Updated embedded openssh server to generate config from template with absolute paths.

Updated openssh server to set pkey permissions on startup.
Updated tests to set pkey permissions on startup and check for auth on tests that require it.
Updated travis cfg

Author: Pan

.travis.yml

@@ -21,7 +21,6 @@ addons:
 install:
   - pip install flake8
   - python setup.py build_ext --inplace
-  - chmod 600 embedded_server/rsa.key
   - eval "$(ssh-agent -s)"
 script:
   - docker/build-packages.sh

embedded_server/openssh.py

@@ -16,23 +16,38 @@
 
 import os
 import socket
-
 from subprocess import Popen
 from time import sleep
+from sys import version_info
 
+from jinja2 import Template
 
-SERVER_KEY = os.path.sep.join([os.path.dirname(__file__), 'rsa.key'])
-SSHD_CONFIG = os.path.sep.join([os.path.dirname(__file__), 'sshd_config'])
+DIR_NAME = os.path.dirname(__file__)
+SERVER_KEY = os.path.abspath(os.path.sep.join([DIR_NAME, 'rsa.key']))
+SSHD_CONFIG_TMPL = os.path.abspath(os.path.sep.join(
+    [DIR_NAME, 'sshd_config.tmpl']))
+SSHD_CONFIG = os.path.abspath(os.path.sep.join([DIR_NAME, 'sshd_config']))
 
 class OpenSSHServer(object):
 
     def __init__(self, port=2222):
         self.port = port
         self.server_proc = None
+        _mask = int('0600') if version_info <= (2,) else 0o600
+        os.chmod(SERVER_KEY, _mask)
+        self.make_config()
+
+    def make_config(self):
+        with open(SSHD_CONFIG_TMPL) as fh:
+            tmpl = fh.read()
+        template = Template(tmpl)
+        with open(SSHD_CONFIG, 'w') as fh:
+            fh.write(template.render(parent_dir=os.path.abspath(DIR_NAME)))
+            fh.write(os.linesep)
 
     def start_server(self):
         cmd = ['/usr/sbin/sshd', '-D', '-p', str(self.port),
-               '-q', '-h', SERVER_KEY, '-f', SSHD_CONFIG]
+               '-h', SERVER_KEY, '-f', SSHD_CONFIG]
         server = Popen(cmd)
         self.server_proc = server
         self._wait_for_port()

embedded_server/sshd_config renamed to embedded_server/sshd_config.tmpl

@@ -11,4 +11,4 @@ ServerKeyBits 1024
 
 AcceptEnv LANG LC_*
 Subsystem sftp /usr/lib/openssh/sftp-server
-AuthorizedKeysFile ssh2-python/embedded_server/authorized_keys
+AuthorizedKeysFile {{parent_dir}}/authorized_keys

requirements_dev.txt

@@ -1,2 +1,3 @@
 cython
 flake8
+jinja2

tests/test_ssh2.py

@@ -3,6 +3,7 @@
 import os
 import socket
 import time
+from sys import version_info
 
 from ssh2.session import Session
 from ssh2.utils import wait_socket
@@ -24,6 +25,8 @@ class SSH2TestCase(unittest.TestCase):
 
     @classmethod
     def setUpClass(cls):
+        _mask = int('0600') if version_info <= (2,) else 0o600
+        os.chmod(PKEY_FILENAME, _mask)
         cls.host = '127.0.0.1'
         cls.port = 2222
         cls.server = OpenSSHServer()
@@ -64,7 +67,7 @@ def test_agent(self):
         self.assertTrue(agent.connect() == 0)
 
     def test_execute(self):
-        self._auth()
+        self.assertEqual(self._auth(), 0)
         chan = self.session.open_session()
         self.assertTrue(chan is not None)
         self.assertTrue(chan.execute(self.cmd) == 0)
@@ -76,7 +79,7 @@ def test_execute(self):
         self.assertTrue(chan.wait_eof() == 0)
 
     def test_exit_code(self):
-        self._auth()
+        self.assertEqual(self._auth(), 0)
         chan = self.session.open_session()
         chan.execute('exit 2')
         chan.wait_eof()
@@ -86,7 +89,7 @@ def test_exit_code(self):
         self.assertEqual(exit_code, 2)
 
     def test_long_running_execute(self):
-        self._auth()
+        self.assertEqual(self._auth(), 0)
         chan = self.session.open_session()
         chan.execute('sleep 1; exit 3')
         self.assertTrue(chan.wait_eof() == 0)
@@ -95,7 +98,7 @@ def test_long_running_execute(self):
         self.assertEqual(chan.get_exit_status(), 3)
 
     def test_read_stderr(self):
-        self._auth()
+        self.assertEqual(self._auth(), 0)
         chan = self.session.open_session()
         expected = ['stderr output']
         chan.execute('echo "stderr output" >&2')
@@ -105,7 +108,7 @@ def test_read_stderr(self):
         self.assertListEqual(expected, lines)
 
     def test_pty(self):
-        self._auth()
+        self.assertEqual(self._auth(), 0)
         chan = self.session.open_session()
         self.assertTrue(chan.pty() == 0)
         _out = u'stderr output'
@@ -118,7 +121,7 @@ def test_pty(self):
         self.assertListEqual(expected, lines)
 
     def test_write_stdin(self):
-        self._auth()
+        self.assertEqual(self._auth(), 0)
         _in = u'writing to stdin'
         chan = self.session.open_session()
         chan.execute('cat')
@@ -131,7 +134,7 @@ def test_write_stdin(self):
         self.assertListEqual([_in], lines)
 
     def test_write_ex(self):
-        self._auth()
+        self.assertEqual(self._auth(), 0)
         _in = u'writing to stdin'
         chan = self.session.open_session()
         chan.execute('cat')
@@ -144,7 +147,7 @@ def test_write_ex(self):
         self.assertListEqual([_in], lines)
 
     def test_write_stderr(self):
-        self._auth()
+        self.assertEqual(self._auth(), 0)
         chan = self.session.open_session()
         chan.execute('echo something')
         _in = u'stderr'
@@ -173,7 +176,7 @@ def test_sftp(self):
             os.unlink(remote_filename)
 
     def test_setenv(self):
-        self._auth()
+        self.assertEqual(self._auth(), 0)
         chan = self.session.open_session()
         _var = 'LC_MY_VAR'
         _val = 'value'