: %v", string(out))
    2738. 

  2738. 	}
    2739. 

  2739. 	out, err = runSSHCommand("sha384sum", user, usePubKey)
    2740. 

  2740. 	if err != nil {
    2741. 

  2741. 		t.Errorf("unexpected error: %v", err)
    2742. 

  2742. 		t.Fail()
    2743. 

  2743. 	}
    2744. 

  2744. 	if !strings.Contains(string(out), "38b060a751ac96384cd9327eb1b1e36a21fdb71114be07434c0cc7bf63f6e1da274edebfe76f65fbd51ad2f14898b95b") {
    2745. 

  2745. 		t.Errorf("invalid sha384sum: %v", string(out))
    2746. 

  2746. 	}
    2747. 

  2747. 	_, err = httpd.RemoveUser(user, http.StatusOK)
    2748. 

  2748. 	if err != nil {
    2749. 

  2749. 		t.Errorf("unable to remove user: %v", err)
    2750. 

  2750. 	}
    2751. 

  2751. }
    2752. 

  2752. 

  2753. func TestSSHFileHash(t *testing.T) {
    2754. 

  2754. 	usePubKey := true
    2755. 

  2755. 	user, _, err := httpd.AddUser(getTestUser(usePubKey), http.StatusOK)
    2756. 

  2756. 	if err != nil {
    2757. 

  2757. 		t.Errorf("unable to add user: %v", err)
    2758. 

  2758. 	}
    2759. 

  2759. 	client, err := getSftpClient(user, usePubKey)
    2760. 

  2760. 	if err != nil {
    2761. 

  2761. 		t.Errorf("unable to create sftp client: %v", err)
    2762. 

  2762. 	} else {
    2763. 

  2763. 		defer client.Close()
    2764. 

  2764. 		testFileName := "test_file.dat"
    2765. 

  2765. 		testFilePath := filepath.Join(homeBasePath, testFileName)
    2766. 

  2766. 		testFileSize := int64(65535)
    2767. 

  2767. 		err = createTestFile(testFilePath, testFileSize)
    2768. 

  2768. 		if err != nil {
    2769. 

  2769. 			t.Errorf("unable to create test file: %v", err)
    2770. 

  2770. 		}
    2771. 

  2771. 		err = sftpUploadFile(testFilePath, testFileName, testFileSize, client)
    2772. 

  2772. 		if err != nil {
    2773. 

  2773. 			t.Errorf("file upload error: %v", err)
    2774. 

  2774. 		}
    2775. 

  2775. 		user.Permissions = make(map[string][]string)
    2776. 

  2776. 		user.Permissions["/"] = []string{dataprovider.PermUpload}
    2777. 

  2777. 		_, _, err = httpd.UpdateUser(user, http.StatusOK)
    2778. 

  2778. 		if err != nil {
    2779. 

  2779. 			t.Errorf("unable to update user: %v", err)
    2780. 

  2780. 		}
    2781. 

  2781. 		_, err = runSSHCommand("sha512sum "+testFileName, user, usePubKey)
    2782. 

  2782. 		if err == nil {
    2783. 

  2783. 			t.Errorf("hash command with no list permission must fail")
    2784. 

  2784. 		}
    2785. 

  2785. 		user.Permissions["/"] = []string{dataprovider.PermAny}
    2786. 

  2786. 		_, _, err = httpd.UpdateUser(user, http.StatusOK)
    2787. 

  2787. 		if err != nil {
    2788. 

  2788. 			t.Errorf("unable to update user: %v", err)
    2789. 

  2789. 		}
    2790. 

  2790. 		initialHash, err := computeHashForFile(sha512.New(), testFilePath)
    2791. 

  2791. 		if err != nil {
    2792. 

  2792. 			t.Errorf("error computing file hash: %v", err)
    2793. 

  2793. 		}
    2794. 

  2794. 		out, err := runSSHCommand("sha512sum "+testFileName, user, usePubKey)
    2795. 

  2795. 		if err != nil {
    2796. 

  2796. 			t.Errorf("unexpected error: %v", err)
    2797. 

  2797. 			t.Fail()
    2798. 

  2798. 		}
    2799. 

  2799. 		if !strings.Contains(string(out), initialHash) {
    2800. 

  2800. 			t.Errorf("invalid sha512sum: %v", string(out))
    2801. 

  2801. 		}
    2802. 

  2802. 		_, err = runSSHCommand("sha512sum invalid_path", user, usePubKey)
    2803. 

  2803. 		if err == nil {
    2804. 

  2804. 			t.Errorf("hash for an invalid path must fail")
    2805. 

  2805. 		}
    2806. 

  2806. 		os.Remove(testFilePath)
    2807. 

  2807. 	}
    2808. 

  2808. 	_, err = httpd.RemoveUser(user, http.StatusOK)
    2809. 

  2809. 	if err != nil {
    2810. 

  2810. 		t.Errorf("unable to remove user: %v", err)
    2811. 

  2811. 	}
    2812. 

  2812. 	os.RemoveAll(user.GetHomeDir())
    2813. 

  2813. }
    2814. 

  2814. 

  2815. func TestBasicGitCommands(t *testing.T) {
    2816. 

  2816. 	if len(gitPath) == 0 || len(sshPath) == 0 {
    2817. 

  2817. 		t.Skip("git and/or ssh command not found, unable to execute this test")
    2818. 

  2818. 	}
    2819. 

  2819. 	usePubKey := true
    2820. 

  2820. 	u := getTestUser(usePubKey)
    2821. 

  2821. 	user, _, err := httpd.AddUser(u, http.StatusOK)
    2822. 

  2822. 	if err != nil {
    2823. 

  2823. 		t.Errorf("unable to add user: %v", err)
    2824. 

  2824. 	}
    2825. 

  2825. 	repoName := "testrepo"
    2826. 

  2826. 	clonePath := filepath.Join(homeBasePath, repoName)
    2827. 

  2827. 	os.RemoveAll(user.GetHomeDir())
    2828. 

  2828. 	os.RemoveAll(filepath.Join(homeBasePath, repoName))
    2829. 

  2829. 	out, err := initGitRepo(filepath.Join(user.HomeDir, repoName))
    2830. 

  2830. 	if err != nil {
    2831. 

  2831. 		t.Errorf("unexpected error: %v out: %v", err, string(out))
    2832. 

  2832. 	}
    2833. 

  2833. 	out, err = cloneGitRepo(homeBasePath, "/"+repoName, user.Username)
    2834. 

  2834. 	if err != nil {
    2835. 

  2835. 		t.Errorf("unexpected error: %v out: %v", err, string(out))
    2836. 

  2836. 	}
    2837. 

  2837. 	out, err = addFileToGitRepo(clonePath, 128)
    2838. 

  2838. 	if err != nil {
    2839. 

  2839. 		t.Errorf("unexpected error: %v out: %v", err, string(out))
    2840. 

  2840. 	}
    2841. 

  2841. 	user.QuotaFiles = 100000
    2842. 

  2842. 	_, _, err = httpd.UpdateUser(user, http.StatusOK)
    2843. 

  2843. 	if err != nil {
    2844. 

  2844. 		t.Errorf("unable to update user: %v", err)
    2845. 

  2845. 	}
    2846. 

  2846. 	out, err = pushToGitRepo(clonePath)
    2847. 

  2847. 	if err != nil {
    2848. 

  2848. 		t.Errorf("unexpected error: %v out: %v", err, string(out))
    2849. 

  2849. 		printLatestLogs(10)
    2850. 

  2850. 	}
    2851. 

  2851. 	err = waitQuotaScans()
    2852. 

  2852. 	if err != nil {
    2853. 

  2853. 		t.Errorf("error waiting for active quota scans: %v", err)
    2854. 

  2854. 	}
    2855. 

  2855. 	user, _, err = httpd.GetUserByID(user.ID, http.StatusOK)
    2856. 

  2856. 	if err != nil {
    2857. 

  2857. 		t.Errorf("unable to get user: %v", err)
    2858. 

  2858. 	}
    2859. 

  2859. 	user.QuotaSize = user.UsedQuotaSize - 1
    2860. 

  2860. 	_, _, err = httpd.UpdateUser(user, http.StatusOK)
    2861. 

  2861. 	if err != nil {
    2862. 

  2862. 		t.Errorf("unable to update user: %v", err)
    2863. 

  2863. 	}
    2864. 

  2864. 	out, err = pushToGitRepo(clonePath)
    2865. 

  2865. 	if err == nil {
    2866. 

  2866. 		t.Errorf("git push must fail if quota is exceeded, out: %v", string(out))
    2867. 

  2867. 	}
    2868. 

  2868. 	_, err = httpd.RemoveUser(user, http.StatusOK)
    2869. 

  2869. 	if err != nil {
    2870. 

  2870. 		t.Errorf("unable to remove user: %v", err)
    2871. 

  2871. 	}
    2872. 

  2872. 	os.RemoveAll(user.GetHomeDir())
    2873. 

  2873. 	os.RemoveAll(clonePath)
    2874. 

  2874. }
    2875. 

  2875. 

  2876. func TestGitErrors(t *testing.T) {
    2877. 

  2877. 	if len(gitPath) == 0 || len(sshPath) == 0 {
    2878. 

  2878. 		t.Skip("git and/or ssh command not found, unable to execute this test")
    2879. 

  2879. 	}
    2880. 

  2880. 	usePubKey := true
    2881. 

  2881. 	u := getTestUser(usePubKey)
    2882. 

  2882. 	user, _, err := httpd.AddUser(u, http.StatusOK)
    2883. 

  2883. 	if err != nil {
    2884. 

  2884. 		t.Errorf("unable to add user: %v", err)
    2885. 

  2885. 	}
    2886. 

  2886. 	repoName := "testrepo"
    2887. 

  2887. 	clonePath := filepath.Join(homeBasePath, repoName)
    2888. 

  2888. 	os.RemoveAll(user.GetHomeDir())
    2889. 

  2889. 	os.RemoveAll(filepath.Join(homeBasePath, repoName))
    2890. 

  2890. 	out, err := cloneGitRepo(homeBasePath, "/"+repoName, user.Username)
    2891. 

  2891. 	if err == nil {
    2892. 

  2892. 		t.Errorf("cloning a missing repo must fail, out: %v", string(out))
    2893. 

  2893. 	}
    2894. 

  2894. 	_, err = httpd.RemoveUser(user, http.StatusOK)
    2895. 

