Bugfix: in config, merge groups and user-defined routes to default ones,

cyrilst · cyrilst · commit ac85a2a784d4 · 2021-04-09T12:23:49.000+02:00
instead of replacing them. Add a regression test for this.
diff --git a/Makefile b/Makefile
@@ -1,4 +1,4 @@
-SSHPROXY_VERSION ?= 1.3.5
+SSHPROXY_VERSION ?= 1.3.6
 SSHPROXY_GIT_URL ?= github.com/cea-hpc/sshproxy
 
 prefix		?= /usr
diff --git a/misc/sshproxy.spec b/misc/sshproxy.spec
@@ -3,7 +3,7 @@
 %global debug_package   %{nil}
 
 Name:           sshproxy
-Version:        1.3.5
+Version:        1.3.6
 Release:        1%{?dist}
 Summary:        SSH proxy
 License:        CeCILL-B
@@ -51,6 +51,9 @@ install -p -m 0644 config/sshproxy.yaml %{buildroot}%{_sysconfdir}/sshproxy
 %{_mandir}/man8/sshproxy-replay.8*
 
 %changelog
+* Fri Apr 09 2021 Cyril Servant <cyril.servant@cea.fr> - 1.3.6-1
+- sshproxy 1.3.6
+
 * Thu Mar 04 2021 Cyril Servant <cyril.servant@cea.fr> - 1.3.5-1
 - sshproxy 1.3.5
 
@@ -72,7 +75,7 @@ install -p -m 0644 config/sshproxy.yaml %{buildroot}%{_sysconfdir}/sshproxy
 * Thu Apr 30 2020 Cyril Servant <cyril.servant@cea.fr> - 1.2.0-1
 - sshproxy 1.2.0
 
-* Thu Mar 06 2020 Cyril Servant <cyril.servant@cea.fr> - 1.1.0-1
+* Fri Mar 06 2020 Cyril Servant <cyril.servant@cea.fr> - 1.1.0-1
 - sshproxy 1.1.0
 
 * Thu Jun 06 2019 Arnaud Guignard <arnaud.guignard@cea.fr> - 1.0.0-1
diff --git a/misc/sshproxyctl-completion.bash b/misc/sshproxyctl-completion.bash
@@ -5,7 +5,7 @@ _sshproxyctl() {
         COMPREPLY=()
         cur="${COMP_WORDS[COMP_CWORD]}"
         prev="${COMP_WORDS[COMP_CWORD-1]}"
-        commands="enable disable help show version"
+        commands="disable enable forget help show version"
         opts="-h -c ${commands}"
 
         case "${prev}" in
diff --git a/pkg/utils/config.go b/pkg/utils/config.go
@@ -141,8 +141,9 @@ func parseSubConfig(config *Config, subconfig *subConfig) error {
 		config.SSH.Args = subconfig.SSH.Args
 	}
 
-	if subconfig.Routes != nil {
-		config.Routes = subconfig.Routes
+	// merge routes
+	for service, opts := range subconfig.Routes {
+		config.Routes[service] = opts
 	}
 
 	// merge environment
diff --git a/test/centos-image/Dockerfile b/test/centos-image/Dockerfile
@@ -6,10 +6,14 @@ RUN set -ex \
 	&& yum -y update \
 	&& yum -y install asciidoc etcd git golang iproute make openssh-server rpm-build
 
-# Create centos user and group
+# Create centos, user1 and user2 users ; centos and user1 groups
 RUN set -ex \
 	&& useradd centos \
-	&& install -d -m0755 -o centos -g centos /home/centos/.ssh
+	&& install -d -m0755 -o centos -g centos /home/centos/.ssh \
+	&& useradd -G centos user1 \
+	&& install -d -m0755 -o user1 -g user1 /home/user1/.ssh \
+	&& useradd -g user1 -G centos user2 \
+	&& install -d -m0755 -o user2 -g user1 /home/user2/.ssh
 
