Integration test for Curve25519Sha256Keysint-test-curve25519sha256

2 files changed, 85 insertions, 0 deletions

diff --git a/test/integration/common.rb b/test/integration/common.rb
index f112e64..ef99b04 100644
--- a/test/integration/common.rb
+++ b/test/integration/common.rb
@@ -83,4 +83,41 @@ module IntegrationTestHelpers
       system("sudo service ssh restart")
     end
   end
+
+  def with_lines_as_tempfile(lines = [], &block)
+    Tempfile.open('sshd_config') do |f|
+      f.write(lines)
+      f.close
+      yield(f.path)
+    end
+  end
+
+  # @yield [pid, port]
+  def start_sshd_7_or_later(port = '2200', config: nil)
+    if config
+      with_lines_as_tempfile(config) do |path|
+        pid = spawn('sudo', '/opt/net-ssh-openssh/sbin/sshd', '-D', '-f', path, '-p', port)
+        yield pid, port
+      end
+    else
+      pid = spawn('sudo', '/opt/net-ssh-openssh/sbin/sshd', '-D', '-p', port)
+      yield pid, port
+    end
+  ensure
+    # Our pid is sudo, -9 (KILL) on sudo will not clean up its children
+    # properly, so we just have to hope that -15 (TERM) will manage to bring
+    # down sshd.
+    if pid
+      system('sudo', 'kill', '-15', pid.to_s)
+      Process.wait(pid)
+    end
+  end
+
+  def localhost
+    'localhost'
+  end
+
+  def user
+    'net_ssh_1'
+  end
 end
diff --git a/test/integration/test_curve25519sha256.rb b/test/integration/test_curve25519sha256.rb
new file mode 100644
index 0000000..b684c00
--- /dev/null
+++ b/test/integration/test_curve25519sha256.rb
@@ -0,0 +1,48 @@
+require_relative 'common'
+require 'fileutils'
+require 'tmpdir'
+
+require 'net/ssh'
+
+require 'timeout'
+
+unless ENV['NET_SSH_NO_ED25519']
+  # see Vagrantfile,playbook for env.
+  # we're running as net_ssh_1 user password foo
+  # and usually connecting to net_ssh_2 user password foo2pwd
+  class TestCurve25519Sha256Keys < NetSSHTest
+    include IntegrationTestHelpers
+  
+
+    def test_with_only_curve_kex
+      config_lines = File.read('/etc/ssh/sshd_config').split("\n")
+      config_lines = config_lines.map do |line|
+        if line =~ /^KexAlgorithms/
+          "##{line}"
+        else
+          line
+        end
+      end
+      config_lines.push("KexAlgorithms curve25519-sha256")
+
+      Tempfile.open('empty_kh') do |f|
+        f.close
+        start_sshd_7_or_later(config: config_lines) do |_pid, port|
+          Timeout.timeout(4) do
+            begin
+              # We have our own sshd, give it a chance to come up before
+              # listening.
+              ret = Net::SSH.start("localhost", "net_ssh_1", password: 'foopwd', port: port, user_known_hosts_file: [f.path]) do |ssh|
+                ssh.exec! "echo 'foo'"
+              end
+              assert_equal "foo\n", ret
+            rescue SocketError, Errno::ECONNREFUSED, Errno::EHOSTUNREACH
+              sleep 0.25
+              retry
+            end
+          end
+        end
+      end
+    end
+  end
+end
\ No newline at end of file