  2895. 	if err != nil {
    2896. 

  2896. 		t.Errorf("unable to remove user: %v", err)
    2897. 

  2897. 	}
    2898. 

  2898. 	os.RemoveAll(user.GetHomeDir())
    2899. 

  2899. 	os.RemoveAll(clonePath)
    2900. 

  2900. }
    2901. 

  2901. 

  2902. // Start SCP tests
    2903. 

  2903. func TestSCPBasicHandling(t *testing.T) {
    2904. 

  2904. 	if len(scpPath) == 0 {
    2905. 

  2905. 		t.Skip("scp command not found, unable to execute this test")
    2906. 

  2906. 	}
    2907. 

  2907. 	usePubKey := true
    2908. 

  2908. 	u := getTestUser(usePubKey)
    2909. 

  2909. 	u.QuotaSize = 6553600
    2910. 

  2910. 	user, _, err := httpd.AddUser(u, http.StatusOK)
    2911. 

  2911. 	if err != nil {
    2912. 

  2912. 		t.Errorf("unable to add user: %v", err)
    2913. 

  2913. 	}
    2914. 

  2914. 	testFileName := "test_file.dat"
    2915. 

  2915. 	testFilePath := filepath.Join(homeBasePath, testFileName)
    2916. 

  2916. 	testFileSize := int64(131074)
    2917. 

  2917. 	expectedQuotaSize := user.UsedQuotaSize + testFileSize
    2918. 

  2918. 	expectedQuotaFiles := user.UsedQuotaFiles + 1
    2919. 

  2919. 	err = createTestFile(testFilePath, testFileSize)
    2920. 

  2920. 	if err != nil {
    2921. 

  2921. 		t.Errorf("unable to create test file: %v", err)
    2922. 

  2922. 	}
    2923. 

  2923. 	remoteUpPath := fmt.Sprintf("%[email protected]:%v", user.Username, "/")
    2924. 

  2924. 	remoteDownPath := fmt.Sprintf("%[email protected]:%v", user.Username, path.Join("/", testFileName))
    2925. 

  2925. 	localPath := filepath.Join(homeBasePath, "scp_download.dat")
    2926. 

  2926. 	// test to download a missing file
    2927. 

  2927. 	err = scpDownload(localPath, remoteDownPath, false, false)
    2928. 

  2928. 	if err == nil {
    2929. 

  2929. 		t.Errorf("downloading a missing file via scp must fail")
    2930. 

  2930. 	}
    2931. 

  2931. 	err = scpUpload(testFilePath, remoteUpPath, false, false)
    2932. 

  2932. 	if err != nil {
    2933. 

  2933. 		t.Errorf("error uploading file via scp: %v", err)
    2934. 

  2934. 	}
    2935. 

  2935. 	err = scpDownload(localPath, remoteDownPath, false, false)
    2936. 

  2936. 	if err != nil {
    2937. 

  2937. 		t.Errorf("error downloading file via scp: %v", err)
    2938. 

  2938. 	}
    2939. 

  2939. 	fi, err := os.Stat(localPath)
    2940. 

  2940. 	if err != nil {
    2941. 

  2941. 		t.Errorf("stat for the downloaded file must succeed")
    2942. 

  2942. 	} else {
    2943. 

  2943. 		if fi.Size() != testFileSize {
    2944. 

  2944. 			t.Errorf("size of the file downloaded via SCP does not match the expected one")
    2945. 

  2945. 		}
    2946. 

  2946. 	}
    2947. 

  2947. 	os.Remove(localPath)
    2948. 

  2948. 	user, _, err = httpd.GetUserByID(user.ID, http.StatusOK)
    2949. 

  2949. 	if err != nil {
    2950. 

  2950. 		t.Errorf("error getting user: %v", err)
    2951. 

  2951. 	}
    2952. 

  2952. 	if expectedQuotaFiles != user.UsedQuotaFiles {
    2953. 

  2953. 		t.Errorf("quota files does not match, expected: %v, actual: %v", expectedQuotaFiles, user.UsedQuotaFiles)
    2954. 

  2954. 	}
    2955. 

  2955. 	if expectedQuotaSize != user.UsedQuotaSize {
    2956. 

  2956. 		t.Errorf("quota size does not match, expected: %v, actual: %v", expectedQuotaSize, user.UsedQuotaSize)
    2957. 

  2957. 	}
    2958. 

  2958. 	err = os.RemoveAll(user.GetHomeDir())
    2959. 

  2959. 	if err != nil {
    2960. 

  2960. 		t.Errorf("error removing uploaded files")
    2961. 

  2961. 	}
    2962. 

  2962. 	_, err = httpd.RemoveUser(user, http.StatusOK)
    2963. 

  2963. 	if err != nil {
    2964. 

  2964. 		t.Errorf("unable to remove user: %v", err)
    2965. 

  2965. 	}
    2966. 

  2966. 	os.Remove(testFilePath)
    2967. 

  2967. }
    2968. 

  2968. 

  2969. func TestSCPUploadFileOverwrite(t *testing.T) {
    2970. 

  2970. 	if len(scpPath) == 0 {
    2971. 

  2971. 		t.Skip("scp command not found, unable to execute this test")
    2972. 

  2972. 	}
    2973. 

  2973. 	usePubKey := true
    2974. 

  2974. 	u := getTestUser(usePubKey)
    2975. 

  2975. 	u.QuotaFiles = 1000
    2976. 

  2976. 	user, _, err := httpd.AddUser(u, http.StatusOK)
    2977. 

  2977. 	if err != nil {
    2978. 

  2978. 		t.Errorf("unable to add user: %v", err)
    2979. 

  2979. 	}
    2980. 

  2980. 	os.RemoveAll(user.GetHomeDir())
    2981. 

  2981. 	testFileName := "test_file.dat"
    2982. 

  2982. 	testFilePath := filepath.Join(homeBasePath, testFileName)
    2983. 

  2983. 	testFileSize := int64(32760)
    2984. 

  2984. 	err = createTestFile(testFilePath, testFileSize)
    2985. 

  2985. 	if err != nil {
    2986. 

  2986. 		t.Errorf("unable to create test file: %v", err)
    2987. 

  2987. 	}
    2988. 

  2988. 	remoteUpPath := fmt.Sprintf("%[email protected]:%v", user.Username, path.Join("/", testFileName))
    2989. 

  2989. 	err = scpUpload(testFilePath, remoteUpPath, true, false)
    2990. 

  2990. 	if err != nil {
    2991. 

  2991. 		t.Errorf("error uploading file via scp: %v", err)
    2992. 

  2992. 	}
    2993. 

  2993. 	// test a new upload that must overwrite the existing file
    2994. 

  2994. 	err = scpUpload(testFilePath, remoteUpPath, true, false)
    2995. 

  2995. 	if err != nil {
    2996. 

  2996. 		t.Errorf("error uploading existing file via scp: %v", err)
    2997. 

  2997. 	}
    2998. 

  2998. 	user, _, err = httpd.GetUserByID(user.ID, http.StatusOK)
    2999. 

  2999. 	if err != nil {
    3000. 

  3000. 		t.Errorf("error getting user: %v", err)
    3001. 

  3001. 	}
    3002. 

  3002. 	if user.UsedQuotaSize != testFileSize || user.UsedQuotaFiles != 1 {
    3003. 

  3003. 		t.Errorf("update quota error on file overwrite, actual size: %v, expected: %v actual files: %v, expected: 1",
    3004. 

  3004. 			user.UsedQuotaSize, testFileSize, user.UsedQuotaFiles)
    3005. 

  3005. 	}
    3006. 

  3006. 	remoteDownPath := fmt.Sprintf("%[email protected]:%v", user.Username, path.Join("/", testFileName))
    3007. 

  3007. 	localPath := filepath.Join(homeBasePath, "scp_download.dat")
    3008. 

  3008. 	err = scpDownload(localPath, remoteDownPath, false, false)
    3009. 

  3009. 	if err != nil {
    3010. 

  3010. 		t.Errorf("error downloading file via scp: %v", err)
    3011. 

  3011. 	}
    3012. 

  3012. 	fi, err := os.Stat(localPath)
    3013. 

  3013. 	if err != nil {
    3014. 

  3014. 		t.Errorf("stat for the downloaded file must succeed")
    3015. 

  3015. 	} else {
    3016. 

  3016. 		if fi.Size() != testFileSize {
    3017. 

  3017. 			t.Errorf("size of the file downloaded via SCP does not match the expected one")
    3018. 

  3018. 		}
    3019. 

  3019. 	}
    3020. 

  3020. 	os.Remove(localPath)
    3021. 

  3021. 	os.Remove(testFilePath)
    3022. 

  3022. 	err = os.RemoveAll(user.GetHomeDir())
    3023. 

  3023. 	if err != nil {
    3024. 

  3024. 		t.Errorf("error removing uploaded files")
    3025. 

  3025. 	}
    3026. 

  3026. 	_, err = httpd.RemoveUser(user, http.StatusOK)
    3027. 

  3027. 	if err != nil {
    3028. 

  3028. 		t.Errorf("unable to remove user: %v", err)
    3029. 

  3029. 	}
    3030. 

  3030. }
    3031. 

  3031. 

  3032. func TestSCPRecursive(t *testing.T) {
    3033. 

  3033. 	if len(scpPath) == 0 {
    3034. 

  3034. 		t.Skip("scp command not found, unable to execute this test")
    3035. 

  3035. 	}
    3036. 

  3036. 	usePubKey := true
    3037. 

  3037. 	u := getTestUser(usePubKey)
    3038. 

  3038. 	user, _, err := httpd.AddUser(u, http.StatusOK)
    3039. 

  3039. 	if err != nil {
    3040. 

  3040. 		t.Errorf("unable to add user: %v", err)
    3041. 

  3041. 	}
    3042. 

  3042. 	testFileName := "test_file.dat"
    3043. 

  3043. 	testBaseDirName := "test_dir"
    3044. 

  3044. 	testBaseDirPath := filepath.Join(homeBasePath, testBaseDirName)
    3045. 

  3045. 	testBaseDirDownName := "test_dir_down"
    3046. 

  3046. 	testBaseDirDownPath := filepath.Join(homeBasePath, testBaseDirDownName)
    3047. 

  3047. 	testFilePath := filepath.Join(homeBasePath, testBaseDirName, testFileName)
    3048. 

  3048. 	testFilePath1 := filepath.Join(homeBasePath, testBaseDirName, testBaseDirName, testFileName)
    3049. 

