Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

authentication: adding hostname parameter to ssh method #144

Open
wants to merge 1 commit into
base: master
Choose a base branch
from
Open

authentication: adding hostname parameter to ssh method #144

Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
24 changes: 16 additions & 8 deletions sssd_test_framework/utils/authentication.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -599,14 +599,18 @@ def __init__(self, host: MultihostHost) -> None:
self.opts = "-o UserKnownHostsFile=/dev/null -o StrictHostKeyChecking=no"
"""SSH CLI options."""

def password_with_output(self, username: str, password: str) -> tuple[int, int, str, str]:
def password_with_output(
self, username: str, password: str, hostname: str = "localhost"
) -> tuple[int, int, str, str]:
"""
SSH to the remote host and authenticate the user with password and captures standard output and error.

:param username: Username.
:type username: str
:param password: User password.
:type password: str
:param hostname: The hostname to connect to.
:type hostname: str
:return: Tuple containing [except return code, command exit code, stdout, stderr].
:rtype: Tuple[int, int, str, str]
"""
Expand Down Expand Up @@ -639,7 +643,7 @@ def password_with_output(self, username: str, password: str) -> tuple[int, int,
spawn ssh {self.opts} \
-o PreferredAuthentications=password \
-o NumberOfPasswordPrompts=1 \
-l "{username}" localhost
-l "{username}" "{hostname}"

expect {{
"password:" {{send "{password}\n"}}
Expand All @@ -649,7 +653,7 @@ def password_with_output(self, username: str, password: str) -> tuple[int, int,

expect {{
-re $prompt {{exitmsg "Password authentication successful" 0}}
"{username}@localhost: Permission denied" {{exitmsg "Authentication failure" 1}}
"{username}@{hostname}: Permission denied" {{exitmsg "Authentication failure" 1}}
"Connection closed by * port *" {{exitmsg "Connection closed" 2}}
"Current Password:" {{exitmsg "Password change requested" 3 }}
timeout {{exitmsg "Unexpected output" 201}}
Expand All @@ -674,21 +678,23 @@ def password_with_output(self, username: str, password: str) -> tuple[int, int,

return result.rc, cmdrc, stdout, result.stderr

def password(self, username: str, password: str) -> bool:
def password(self, username: str, password: str, hostname: str = "localhost") -> bool:
"""
SSH to the remote host and authenticate the user with password.

:param username: Username.
:type username: str
:param password: User password.
:type password: str
:param hostname: The hostname to connect to.
:type hostname: str
:return: True if authentication was successful, False otherwise.
:rtype: bool
"""
rc, _, _, _ = self.password_with_output(username, password)
rc, _, _, _ = self.password_with_output(username, password, hostname)
return rc == 0

def password_expired(self, username: str, password: str, new_password: str) -> bool:
def password_expired(self, username: str, password: str, new_password: str, hostname: str = "localhost") -> bool:
"""
SSH to the remote host and authenticate the user with password, expect
that the password is expired and change it to the new password.
Expand All @@ -699,6 +705,8 @@ def password_expired(self, username: str, password: str, new_password: str) -> b
:type password: str
:param new_password: New user password.
:type new_password: str
:param hostname: The hostname to connect to.
:type hostname: str
:return: True if authentication and password change was successful, False otherwise.
:rtype: bool
"""
Expand All @@ -711,7 +719,7 @@ def password_expired(self, username: str, password: str, new_password: str) -> b
spawn ssh {self.opts} \
-o PreferredAuthentications=password \
-o NumberOfPasswordPrompts=1 \
-l "{username}" localhost
-l "{username}" "{hostname}"

expect {{
"password:" {{send "{password}\n"}}
Expand All @@ -722,7 +730,7 @@ def password_expired(self, username: str, password: str, new_password: str) -> b
expect {{
"Password expired. Change your password now." {{ }}
-re $prompt {{puts "expect result: Authentication succeeded without password change"; exit 2}}
"{username}@localhost: Permission denied" {{puts "expect result: Authentication failure"; exit 1}}
"{username}@{hostname}: Permission denied" {{puts "expect result: Authentication failure"; exit 1}}
timeout {{puts "expect result: Unexpected output"; exit 201}}
eof {{puts "expect result: Unexpected end of file"; exit 202}}
}}
Expand Down
Loading