Mirrors/sftpgo
1
0
Fork 0
mirror of https://github.com/drakkan/sftpgo.git synced 2025-12-07 23:00:55 +03:00
Code Issues Packages Projects Releases Wiki Activity

sshd: improve docs about supported ciphers, KEX and MACs

Browse Source 
also added a check to ensure that the configured values are valid

Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
This commit is contained in:
Nicola Murino
2022-01-06 18:09:49 +01:00
parent 1f619d5ea6
commit ec1d20f46f
10 changed files with 122 additions and 1107 deletions
Download Patch File Download Diff File Expand all files Collapse all files

17
sftpd/internal_test.go
View File

@@ -1839,6 +1839,23 @@ func TestConnectionStatusStruct(t *testing.T) {
assert.NotEqual(t, 0, len(connInfo))
}
func TestSupportedSecurityOptions(t *testing.T) {
c := Configuration{
KexAlgorithms: supportedKexAlgos,
MACs: supportedMACs,
Ciphers: supportedCiphers,
}
serverConfig := &ssh.ServerConfig{}
err := c.configureSecurityOptions(serverConfig)
assert.NoError(t, err)
assert.Equal(t, supportedCiphers, serverConfig.Ciphers)
assert.Equal(t, supportedMACs, serverConfig.MACs)
assert.Equal(t, supportedKexAlgos, serverConfig.KeyExchanges)
c.KexAlgorithms = append(c.KexAlgorithms, "not a kex")
err = c.configureSecurityOptions(serverConfig)
assert.Error(t, err)
}
func TestLoadHostKeys(t *testing.T) {
configDir := ".."
serverConfig := &ssh.ServerConfig{}