  3049. 	testFileSize := int64(131074)
    3050. 

  3050. 	createTestFile(testFilePath, testFileSize)
    3051. 

  3051. 	createTestFile(testFilePath1, testFileSize)
    3052. 

  3052. 	remoteDownPath := fmt.Sprintf("%[email protected]:%v", user.Username, path.Join("/", testBaseDirName))
    3053. 

  3053. 	// test to download a missing dir
    3054. 

  3054. 	err = scpDownload(testBaseDirDownPath, remoteDownPath, true, true)
    3055. 

  3055. 	if err == nil {
    3056. 

  3056. 		t.Errorf("downloading a missing dir via scp must fail")
    3057. 

  3057. 	}
    3058. 

  3058. 	remoteUpPath := fmt.Sprintf("%[email protected]:%v", user.Username, "/")
    3059. 

  3059. 	err = scpUpload(testBaseDirPath, remoteUpPath, true, false)
    3060. 

  3060. 	if err != nil {
    3061. 

  3061. 		t.Errorf("error uploading dir via scp: %v", err)
    3062. 

  3062. 	}
    3063. 

  3063. 	err = scpDownload(testBaseDirDownPath, remoteDownPath, true, true)
    3064. 

  3064. 	if err != nil {
    3065. 

  3065. 		t.Errorf("error downloading dir via scp: %v", err)
    3066. 

  3066. 	}
    3067. 

  3067. 	// test download without passing -r
    3068. 

  3068. 	err = scpDownload(testBaseDirDownPath, remoteDownPath, true, false)
    3069. 

  3069. 	if err == nil {
    3070. 

  3070. 		t.Errorf("recursive download without -r must fail")
    3071. 

  3071. 	}
    3072. 

  3072. 	fi, err := os.Stat(filepath.Join(testBaseDirDownPath, testFileName))
    3073. 

  3073. 	if err != nil {
    3074. 

  3074. 		t.Errorf("error downloading file using scp recursive: %v", err)
    3075. 

  3075. 	} else {
    3076. 

  3076. 		if fi.Size() != testFileSize {
    3077. 

  3077. 			t.Errorf("size for file downloaded using recursive scp does not match, actual: %v, expected: %v", fi.Size(), testFileSize)
    3078. 

  3078. 		}
    3079. 

  3079. 	}
    3080. 

  3080. 	fi, err = os.Stat(filepath.Join(testBaseDirDownPath, testBaseDirName, testFileName))
    3081. 

  3081. 	if err != nil {
    3082. 

  3082. 		t.Errorf("error downloading file using scp recursive: %v", err)
    3083. 

  3083. 	} else {
    3084. 

  3084. 		if fi.Size() != testFileSize {
    3085. 

  3085. 			t.Errorf("size for file downloaded using recursive scp does not match, actual: %v, expected: %v", fi.Size(), testFileSize)
    3086. 

  3086. 		}
    3087. 

  3087. 	}
    3088. 

  3088. 	// upload to a non existent dir
    3089. 

  3089. 	remoteUpPath = fmt.Sprintf("%[email protected]:%v", user.Username, "/non_existent_dir")
    3090. 

  3090. 	err = scpUpload(testBaseDirPath, remoteUpPath, true, false)
    3091. 

  3091. 	if err == nil {
    3092. 

  3092. 		t.Errorf("uploading via scp to a non existent dir must fail")
    3093. 

  3093. 	}
    3094. 

  3094. 	os.RemoveAll(testBaseDirPath)
    3095. 

  3095. 	os.RemoveAll(testBaseDirDownPath)
    3096. 

  3096. 	err = os.RemoveAll(user.GetHomeDir())
    3097. 

  3097. 	if err != nil {
    3098. 

  3098. 		t.Errorf("error removing uploaded files")
    3099. 

  3099. 	}
    3100. 

  3100. 	_, err = httpd.RemoveUser(user, http.StatusOK)
    3101. 

  3101. 	if err != nil {
    3102. 

  3102. 		t.Errorf("unable to remove user: %v", err)
    3103. 

  3103. 	}
    3104. 

  3104. }
    3105. 

  3105. 

  3106. func TestSCPPermsSubDirs(t *testing.T) {
    3107. 

  3107. 	if len(scpPath) == 0 {
    3108. 

  3108. 		t.Skip("scp command not found, unable to execute this test")
    3109. 

  3109. 	}
    3110. 

  3110. 	usePubKey := true
    3111. 

  3111. 	u := getTestUser(usePubKey)
    3112. 

  3112. 	u.Permissions["/"] = []string{dataprovider.PermAny}
    3113. 

  3113. 	u.Permissions["/somedir"] = []string{dataprovider.PermListItems, dataprovider.PermUpload}
    3114. 

  3114. 	user, _, err := httpd.AddUser(u, http.StatusOK)
    3115. 

  3115. 	if err != nil {
    3116. 

  3116. 		t.Errorf("unable to add user: %v", err)
    3117. 

  3117. 	}
    3118. 

  3118. 	localPath := filepath.Join(homeBasePath, "scp_download.dat")
    3119. 

  3119. 	subPath := filepath.Join(user.GetHomeDir(), "somedir")
    3120. 

  3120. 	testFileSize := int64(65535)
    3121. 

  3121. 	os.MkdirAll(subPath, 0777)
    3122. 

  3122. 	remoteDownPath := fmt.Sprintf("%[email protected]:%v", user.Username, "/somedir")
    3123. 

  3123. 	err = scpDownload(localPath, remoteDownPath, false, true)
    3124. 

  3124. 	if err == nil {
    3125. 

  3125. 		t.Error("download a dir with no permissions must fail")
    3126. 

  3126. 	}
    3127. 

  3127. 	os.Remove(subPath)
    3128. 

  3128. 	err = createTestFile(subPath, testFileSize)
    3129. 

  3129. 	if err != nil {
    3130. 

  3130. 		t.Errorf("unable to create test file: %v", err)
    3131. 

  3131. 	}
    3132. 

  3132. 	err = scpDownload(localPath, remoteDownPath, false, false)
    3133. 

  3133. 	if err != nil {
    3134. 

  3134. 		t.Errorf("unexpected download error: %v", err)
    3135. 

  3135. 	}
    3136. 

  3136. 	os.Chmod(subPath, 0001)
    3137. 

  3137. 	err = scpDownload(localPath, remoteDownPath, false, false)
    3138. 

  3138. 	if err == nil {
    3139. 

  3139. 		t.Error("download a file with no system permissions must fail")
    3140. 

  3140. 	}
    3141. 

  3141. 	os.Chmod(subPath, 0755)
    3142. 

  3142. 	os.Remove(localPath)
    3143. 

  3143. 	os.RemoveAll(user.GetHomeDir())
    3144. 

  3144. 	_, err = httpd.RemoveUser(user, http.StatusOK)
    3145. 

  3145. 	if err != nil {
    3146. 

  3146. 		t.Errorf("unable to remove user: %v", err)
    3147. 

  3147. 	}
    3148. 

  3148. }
    3149. 

  3149. 

  3150. func TestSCPPermCreateDirs(t *testing.T) {
    3151. 

  3151. 	if len(scpPath) == 0 {
    3152. 

  3152. 		t.Skip("scp command not found, unable to execute this test")
    3153. 

  3153. 	}
    3154. 

  3154. 	usePubKey := true
    3155. 

  3155. 	u := getTestUser(usePubKey)
    3156. 

  3156. 	u.Permissions["/"] = []string{dataprovider.PermDownload, dataprovider.PermUpload}
    3157. 

  3157. 	user, _, err := httpd.AddUser(u, http.StatusOK)
    3158. 

  3158. 	if err != nil {
    3159. 

  3159. 		t.Errorf("unable to add user: %v", err)
    3160. 

  3160. 	}
    3161. 

  3161. 	testFileName := "test_file.dat"
    3162. 

  3162. 	testFilePath := filepath.Join(homeBasePath, testFileName)
    3163. 

  3163. 	testFileSize := int64(32760)
    3164. 

  3164. 	testBaseDirName := "test_dir"
    3165. 

  3165. 	testBaseDirPath := filepath.Join(homeBasePath, testBaseDirName)
    3166. 

  3166. 	testFilePath1 := filepath.Join(homeBasePath, testBaseDirName, testFileName)
    3167. 

  3167. 	err = createTestFile(testFilePath, testFileSize)
    3168. 

  3168. 	if err != nil {
    3169. 

  3169. 		t.Errorf("unable to create test file: %v", err)
    3170. 

  3170. 	}
    3171. 

  3171. 	err = createTestFile(testFilePath1, testFileSize)
    3172. 

  3172. 	if err != nil {
    3173. 

  3173. 		t.Errorf("unable to create test file: %v", err)
    3174. 

  3174. 	}
    3175. 

  3175. 	remoteUpPath := fmt.Sprintf("%[email protected]:%v", user.Username, "/tmp/")
    3176. 

  3176. 	err = scpUpload(testFilePath, remoteUpPath, true, false)
    3177. 

  3177. 	if err == nil {
    3178. 

  3178. 		t.Errorf("scp upload must fail, the user cannot create files in a missing dir")
    3179. 

  3179. 	}
    3180. 

  3180. 	err = scpUpload(testBaseDirPath, remoteUpPath, true, false)
    3181. 

  3181. 	if err == nil {
    3182. 

  3182. 		t.Errorf("scp upload must fail, the user cannot create new dirs")
    3183. 

  3183. 	}
    3184. 

  3184. 	err = os.Remove(testFilePath)
    3185. 

  3185. 	if err != nil {
    3186. 

  3186. 		t.Errorf("error removing test file")
    3187. 

  3187. 	}
    3188. 

  3188. 	os.RemoveAll(testBaseDirPath)
    3189. 

  3189. 	err = os.RemoveAll(user.GetHomeDir())
    3190. 

  3190. 	if err != nil {
    3191. 

  3191. 		t.Errorf("error removing uploaded files")
    3192. 

  3192. 	}
    3193. 

  3193. 	_, err = httpd.RemoveUser(user, http.StatusOK)
    3194. 

  3194. 	if err != nil {
    3195. 

  3195. 		t.Errorf("unable to remove user: %v", err)
    3196. 

  3196. 	}
    3197. 

  3197. }
    3198. 

  3198. 

  3199. func TestSCPPermUpload(t *testing.T) {
    3200. 

  3200. 	if len(scpPath) == 0 {
    3201. 