 # Copy centos public key to root authorized_keys
 RUN set -ex && install -d -m0700 /root/.ssh
@@ -27,6 +31,17 @@ COPY --chown=centos:centos ./ssh/id_ed25519.pub /home/centos/.ssh/authorized_key
 COPY --chown=centos:centos ./ssh/id_ed25519* ./ssh/known_hosts /home/centos/.ssh/
 RUN chmod 0600 /home/centos/.ssh/id_ed25519 /home/centos/.ssh/authorized_keys
 
+# Copy user1 ssh keys
+COPY --chown=user1:user1 ./ssh/id_ed25519.pub /home/user1/.ssh/authorized_keys
+COPY --chown=user1:user1 ./ssh/id_ed25519* ./ssh/known_hosts /home/user1/.ssh/
+RUN chmod 0600 /home/user1/.ssh/id_ed25519 /home/user1/.ssh/authorized_keys
+
+# Copy user2 ssh keys
+COPY --chown=user2:user1 ./ssh/id_ed25519.pub /home/user2/.ssh/authorized_keys
+COPY --chown=user2:user1 ./ssh/id_ed25519* ./ssh/known_hosts /home/user2/.ssh/
+RUN chmod 0600 /home/user2/.ssh/id_ed25519 /home/user2/.ssh/authorized_keys
+
+
 # Copy etcd certificates and keys
 COPY ./etcd/*.pem /etc/etcd/
 RUN chmod 0644 /etc/etcd/ca.pem
diff --git a/test/centos-image/gateway.sh b/test/centos-image/gateway.sh
@@ -54,6 +54,20 @@ routes:
         dest: ["server2"]
     default:
         dest: ["server3"]
+
+groups:
+    user1:
+        routes:
+            service2:
+                source: ["gateway1:2023"]
+                dest: ["server2"]
+
+users:
+    user2:
+        routes:
+            service3:
+                source: ["gateway1:2024"]
+                dest: ["server1"]
 EOF
 
 exec "$@"
diff --git a/test/centos-image/sshproxy_test.go b/test/centos-image/sshproxy_test.go
@@ -209,19 +209,24 @@ func enableHost(host string) {
 }
 
 var simpleConnectTests = []struct {
+	user string
 	port int
 	want string
 }{
-	{2023, "server1"},
-	{2024, "server2"},
-	{2025, "server3"},
+	{"", 2023, "server1"},
+	{"", 2024, "server2"},
+	{"", 2025, "server3"},
+	{"user1@", 2023, "server2"},
+	{"user1@", 2024, "server2"},
+	{"user2@", 2023, "server2"},
+	{"user2@", 2024, "server1"},
 }
 
 func TestSimpleConnect(t *testing.T) {
 	for _, tt := range simpleConnectTests {
 		ctx, cancel := context.WithTimeout(context.Background(), 5*time.Second)
 		defer cancel()
-		args, cmd := prepareCommand("gateway1", tt.port, "hostname")
+		args, cmd := prepareCommand(tt.user+"gateway1", tt.port, "hostname")
 		_, stdout, stderr, err := runCommand(ctx, "ssh", args, nil, nil)
 		stdoutStr := strings.TrimSpace(string(stdout))
 		if err != nil {

Original file line number	Diff line number	Diff line change
`@@ -1,4 +1,4 @@`
`1`		`-SSHPROXY_VERSION ?= 1.3.5`
	`1`	`+SSHPROXY_VERSION ?= 1.3.6`
`2`	`2`	`SSHPROXY_GIT_URL ?= github.com/cea-hpc/sshproxy`
`3`	`3`
`4`	`4`	`prefix ?= /usr`
Original file line number	Diff line number	Diff line change
`@@ -141,8 +141,9 @@ func parseSubConfig(config Config, subconfig subConfig) error {`
`141`	`141`	`config.SSH.Args = subconfig.SSH.Args`
`142`	`142`	`}`
`143`	`143`
`144`		`- if subconfig.Routes != nil {`
`145`		`- config.Routes = subconfig.Routes`
	`144`	`+ // merge routes`
	`145`	`+ for service, opts := range subconfig.Routes {`
	`146`	`+ config.Routes[service] = opts`
`146`	`147`	`}`
`147`	`148`
`148`	`149`	`// merge environment`