  3201. 		t.Skip("scp command not found, unable to execute this test")
    3202. 

  3202. 	}
    3203. 

  3203. 	usePubKey := true
    3204. 

  3204. 	u := getTestUser(usePubKey)
    3205. 

  3205. 	u.Permissions["/"] = []string{dataprovider.PermDownload, dataprovider.PermCreateDirs}
    3206. 

  3206. 	user, _, err := httpd.AddUser(u, http.StatusOK)
    3207. 

  3207. 	if err != nil {
    3208. 

  3208. 		t.Errorf("unable to add user: %v", err)
    3209. 

  3209. 	}
    3210. 

  3210. 	testFileName := "test_file.dat"
    3211. 

  3211. 	testFilePath := filepath.Join(homeBasePath, testFileName)
    3212. 

  3212. 	testFileSize := int64(65536)
    3213. 

  3213. 	err = createTestFile(testFilePath, testFileSize)
    3214. 

  3214. 	if err != nil {
    3215. 

  3215. 		t.Errorf("unable to create test file: %v", err)
    3216. 

  3216. 	}
    3217. 

  3217. 	remoteUpPath := fmt.Sprintf("%[email protected]:%v", user.Username, "/tmp")
    3218. 

  3218. 	err = scpUpload(testFilePath, remoteUpPath, true, false)
    3219. 

  3219. 	if err == nil {
    3220. 

  3220. 		t.Errorf("scp upload must fail, the user cannot upload")
    3221. 

  3221. 	}
    3222. 

  3222. 	err = os.Remove(testFilePath)
    3223. 

  3223. 	if err != nil {
    3224. 

  3224. 		t.Errorf("error removing test file")
    3225. 

  3225. 	}
    3226. 

  3226. 	err = os.RemoveAll(user.GetHomeDir())
    3227. 

  3227. 	if err != nil {
    3228. 

  3228. 		t.Errorf("error removing uploaded files")
    3229. 

  3229. 	}
    3230. 

  3230. 	_, err = httpd.RemoveUser(user, http.StatusOK)
    3231. 

  3231. 	if err != nil {
    3232. 

  3232. 		t.Errorf("unable to remove user: %v", err)
    3233. 

  3233. 	}
    3234. 

  3234. }
    3235. 

  3235. 

  3236. func TestSCPPermOverwrite(t *testing.T) {
    3237. 

  3237. 	if len(scpPath) == 0 {
    3238. 

  3238. 		t.Skip("scp command not found, unable to execute this test")
    3239. 

  3239. 	}
    3240. 

  3240. 	usePubKey := true
    3241. 

  3241. 	u := getTestUser(usePubKey)
    3242. 

  3242. 	u.Permissions["/"] = []string{dataprovider.PermUpload, dataprovider.PermCreateDirs}
    3243. 

  3243. 	user, _, err := httpd.AddUser(u, http.StatusOK)
    3244. 

  3244. 	if err != nil {
    3245. 

  3245. 		t.Errorf("unable to add user: %v", err)
    3246. 

  3246. 	}
    3247. 

  3247. 	testFileName := "test_file.dat"
    3248. 

  3248. 	testFilePath := filepath.Join(homeBasePath, testFileName)
    3249. 

  3249. 	testFileSize := int64(65536)
    3250. 

  3250. 	err = createTestFile(testFilePath, testFileSize)
    3251. 

  3251. 	if err != nil {
    3252. 

  3252. 		t.Errorf("unable to create test file: %v", err)
    3253. 

  3253. 	}
    3254. 

  3254. 	remoteUpPath := fmt.Sprintf("%[email protected]:%v", user.Username, "/tmp")
    3255. 

  3255. 	err = scpUpload(testFilePath, remoteUpPath, true, false)
    3256. 

  3256. 	if err != nil {
    3257. 

  3257. 		t.Errorf("scp upload error: %v", err)
    3258. 

  3258. 	}
    3259. 

  3259. 	err = scpUpload(testFilePath, remoteUpPath, true, false)
    3260. 

  3260. 	if err == nil {
    3261. 

  3261. 		t.Errorf("scp upload must fail, the user cannot ovewrite existing files")
    3262. 

  3262. 	}
    3263. 

  3263. 	err = os.Remove(testFilePath)
    3264. 

  3264. 	if err != nil {
    3265. 

  3265. 		t.Errorf("error removing test file")
    3266. 

  3266. 	}
    3267. 

  3267. 	err = os.RemoveAll(user.GetHomeDir())
    3268. 

  3268. 	if err != nil {
    3269. 

  3269. 		t.Errorf("error removing uploaded files")
    3270. 

  3270. 	}
    3271. 

  3271. 	_, err = httpd.RemoveUser(user, http.StatusOK)
    3272. 

  3272. 	if err != nil {
    3273. 

  3273. 		t.Errorf("unable to remove user: %v", err)
    3274. 

  3274. 	}
    3275. 

  3275. }
    3276. 

  3276. 

  3277. func TestSCPPermDownload(t *testing.T) {
    3278. 

  3278. 	if len(scpPath) == 0 {
    3279. 

  3279. 		t.Skip("scp command not found, unable to execute this test")
    3280. 

  3280. 	}
    3281. 

  3281. 	usePubKey := true
    3282. 

  3282. 	u := getTestUser(usePubKey)
    3283. 

  3283. 	u.Permissions["/"] = []string{dataprovider.PermUpload, dataprovider.PermCreateDirs}
    3284. 

  3284. 	user, _, err := httpd.AddUser(u, http.StatusOK)
    3285. 

  3285. 	if err != nil {
    3286. 

  3286. 		t.Errorf("unable to add user: %v", err)
    3287. 

  3287. 	}
    3288. 

  3288. 	testFileName := "test_file.dat"
    3289. 

  3289. 	testFilePath := filepath.Join(homeBasePath, testFileName)
    3290. 

  3290. 	testFileSize := int64(65537)
    3291. 

  3291. 	err = createTestFile(testFilePath, testFileSize)
    3292. 

  3292. 	if err != nil {
    3293. 

  3293. 		t.Errorf("unable to create test file: %v", err)
    3294. 

  3294. 	}
    3295. 

  3295. 	remoteUpPath := fmt.Sprintf("%[email protected]:%v", user.Username, "/")
    3296. 

  3296. 	err = scpUpload(testFilePath, remoteUpPath, true, false)
    3297. 

  3297. 	if err != nil {
    3298. 

  3298. 		t.Errorf("error uploading existing file via scp: %v", err)
    3299. 

  3299. 	}
    3300. 

  3300. 	remoteDownPath := fmt.Sprintf("%[email protected]:%v", user.Username, path.Join("/", testFileName))
    3301. 

  3301. 	localPath := filepath.Join(homeBasePath, "scp_download.dat")
    3302. 

  3302. 	err = scpDownload(localPath, remoteDownPath, false, false)
    3303. 

  3303. 	if err == nil {
    3304. 

  3304. 		t.Errorf("scp download must fail, the user cannot download")
    3305. 

  3305. 	}
    3306. 

  3306. 	err = os.Remove(testFilePath)
    3307. 

  3307. 	if err != nil {
    3308. 

  3308. 		t.Errorf("error removing test file")
    3309. 

  3309. 	}
    3310. 

  3310. 	err = os.RemoveAll(user.GetHomeDir())
    3311. 

  3311. 	if err != nil {
    3312. 

  3312. 		t.Errorf("error removing uploaded files")
    3313. 

  3313. 	}
    3314. 

  3314. 	_, err = httpd.RemoveUser(user, http.StatusOK)
    3315. 

  3315. 	if err != nil {
    3316. 

  3316. 		t.Errorf("unable to remove user: %v", err)
    3317. 

  3317. 	}
    3318. 

  3318. }
    3319. 

  3319. 

  3320. func TestSCPQuotaSize(t *testing.T) {
    3321. 

  3321. 	if len(scpPath) == 0 {
    3322. 

  3322. 		t.Skip("scp command not found, unable to execute this test")
    3323. 

  3323. 	}
    3324. 

  3324. 	usePubKey := true
    3325. 

  3325. 	testFileSize := int64(65535)
    3326. 

  3326. 	u := getTestUser(usePubKey)
    3327. 

  3327. 	u.QuotaFiles = 1
    3328. 

  3328. 	u.QuotaSize = testFileSize - 1
    3329. 

  3329. 	user, _, err := httpd.AddUser(u, http.StatusOK)
    3330. 

  3330. 	if err != nil {
    3331. 

  3331. 		t.Errorf("unable to add user: %v", err)
    3332. 

  3332. 	}
    3333. 

  3333. 	testFileName := "test_file.dat"
    3334. 

  3334. 	testFilePath := filepath.Join(homeBasePath, testFileName)
    3335. 

  3335. 	err = createTestFile(testFilePath, testFileSize)
    3336. 

  3336. 	if err != nil {
    3337. 

  3337. 		t.Errorf("unable to create test file: %v", err)
    3338. 

  3338. 	}
    3339. 

  3339. 	remoteUpPath := fmt.Sprintf("%[email protected]:%v", user.Username, path.Join("/", testFileName))
    3340. 

  3340. 	err = scpUpload(testFilePath, remoteUpPath, true, false)
    3341. 

  3341. 	if err != nil {
    3342. 

  3342. 		t.Errorf("error uploading existing file via scp: %v", err)
    3343. 

  3343. 	}
    3344. 

  3344. 	err = scpUpload(testFilePath, remoteUpPath+".quota", true, false)
    3345. 

  3345. 	if err == nil {
    3346. 

  3346. 		t.Errorf("user is over quota scp upload must fail")
    3347. 

  3347. 	}
    3348. 

  3348. 	err = os.Remove(testFilePath)
    3349. 

  3349. 	if err != nil {
    3350. 

  3350. 		t.Errorf("error removing test file")
    3351. 

  3351. 	}
    3352. 

  3352. 	err = os.RemoveAll(user.GetHomeDir())
    3353. 

  3353. 	if err != nil {
    3354. 

  3354. 		t.Errorf("error removing uploaded files")
    3355. 

  3355. 	}
    3356. 

  3356. 	_, err = httpd.RemoveUser(user, http.StatusOK)
    3357. 

  3357. 	if err != nil {
    3358. 

  3358. 		t.Errorf("unable to remove user: %v", err)
    3359. 

  3359. 	}
    3360. 

  3360. }
    3361. 

  3361. 

  3362. func TestSCPEscapeHomeDir(t *testing.T) {
    3363. 

  3363. 	if len(scpPath) == 0 {
    3364. 

  3364. 		t.Skip("scp command not found, unable to execute this test")
    3365. 

  3365. 	}
    3366. 

  3366. 	usePubKey := true
    3367. 

  3367. 	user, _, err := httpd.AddUser(getTestUser(usePubKey), http.StatusOK)
    3368. 

  3368. 	if err != nil {
    3369. 

  3369. 		t.Errorf("unable to add user: %v", err)
    3370. 

  3370. 	}
    3371. 

  3371. 	os.MkdirAll(user.GetHomeDir(), 0777)
    3372. 

  3372. 	testDir := "testDir"
    3373. 

  3373. 	linkPath := filepath.Join(homeBasePath, defaultUsername, testDir)
    3374. 

  3374. 	err = os.Symlink(homeBasePath, linkPath)
    3375. 

  3375. 	if err != nil {
    3376. 

  3376. 		t.Errorf("error making local symlink: %v", err)
    3377. 

  3377. 	}
    3378. 

  3378. 	testFileName := "test_file.dat"
    3379. 

  3379. 	testFilePath := filepath.Join(homeBasePath, testFileName)
    3380. 

  3380. 	testFileSize := int64(65535)
    3381. 

  3381. 	err = createTestFile(testFilePath, testFileSize)
    3382. 

  3382. 	if err != nil {
    3383. 

  3383. 		t.Errorf("unable to create test file: %v", err)
    3384. 

  3384. 	}
    3385. 

  3385. 	remoteUpPath := fmt.Sprintf("%[email protected]:%v", user.Username, path.Join(testDir, testDir))
    3386. 

  3386. 	err = scpUpload(testFilePath, remoteUpPath, false, false)
    3387. 

  3387. 	if err == nil {
    3388. 

  3388. 		t.Errorf("uploading to a dir with a symlink outside home dir must fail")
    3389. 

  3389. 	}
    3390. 

  3390. 	remoteDownPath := fmt.Sprintf("%[email protected]:%v", user.Username, path.Join("/", testDir, testFileName))
    3391. 

  3391. 	localPath := filepath.Join(homeBasePath, "scp_download.dat")
    3392. 

  3392. 	err = scpDownload(localPath, remoteDownPath, false, false)
    3393. 

  3393. 	if err == nil {
    3394. 

  3394. 		t.Errorf("scp download must fail, the requested file has a symlink outside user home")
    3395. 

  3395. 	}
    3396. 

  3396. 	remoteDownPath = fmt.Sprintf("%[email protected]:%v", user.Username, path.Join("/", testDir))
    3397. 

  3397. 	err = scpDownload(homeBasePath, remoteDownPath, false, true)
    3398. 

  3398. 	if err == nil {
    3399. 

  3399. 		t.Errorf("scp download must fail, the requested dir is a symlink outside user home")
    3400. 

  3400. 	}
    3401. 

  3401. 	err = os.Remove(testFilePath)
    3402. 

  3402. 	if err != nil {
    3403. 

  3403. 		t.Errorf("error removing test file")
    3404. 

  3404. 	}
    3405. 

  3405. 	err = os.RemoveAll(user.GetHomeDir())
    3406. 

  3406. 	if err != nil {
    3407. 

  3407. 		t.Errorf("error removing uploaded files")
    3408. 

  3408. 	}
    3409. 

  3409. 	_, err = httpd.RemoveUser(user, http.StatusOK)
    3410. 

  3410. 	if err != nil {
    3411. 

  3411. 		t.Errorf("unable to remove user: %v", err)
    3412. 

  3412. 	}
    3413. 

  3413. }
    3414. 

  3414. 

  3415. func TestSCPUploadPaths(t *testing.T) {
    3416. 

  3416. 	if len(scpPath) == 0 {
    3417. 

  3417. 		t.Skip("scp command not found, unable to execute this test")
    3418. 

  3418. 	}
    3419. 

  3419. 	usePubKey := true
    3420. 

  3420. 	user, _, err := httpd.AddUser(getTestUser(usePubKey), http.StatusOK)
    3421. 

  3421. 	if err != nil {
    3422. 

  3422. 		t.Errorf("unable to add user: %v", err)
    3423. 

  3423. 	}
    3424. 

  3424. 	testFileName := "test_file.dat"
    3425. 

  3425. 	testFilePath := filepath.Join(homeBasePath, testFileName)
    3426. 

  3426. 	testFileSize := int64(65535)
    3427. 

  3427. 	testDirName := "testDir"
    3428. 

  3428. 	testDirPath := filepath.Join(user.GetHomeDir(), testDirName)
    3429. 

  3429. 	os.MkdirAll(testDirPath, 0777)
    3430. 

  3430. 	err = createTestFile(testFilePath, testFileSize)
    3431. 

  3431. 	if err != nil {
    3432. 

  3432. 		t.Errorf("unable to create test file: %v", err)
    3433. 

  3433. 	}
    3434. 

  3434. 	remoteUpPath := fmt.Sprintf("%[email protected]:%v", user.Username, testDirName)
    3435. 

  3435. 	remoteDownPath := fmt.Sprintf("%[email protected]:%v", user.Username, path.Join(testDirName, testFileName))
    3436. 

  3436. 	localPath := filepath.Join(homeBasePath, "scp_download.dat")
    3437. 

  3437. 	err = scpUpload(testFilePath, remoteUpPath, false, false)
    3438. 

  3438. 	if err != nil {
    3439. 

  3439. 		t.Errorf("scp upload error: %v", err)
    3440. 

  3440. 	}
    3441. 

  3441. 	err = scpDownload(localPath, remoteDownPath, false, false)
    3442. 

  3442. 	if err != nil {
    3443. 

  3443. 		t.Errorf("scp download error: %v", err)
    3444. 

  3444. 	}
    3445. 

  3445. 	// upload a file to a missing dir
    3446. 

  3446. 	remoteUpPath = fmt.Sprintf("%[email protected]:%v", user.Username, path.Join(testDirName, testDirName, testFileName))
    3447. 

  3447. 	err = scpUpload(testFilePath, remoteUpPath, false, false)
    3448. 

  3448. 	if err == nil {
    3449. 

  3449. 		t.Errorf("scp upload to a missing dir must fail")
    3450. 

  3450. 	}
    3451. 

  3451. 	err = os.RemoveAll(user.GetHomeDir())
    3452. 

  3452. 	if err != nil {
    3453. 

  3453. 		t.Errorf("error removing uploaded files")
    3454. 

  3454. 	}
    3455. 

  3455. 	os.Remove(localPath)
    3456. 

  3456. 	_, err = httpd.RemoveUser(user, http.StatusOK)
    3457. 

  3457. 	if err != nil {
    3458. 

  3458. 		t.Errorf("unable to remove user: %v", err)
    3459. 

  3459. 	}
    3460. 

  3460. }
    3461. 

  3461. 

  3462. func TestSCPOverwriteDirWithFile(t *testing.T) {
    3463. 

  3463. 	if len(scpPath) == 0 {
    3464. 

  3464. 		t.Skip("scp command not found, unable to execute this test")
    3465. 

  3465. 	}
    3466. 

  3466. 	usePubKey := true
    3467. 

  3467. 	user, _, err := httpd.AddUser(getTestUser(usePubKey), http.StatusOK)
    3468. 

  3468. 	if err != nil {
    3469. 

  3469. 		t.Errorf("unable to add user: %v", err)
    3470. 

  3470. 	}
    3471. 

  3471. 	testFileName := "test_file.dat"
    3472. 

  3472. 	testFilePath := filepath.Join(homeBasePath, testFileName)
    3473. 

  3473. 	testFileSize := int64(65535)
    3474. 

  3474. 	testDirPath := filepath.Join(user.GetHomeDir(), testFileName)
    3475. 

  3475. 	os.MkdirAll(testDirPath, 0777)
    3476. 

  3476. 	err = createTestFile(testFilePath, testFileSize)
    3477. 

  3477. 	if err != nil {
    3478. 

  3478. 		t.Errorf("unable to create test file: %v", err)
    3479. 

  3479. 	}
    3480. 

  3480. 	remoteUpPath := fmt.Sprintf("%[email protected]:%v", user.Username, "/")
    3481. 

  3481. 	err = scpUpload(testFilePath, remoteUpPath, false, false)
    3482. 

  3482. 	if err == nil {
    3483. 

  3483. 		t.Errorf("copying a file over an existing dir must fail")
    3484. 

  3484. 	}
    3485. 

  3485. 	err = os.RemoveAll(user.GetHomeDir())
    3486. 

  3486. 	if err != nil {
    3487. 

  3487. 		t.Errorf("error removing uploaded files")
    3488. 

  3488. 	}
    3489. 

  3489. 	_, err = httpd.RemoveUser(user, http.StatusOK)
    3490. 

  3490. 	if err != nil {
    3491. 

  3491. 		t.Errorf("unable to remove user: %v", err)
    3492. 

  3492. 	}
    3493. 

  3493. }
    3494. 

  3494. 

  3495. func TestSCPRemoteToRemote(t *testing.T) {
    3496. 

  3496. 	if len(scpPath) == 0 {
    3497. 

  3497. 		t.Skip("scp command not found, unable to execute this test")
    3498. 

  3498. 	}
    3499. 

  3499. 	usePubKey := true
    3500. 

  3500. 	user, _, err := httpd.AddUser(getTestUser(usePubKey), http.StatusOK)
    3501. 

  3501. 	if err != nil {
    3502. 

  3502. 		t.Errorf("unable to add user: %v", err)
    3503. 

  3503. 	}
    3504. 

  3504. 	u := getTestUser(usePubKey)
    3505. 

  3505. 	u.Username += "1"
    3506. 

  3506. 	u.HomeDir += "1"
    3507. 

  3507. 	user1, _, err := httpd.AddUser(u, http.StatusOK)
    3508. 

  3508. 	if err != nil {
    3509. 

  3509. 		t.Errorf("unable to add user: %v", err)
    3510. 

  3510. 	}
    3511. 

  3511. 	testFileName := "test_file.dat"
    3512. 

  3512. 	testFilePath := filepath.Join(homeBasePath, testFileName)
    3513. 

  3513. 	testFileSize := int64(65535)
    3514. 

  3514. 	err = createTestFile(testFilePath, testFileSize)
    3515. 

  3515. 	if err != nil {
    3516. 

  3516. 		t.Errorf("unable to create test file: %v", err)
    3517. 

  3517. 	}
    3518. 

  3518. 	remoteUpPath := fmt.Sprintf("%[email protected]:%v", user.Username, path.Join("/", testFileName))
    3519. 

  3519. 	remote1UpPath := fmt.Sprintf("%[email protected]:%v", user1.Username, path.Join("/", testFileName))
    3520. 

  3520. 	err = scpUpload(testFilePath, remoteUpPath, false, false)
    3521. 

  3521. 	if err != nil {
    3522. 

  3522. 		t.Errorf("scp upload error: %v", err)
    3523. 

  3523. 	}
    3524. 

  3524. 	err = scpUpload(remoteUpPath, remote1UpPath, false, true)
    3525. 

  3525. 	if err != nil {
    3526. 

  3526. 		t.Errorf("scp upload remote to remote error: %v", err)
    3527. 

  3527. 	}
    3528. 

  3528. 	err = os.RemoveAll(user.GetHomeDir())
    3529. 

  3529. 	if err != nil {
    3530. 

  3530. 		t.Errorf("error removing uploaded files")
    3531. 

  3531. 	}
    3532. 

  3532. 	_, err = httpd.RemoveUser(user, http.StatusOK)
    3533. 

  3533. 	if err != nil {
    3534. 

  3534. 		t.Errorf("unable to remove user: %v", err)
    3535. 

  3535. 	}
    3536. 

  3536. 	err = os.RemoveAll(user1.GetHomeDir())
    3537. 

  3537. 	if err != nil {
    3538. 

  3538. 		t.Errorf("error removing uploaded files for user1")
    3539. 

  3539. 	}
    3540. 

  3540. 	_, err = httpd.RemoveUser(user1, http.StatusOK)
    3541. 

  3541. 	if err != nil {
    3542. 

  3542. 		t.Errorf("unable to remove user1: %v", err)
    3543. 

  3543. 	}
    3544. 

  3544. }
    3545. 

  3545. 

  3546. func TestSCPErrors(t *testing.T) {
    3547. 

  3547. 	if len(scpPath) == 0 {
    3548. 

  3548. 		t.Skip("scp command not found, unable to execute this test")
    3549. 

  3549. 	}
    3550. 

  3550. 	u := getTestUser(true)
    3551. 

  3551. 	user, _, err := httpd.AddUser(u, http.StatusOK)
    3552. 

  3552. 	if err != nil {
    3553. 

  3553. 		t.Errorf("unable to add user: %v", err)
    3554. 

  3554. 	}
    3555. 

  3555. 	testFileSize := int64(524288)
    3556. 

  3556. 	testFileName := "test_file.dat"
    3557. 

  3557. 	testFilePath := filepath.Join(homeBasePath, testFileName)
    3558. 

  3558. 	err = createTestFile(testFilePath, testFileSize)
    3559. 

  3559. 	if err != nil {
    3560. 

  3560. 		t.Errorf("unable to create test file: %v", err)
    3561. 

  3561. 	}
    3562. 

  3562. 	remoteUpPath := fmt.Sprintf("%[email protected]:%v", user.Username, "/")
    3563. 

  3563. 	remoteDownPath := fmt.Sprintf("%[email protected]:%v", user.Username, path.Join("/", testFileName))
    3564. 

  3564. 	localPath := filepath.Join(homeBasePath, "scp_download.dat")
    3565. 

  3565. 	err = scpUpload(testFilePath, remoteUpPath, false, false)
    3566. 

  3566. 	if err != nil {
    3567. 

  3567. 		t.Errorf("error uploading file via scp: %v", err)
    3568. 

  3568. 	}
    3569. 

  3569. 	user.UploadBandwidth = 512
    3570. 

  3570. 	user.DownloadBandwidth = 512
    3571. 

  3571. 	_, _, err = httpd.UpdateUser(user, http.StatusOK)
    3572. 

  3572. 	if err != nil {
    3573. 

  3573. 		t.Errorf("unable to update user: %v", err)
    3574. 

  3574. 	}
    3575. 

  3575. 	cmd := getScpDownloadCommand(localPath, remoteDownPath, false, false)
    3576. 

  3576. 	go func() {
    3577. 

  3577. 		if cmd.Run() == nil {
    3578. 

  3578. 			t.Errorf("SCP download must fail")
    3579. 

  3579. 		}
    3580. 

  3580. 	}()
    3581. 

  3581. 	waitForActiveTransfer()
    3582. 

  3582. 	// wait some additional arbitrary time to wait for transfer activity to happen
    3583. 

  3583. 	// it is need to reach all the code in CheckIdleConnections
    3584. 

  3584. 	time.Sleep(100 * time.Millisecond)
    3585. 

  3585. 	cmd.Process.Kill()
    3586. 

  3586. 	waitForNoActiveTransfer()
    3587. 

  3587. 	cmd = getScpUploadCommand(testFilePath, remoteUpPath, false, false)
    3588. 

  3588. 	go func() {
    3589. 

  3589. 		if cmd.Run() == nil {
    3590. 

  3590. 			t.Errorf("SCP upload must fail")
    3591. 

  3591. 		}
    3592. 

  3592. 	}()
    3593. 

  3593. 	waitForActiveTransfer()
    3594. 

  3594. 	// wait some additional arbitrary time to wait for transfer activity to happen
    3595. 

  3595. 	// it is need to reach all the code in CheckIdleConnections
    3596. 

  3596. 	time.Sleep(100 * time.Millisecond)
    3597. 

  3597. 	cmd.Process.Kill()
    3598. 

  3598. 	waitForNoActiveTransfer()
    3599. 

  3599. 	err = os.Remove(testFilePath)
    3600. 

  3600. 	if err != nil {
    3601. 

  3601. 		t.Errorf("error removing test file")
    3602. 

  3602. 	}
    3603. 

  3603. 	os.Remove(localPath)
    3604. 

  3604. 	err = os.RemoveAll(user.GetHomeDir())
    3605. 

  3605. 	if err != nil {
    3606. 

  3606. 		t.Errorf("error removing uploaded files")
    3607. 

  3607. 	}
    3608. 

  3608. 	_, err = httpd.RemoveUser(user, http.StatusOK)
    3609. 

  3609. 	if err != nil {
    3610. 

  3610. 		t.Errorf("unable to remove user: %v", err)
    3611. 

  3611. 	}
    3612. 

  3612. }
    3613. 

  3613. 

  3614. // End SCP tests
    3615. 

  3615. 

  3616. func waitTCPListening(address string) {
    3617. 

  3617. 	for {
    3618. 

  3618. 		conn, err := net.Dial("tcp", address)
    3619. 

  3619. 		if err != nil {
    3620. 

  3620. 			logger.WarnToConsole("tcp server %v not listening: %v\n", address, err)
    3621. 

  3621. 			time.Sleep(100 * time.Millisecond)
    3622. 

  3622. 			continue
    3623. 

  3623. 		}
    3624. 

  3624. 		logger.InfoToConsole("tcp server %v now listening\n", address)
    3625. 

  3625. 		defer conn.Close()
    3626. 

  3626. 		break
    3627. 

  3627. 	}
    3628. 

  3628. }
    3629. 

  3629. 

  3630. func getTestUser(usePubKey bool) dataprovider.User {
    3631. 

  3631. 	user := dataprovider.User{
    3632. 

  3632. 		Username:       defaultUsername,
    3633. 

  3633. 		Password:       defaultPassword,
    3634. 

  3634. 		HomeDir:        filepath.Join(homeBasePath, defaultUsername),
    3635. 

  3635. 		Status:         1,
    3636. 

  3636. 		ExpirationDate: 0,
    3637. 

  3637. 	}
    3638. 

  3638. 	user.Permissions = make(map[string][]string)
    3639. 

  3639. 	user.Permissions["/"] = allPerms
    3640. 

  3640. 	if usePubKey {
    3641. 

  3641. 		user.PublicKeys = []string{testPubKey}
    3642. 

  3642. 		user.Password = ""
    3643. 

  3643. 	}
    3644. 

  3644. 	return user
    3645. 

  3645. }
    3646. 

  3646. 

  3647. func runSSHCommand(command string, user dataprovider.User, usePubKey bool) ([]byte, error) {
    3648. 

  3648. 	var sshSession *ssh.Session
    3649. 

  3649. 	var output []byte
    3650. 

  3650. 	config := &ssh.ClientConfig{
    3651. 

  3651. 		User: defaultUsername,
    3652. 

  3652. 		HostKeyCallback: func(hostname string, remote net.Addr, key ssh.PublicKey) error {
    3653. 

  3653. 			return nil
    3654. 

  3654. 		},
    3655. 

  3655. 	}
    3656. 

  3656. 	if usePubKey {
    3657. 

  3657. 		key, err := ssh.ParsePrivateKey([]byte(testPrivateKey))
    3658. 

  3658. 		if err != nil {
    3659. 

  3659. 			return output, err
    3660. 

  3660. 		}
    3661. 

  3661. 		config.Auth = []ssh.AuthMethod{ssh.PublicKeys(key)}
    3662. 

  3662. 	} else {
    3663. 

  3663. 		config.Auth = []ssh.AuthMethod{ssh.Password(defaultPassword)}
    3664. 

  3664. 	}
    3665. 

  3665. 	conn, err := ssh.Dial("tcp", sftpServerAddr, config)
    3666. 

  3666. 	if err != nil {
    3667. 

  3667. 		return output, err
    3668. 

  3668. 	}
    3669. 

  3669. 	defer conn.Close()
    3670. 

  3670. 	sshSession, err = conn.NewSession()
    3671. 

  3671. 	if err != nil {
    3672. 

  3672. 		return output, err
    3673. 

  3673. 	}
    3674. 

  3674. 	var stdout, stderr bytes.Buffer
    3675. 

  3675. 	sshSession.Stdout = &stdout
    3676. 

  3676. 	sshSession.Stderr = &stderr
    3677. 

  3677. 	err = sshSession.Run(command)
    3678. 

  3678. 	if err != nil {
    3679. 

  3679. 		return nil, fmt.Errorf("failed to run command %v: %v", command, stderr.Bytes())
    3680. 

  3680. 	}
    3681. 

  3681. 	return stdout.Bytes(), err
    3682. 

  3682. }
    3683. 

  3683. 

  3684. func getSftpClient(user dataprovider.User, usePubKey bool) (*sftp.Client, error) {
    3685. 

  3685. 	var sftpClient *sftp.Client
    3686. 

  3686. 	config := &ssh.ClientConfig{
    3687. 

  3687. 		User: user.Username,
    3688. 

  3688. 		HostKeyCallback: func(hostname string, remote net.Addr, key ssh.PublicKey) error {
    3689. 

  3689. 			return nil
    3690. 

  3690. 		},
    3691. 

  3691. 	}
    3692. 

  3692. 	if usePubKey {
    3693. 

  3693. 		key, err := ssh.ParsePrivateKey([]byte(testPrivateKey))
    3694. 

  3694. 		if err != nil {
    3695. 

  3695. 			return nil, err
    3696. 

  3696. 		}
    3697. 

  3697. 		config.Auth = []ssh.AuthMethod{ssh.PublicKeys(key)}
    3698. 

  3698. 	} else {
    3699. 

  3699. 		if len(user.Password) > 0 {
    3700. 

  3700. 			config.Auth = []ssh.AuthMethod{ssh.Password(user.Password)}
    3701. 

  3701. 		} else {
    3702. 

  3702. 			config.Auth = []ssh.AuthMethod{ssh.Password(defaultPassword)}
    3703. 

  3703. 		}
    3704. 

  3704. 	}
    3705. 

  3705. 	conn, err := ssh.Dial("tcp", sftpServerAddr, config)
    3706. 

  3706. 	if err != nil {
    3707. 

  3707. 		return sftpClient, err
    3708. 

  3708. 	}
    3709. 

  3709. 	sftpClient, err = sftp.NewClient(conn)
    3710. 

  3710. 	return sftpClient, err
    3711. 

  3711. }
    3712. 

  3712. 

  3713. func createTestFile(path string, size int64) error {
    3714. 

  3714. 	baseDir := filepath.Dir(path)
    3715. 

  3715. 	if _, err := os.Stat(baseDir); os.IsNotExist(err) {
    3716. 

  3716. 		os.MkdirAll(baseDir, 0777)
    3717. 

  3717. 	}
    3718. 

  3718. 	content := make([]byte, size)
    3719. 

  3719. 	_, err := rand.Read(content)
    3720. 

  3720. 	if err != nil {
    3721. 

  3721. 		return err
    3722. 

  3722. 	}
    3723. 

  3723. 	return ioutil.WriteFile(path, content, 0666)
    3724. 

  3724. }
    3725. 

  3725. 

  3726. func appendToTestFile(path string, size int64) error {
    3727. 

  3727. 	content := make([]byte, size)
    3728. 

  3728. 	_, err := rand.Read(content)
    3729. 

  3729. 	if err != nil {
    3730. 

  3730. 		return err
    3731. 

  3731. 	}
    3732. 

  3732. 	f, err := os.OpenFile(path, os.O_APPEND|os.O_WRONLY, 0666)
    3733. 

  3733. 	if err != nil {
    3734. 

  3734. 		return err
    3735. 

  3735. 	}
    3736. 

  3736. 	written, err := io.Copy(f, bytes.NewReader(content))
    3737. 

  3737. 	if err != nil {
    3738. 

  3738. 		return err
    3739. 

  3739. 	}
    3740. 

  3740. 	if int64(written) != size {
    3741. 

  3741. 		return fmt.Errorf("write error, written: %v/%v", written, size)
    3742. 

  3742. 	}
    3743. 

  3743. 	return nil
    3744. 

  3744. }
    3745. 

  3745. 

  3746. func sftpUploadFile(localSourcePath string, remoteDestPath string, expectedSize int64, client *sftp.Client) error {
    3747. 

  3747. 	srcFile, err := os.Open(localSourcePath)
    3748. 

  3748. 	if err != nil {
    3749. 

  3749. 		return err
    3750. 

  3750. 	}
    3751. 

  3751. 	defer srcFile.Close()
    3752. 

  3752. 	destFile, err := client.Create(remoteDestPath)
    3753. 

  3753. 	if err != nil {
    3754. 

  3754. 		return err
    3755. 

  3755. 	}
    3756. 

  3756. 	_, err = io.Copy(destFile, srcFile)
    3757. 

  3757. 	if err != nil {
    3758. 

  3758. 		destFile.Close()
    3759. 

  3759. 		return err
    3760. 

  3760. 	}
    3761. 

  3761. 	// we need to close the file to trigger the close method on server
    3762. 

  3762. 	// we cannot defer closing or Lstat will fail for uploads in atomic mode
    3763. 

  3763. 	destFile.Close()
    3764. 

  3764. 	if expectedSize > 0 {
    3765. 

  3765. 		fi, err := client.Stat(remoteDestPath)
    3766. 

  3766. 		if err != nil {
    3767. 

  3767. 			return err
    3768. 

  3768. 		}
    3769. 

  3769. 		if fi.Size() != expectedSize {
    3770. 

  3770. 			return fmt.Errorf("uploaded file size does not match, actual: %v, expected: %v", fi.Size(), expectedSize)
    3771. 

  3771. 		}
    3772. 

  3772. 	}
    3773. 

  3773. 	return err
    3774. 

  3774. }
    3775. 

  3775. 

  3776. func sftpUploadResumeFile(localSourcePath string, remoteDestPath string, expectedSize int64, invalidOffset bool,
    3777. 

  3777. 	client *sftp.Client) error {
    3778. 

  3778. 	srcFile, err := os.Open(localSourcePath)
    3779. 

  3779. 	if err != nil {
    3780. 

  3780. 		return err
    3781. 

  3781. 	}
    3782. 

  3782. 	defer srcFile.Close()
    3783. 

  3783. 	fi, err := client.Lstat(remoteDestPath)
    3784. 

  3784. 	if err != nil {
    3785. 

  3785. 		return err
    3786. 

  3786. 	}
    3787. 

  3787. 	if !invalidOffset {
    3788. 

  3788. 		_, err = srcFile.Seek(fi.Size(), 0)
    3789. 

  3789. 		if err != nil {
    3790. 

  3790. 			return err
    3791. 

  3791. 		}
    3792. 

  3792. 	}
    3793. 

  3793. 	destFile, err := client.OpenFile(remoteDestPath, os.O_WRONLY|os.O_APPEND)
    3794. 

  3794. 	if err != nil {
    3795. 

  3795. 		return err
    3796. 

  3796. 	}
    3797. 

  3797. 	if !invalidOffset {
    3798. 

  3798. 		_, err = destFile.Seek(fi.Size(), 0)
    3799. 

  3799. 		if err != nil {
    3800. 

  3800. 			return err
    3801. 

  3801. 		}
    3802. 

  3802. 	}
    3803. 

  3803. 	_, err = io.Copy(destFile, srcFile)
    3804. 

  3804. 	if err != nil {
    3805. 

  3805. 		destFile.Close()
    3806. 

  3806. 		return err
    3807. 

  3807. 	}
    3808. 

  3808. 	// we need to close the file to trigger the close method on server
    3809. 

  3809. 	// we cannot defer closing or Lstat will fail for upload atomic mode
    3810. 

  3810. 	destFile.Close()
    3811. 

  3811. 	if expectedSize > 0 {
    3812. 

  3812. 		fi, err := client.Lstat(remoteDestPath)
    3813. 

  3813. 		if err != nil {
    3814. 

  3814. 			return err
    3815. 

  3815. 		}
    3816. 

  3816. 		if fi.Size() != expectedSize {
    3817. 

  3817. 			return fmt.Errorf("uploaded file size does not match, actual: %v, expected: %v", fi.Size(), expectedSize)
    3818. 

  3818. 		}
    3819. 

  3819. 	}
    3820. 

  3820. 	return err
    3821. 

  3821. }
    3822. 

  3822. 

  3823. func sftpDownloadFile(remoteSourcePath string, localDestPath string, expectedSize int64, client *sftp.Client) error {
    3824. 

  3824. 	downloadDest, err := os.Create(localDestPath)
    3825. 

  3825. 	if err != nil {
    3826. 

  3826. 		return err
    3827. 

  3827. 	}
    3828. 

  3828. 	defer downloadDest.Close()
    3829. 

  3829. 	sftpSrcFile, err := client.Open(remoteSourcePath)
    3830. 

  3830. 	if err != nil {
    3831. 

  3831. 		return err
    3832. 

  3832. 	}
    3833. 

  3833. 	defer sftpSrcFile.Close()
    3834. 

  3834. 	_, err = io.Copy(downloadDest, sftpSrcFile)
    3835. 

  3835. 	if err != nil {
    3836. 

  3836. 		return err
    3837. 

  3837. 	}
    3838. 

  3838. 	err = downloadDest.Sync()
    3839. 

  3839. 	if err != nil {
    3840. 

  3840. 		return err
    3841. 

  3841. 	}
    3842. 

  3842. 	if expectedSize > 0 {
    3843. 

  3843. 		fi, err := downloadDest.Stat()
    3844. 

  3844. 		if err != nil {
    3845. 

  3845. 			return err
    3846. 

  3846. 		}
    3847. 

  3847. 		if fi.Size() != expectedSize {
    3848. 

  3848. 			return fmt.Errorf("downloaded file size does not match, actual: %v, expected: %v", fi.Size(), expectedSize)
    3849. 

  3849. 		}
    3850. 

  3850. 	}
    3851. 

  3851. 	return err
    3852. 

  3852. }
    3853. 

  3853. 

  3854. func sftpUploadNonBlocking(localSourcePath string, remoteDestPath string, expectedSize int64, client *sftp.Client) <-chan error {
    3855. 

  3855. 	c := make(chan error)
    3856. 

  3856. 	go func() {
    3857. 

  3857. 		c <- sftpUploadFile(localSourcePath, remoteDestPath, expectedSize, client)
    3858. 

  3858. 	}()
    3859. 

  3859. 	return c
    3860. 

  3860. }
    3861. 

  3861. 

  3862. func sftpDownloadNonBlocking(remoteSourcePath string, localDestPath string, expectedSize int64, client *sftp.Client) <-chan error {
    3863. 

  3863. 	c := make(chan error)
    3864. 

  3864. 	go func() {
    3865. 

  3865. 		c <- sftpDownloadFile(remoteSourcePath, localDestPath, expectedSize, client)
    3866. 

  3866. 	}()
    3867. 

  3867. 	return c
    3868. 

  3868. }
    3869. 

  3869. 

  3870. func scpUpload(localPath, remotePath string, preserveTime, remoteToRemote bool) error {
    3871. 

  3871. 	cmd := getScpUploadCommand(localPath, remotePath, preserveTime, remoteToRemote)
    3872. 

  3872. 	return cmd.Run()
    3873. 

  3873. }
    3874. 

  3874. 

  3875. func scpDownload(localPath, remotePath string, preserveTime, recursive bool) error {
    3876. 

  3876. 	cmd := getScpDownloadCommand(localPath, remotePath, preserveTime, recursive)
    3877. 

  3877. 	return cmd.Run()
    3878. 

  3878. }
    3879. 

  3879. 

  3880. func getScpDownloadCommand(localPath, remotePath string, preserveTime, recursive bool) *exec.Cmd {
    3881. 

  3881. 	var args []string
    3882. 

  3882. 	if preserveTime {
    3883. 

  3883. 		args = append(args, "-p")
    3884. 

  3884. 	}
    3885. 

  3885. 	if recursive {
    3886. 

  3886. 		args = append(args, "-r")
    3887. 

  3887. 	}
    3888. 

  3888. 	args = append(args, "-P")
    3889. 

  3889. 	args = append(args, "2022")
    3890. 

  3890. 	args = append(args, "-o")
    3891. 

  3891. 	args = append(args, "StrictHostKeyChecking=no")
    3892. 

  3892. 	args = append(args, "-i")
    3893. 

  3893. 	args = append(args, privateKeyPath)
    3894. 

  3894. 	args = append(args, remotePath)
    3895. 

  3895. 	args = append(args, localPath)
    3896. 

  3896. 	return exec.Command(scpPath, args...)
    3897. 

  3897. }
    3898. 

  3898. 

  3899. func getScpUploadCommand(localPath, remotePath string, preserveTime, remoteToRemote bool) *exec.Cmd {
    3900. 

  3900. 	var args []string
    3901. 

  3901. 	if remoteToRemote {
    3902. 

  3902. 		args = append(args, "-3")
    3903. 

  3903. 	}
    3904. 

  3904. 	if preserveTime {
    3905. 

  3905. 		args = append(args, "-p")
    3906. 

  3906. 	}
    3907. 

  3907. 	fi, err := os.Stat(localPath)
    3908. 

  3908. 	if err == nil {
    3909. 

  3909. 		if fi.IsDir() {
    3910. 

  3910. 			args = append(args, "-r")
    3911. 

  3911. 		}
    3912. 

  3912. 	}
    3913. 

  3913. 	args = append(args, "-P")
    3914. 

  3914. 	args = append(args, "2022")
    3915. 

  3915. 	args = append(args, "-o")
    3916. 

  3916. 	args = append(args, "StrictHostKeyChecking=no")
    3917. 

  3917. 	args = append(args, "-i")
    3918. 

  3918. 	args = append(args, privateKeyPath)
    3919. 

  3919. 	args = append(args, localPath)
    3920. 

  3920. 	args = append(args, remotePath)
    3921. 

  3921. 	return exec.Command(scpPath, args...)
    3922. 

  3922. }
    3923. 

  3923. 

  3924. func computeHashForFile(hasher hash.Hash, path string) (string, error) {
    3925. 

  3925. 	hash := ""
    3926. 

  3926. 	f, err := os.Open(path)
    3927. 

  3927. 	if err != nil {
    3928. 

  3928. 		return hash, err
    3929. 

  3929. 	}
    3930. 

  3930. 	defer f.Close()
    3931. 

  3931. 	_, err = io.Copy(hasher, f)
    3932. 

  3932. 	if err == nil {
    3933. 

  3933. 		hash = fmt.Sprintf("%x", hasher.Sum(nil))
    3934. 

  3934. 	}
    3935. 

  3935. 	return hash, err
    3936. 

  3936. }
    3937. 

  3937. 

  3938. func waitForNoActiveTransfer() {
    3939. 

  3939. 	for len(sftpd.GetConnectionsStats()) > 0 {
    3940. 

  3940. 		time.Sleep(100 * time.Millisecond)
    3941. 

  3941. 	}
    3942. 

  3942. }
    3943. 

  3943. 

  3944. func waitForActiveTransfer() {
    3945. 

  3945. 	stats := sftpd.GetConnectionsStats()
    3946. 

  3946. 	for len(stats) < 1 {
    3947. 

  3947. 		stats = sftpd.GetConnectionsStats()
    3948. 

  3948. 	}
    3949. 

  3949. 	activeTransferFound := false
    3950. 

  3950. 	for !activeTransferFound {
    3951. 

  3951. 		stats = sftpd.GetConnectionsStats()
    3952. 

  3952. 		if len(stats) == 0 {
    3953. 

  3953. 			break
    3954. 

  3954. 		}
    3955. 

  3955. 		for _, stat := range stats {
    3956. 

  3956. 			if len(stat.Transfers) > 0 {
    3957. 

  3957. 				activeTransferFound = true
    3958. 

  3958. 			}
    3959. 

  3959. 		}
    3960. 

  3960. 	}
    3961. 

  3961. }
    3962. 

  3962. 

  3963. func waitQuotaScans() error {
    3964. 

  3964. 	time.Sleep(100 * time.Millisecond)
    3965. 

  3965. 	scans, _, err := httpd.GetQuotaScans(http.StatusOK)
    3966. 

  3966. 	if err != nil {
    3967. 

  3967. 		return err
    3968. 

  3968. 	}
    3969. 

  3969. 	for len(scans) > 0 {
    3970. 

  3970. 		time.Sleep(100 * time.Millisecond)
    3971. 

  3971. 		scans, _, err = httpd.GetQuotaScans(http.StatusOK)
    3972. 

  3972. 		if err != nil {
    3973. 

  3973. 			return err
    3974. 

  3974. 		}
    3975. 

  3975. 	}
    3976. 

  3976. 	return nil
    3977. 

  3977. }
    3978. 

  3978. 

  3979. func initGitRepo(path string) ([]byte, error) {
    3980. 

  3980. 	os.MkdirAll(path, 0777)
    3981. 

  3981. 	args := []string{"init", "--bare"}
    3982. 

  3982. 	cmd := exec.Command(gitPath, args...)
    3983. 

  3983. 	cmd.Dir = path
    3984. 

  3984. 	return cmd.CombinedOutput()
    3985. 

  3985. }
    3986. 

  3986. 

  3987. func pushToGitRepo(repoPath string) ([]byte, error) {
    3988. 

  3988. 	cmd := exec.Command(gitPath, "push")
    3989. 

  3989. 	cmd.Dir = repoPath
    3990. 

  3990. 	cmd.Env = append(os.Environ(),
    3991. 

  3991. 		fmt.Sprintf("GIT_SSH=%v", gitWrapPath))
    3992. 

  3992. 	return cmd.CombinedOutput()
    3993. 

  3993. }
    3994. 

  3994. 

  3995. func cloneGitRepo(basePath, remotePath, username string) ([]byte, error) {
    3996. 

  3996. 	remoteUrl := fmt.Sprintf("ssh://%[email protected]:2022%v", username, remotePath)
    3997. 

  3997. 	args := []string{"clone", remoteUrl}
    3998. 

  3998. 	cmd := exec.Command(gitPath, args...)
    3999. 

  3999. 	cmd.Dir = basePath
    4000. 

  4000. 	cmd.Env = append(os.Environ(),
    4001. 

  4001. 		fmt.Sprintf("GIT_SSH=%v", gitWrapPath))
    4002. 

  4002. 	return cmd.CombinedOutput()
    4003. 

  4003. }
    4004. 

  4004. 

  4005. func addFileToGitRepo(repoPath string, fileSize int64) ([]byte, error) {
    4006. 

  4006. 	path := filepath.Join(repoPath, "test")
    4007. 

  4007. 	err := createTestFile(path, fileSize)
    4008. 

  4008. 	if err != nil {
    4009. 

  4009. 		return []byte(""), err
    4010. 

  4010. 	}
    4011. 

  4011. 	cmd := exec.Command(gitPath, "config", "user.email", "[email protected]")
    4012. 

  4012. 	cmd.Dir = repoPath
    4013. 

  4013. 	out, err := cmd.CombinedOutput()
    4014. 

  4014. 	if err != nil {
    4015. 

  4015. 		return out, err
    4016. 

  4016. 	}
    4017. 

  4017. 	cmd = exec.Command(gitPath, "config", "user.name", "testuser")
    4018. 

  4018. 	cmd.Dir = repoPath
    4019. 

  4019. 	out, err = cmd.CombinedOutput()
    4020. 

  4020. 	if err != nil {
    4021. 

  4021. 		return out, err
    4022. 

  4022. 	}
    4023. 

  4023. 	cmd = exec.Command(gitPath, "add", "test")
    4024. 

  4024. 	cmd.Dir = repoPath
    4025. 

  4025. 	out, err = cmd.CombinedOutput()
    4026. 

  4026. 	if err != nil {
    4027. 

  4027. 		return out, err
    4028. 

  4028. 	}
    4029. 

  4029. 	cmd = exec.Command(gitPath, "commit", "-am", "test")
    4030. 

  4030. 	cmd.Dir = repoPath
    4031. 

  4031. 	return cmd.CombinedOutput()
    4032. 

  4032. }
    4033. 

  4033. 

  4034. func printLatestLogs(maxNumberOfLines int) {
    4035. 

  4035. 	var lines []string
    4036. 

  4036. 	f, err := os.Open(logFilePath)
    4037. 

  4037. 	if err != nil {
    4038. 

  4038. 		return
    4039. 

  4039. 	}
    4040. 

  4040. 	defer f.Close()
    4041. 

  4041. 	scanner := bufio.NewScanner(f)
    4042. 

  4042. 	for scanner.Scan() {
    4043. 

  4043. 		lines = append(lines, scanner.Text()+"\r\n")
    4044. 

  4044. 		for len(lines) > maxNumberOfLines {
    4045. 

  4045. 			lines = lines[1:]
    4046. 

  4046. 		}
    4047. 

  4047. 	}
    4048. 

  4048. 	if scanner.Err() != nil {
    4049. 

  4049. 		logger.WarnToConsole("Unable to print latest logs: %v", scanner.Err())
    4050. 

  4050. 		return
    4051. 

  4051. 	}
    4052. 

  4052. 	for _, line := range lines {
    4053. 

  4053. 		logger.DebugToConsole(line)
    4054. 

  4054. 	}
    4055. 

  4055. }
    4056.