Skip to content

Commit

Permalink
sshd: Clarify testing variable names and arg order.
Browse files Browse the repository at this point in the history
  • Loading branch information
@sfox-equinix @stephen-fox
sfox-equinix authored and stephen-fox committed Jun 6, 2023
1 parent 203977f commit 21c4853
Show file tree
Hide file tree
Showing 3 changed files with 45 additions and 45 deletions.
20 changes: 10 additions & 10 deletions processors/sshd/dns_type_test.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -12,23 +12,23 @@ import (
"github.com/metal-toolbox/audito-maldito/internal/testtools"
)

const dnsName = "foo.com"
const expDNSName = "foo.com"

func TestNastyPTRRecord(t *testing.T) {
t.Parallel()

p, events := newDNSLogSSHDProcessor(t,
fmt.Sprintf("Nasty PTR record %q is set up for %s, ignoring",
dnsName, source))
expDNSName, expSource))

err := nastyPTRRecord(p)

require.NoError(t, err)

select {
case event := <-events:
require.Equal(t, source, event.Source.Value)
require.Equal(t, dnsName, event.Source.Extra["dns"])
require.Equal(t, expSource, event.Source.Value)
require.Equal(t, expDNSName, event.Source.Extra["dns"])
default:
t.Fatal("expected a channel write - got none")
}
Expand All @@ -49,16 +49,16 @@ func TestReverseMappingCheckFailed(t *testing.T) {

p, events := newDNSLogSSHDProcessor(t,
fmt.Sprintf("reverse mapping checking getaddrinfo for %s [%s] failed.",
dnsName, source))
expDNSName, expSource))

err := reverseMappingCheckFailed(p)

require.NoError(t, err)

select {
case event := <-events:
require.Equal(t, source, event.Source.Value)
require.Equal(t, dnsName, event.Source.Extra["dns"])
require.Equal(t, expSource, event.Source.Value)
require.Equal(t, expDNSName, event.Source.Extra["dns"])
default:
t.Fatal("expected a channel write - got none")
}
Expand All @@ -79,16 +79,16 @@ func TestDoesNotMapBackToAddr(t *testing.T) {

p, events := newDNSLogSSHDProcessor(t,
fmt.Sprintf("Address %s maps to %s, but this does not map back to the address.",
source, dnsName))
expSource, expDNSName))

err := doesNotMapBackToAddr(p)

require.NoError(t, err)

select {
case event := <-events:
require.Equal(t, source, event.Source.Value)
require.Equal(t, dnsName, event.Source.Extra["dns"])
require.Equal(t, expSource, event.Source.Value)
require.Equal(t, expDNSName, event.Source.Extra["dns"])
default:
t.Fatal("expected a channel write - got none")
}
Expand Down
20 changes: 10 additions & 10 deletions processors/sshd/misc_type_test.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -22,15 +22,15 @@ func TestRootLoginRefused(t *testing.T) {

p, events := newMiscLogSSHDProcessor(t,
fmt.Sprintf("ROOT LOGIN REFUSED FROM %s port %s",
source, expPort))
expSource, expPort))

err := rootLoginRefused(p)

require.NoError(t, err)

select {
case event := <-events:
require.Equal(t, source, event.Source.Value)
require.Equal(t, expSource, event.Source.Value)
require.Equal(t, expPort, event.Source.Extra["port"])
default:
t.Fatal("expected a channel write - got none")
Expand All @@ -53,15 +53,15 @@ func TestBadOwnerOrModesForHostFile(t *testing.T) {

p, events := newMiscLogSSHDProcessor(t,
fmt.Sprintf("Authentication refused for %s: bad owner or modes for %s",
username, expFilePath))
expUsername, expFilePath))

err := badOwnerOrModesForHostFile(p)

require.NoError(t, err)

select {
case event := <-events:
require.Equal(t, username, event.Subjects["loggedAs"])
require.Equal(t, expUsername, event.Subjects["loggedAs"])
require.Equal(t, expFilePath, event.Subjects["filePath"])
default:
t.Fatal("expected a channel write - got none")
Expand All @@ -84,16 +84,16 @@ func TestMaxAuthAttemptsExceeded(t *testing.T) {

p, events := newMiscLogSSHDProcessor(t,
fmt.Sprintf("maximum authentication attempts exceeded for %s from %s port %s ssh2",
username, source, expPort))
expUsername, expSource, expPort))

err := maxAuthAttemptsExceeded(p)

require.NoError(t, err)

select {
case event := <-events:
require.Equal(t, username, event.Subjects["loggedAs"])
require.Equal(t, source, event.Source.Value)
require.Equal(t, expUsername, event.Subjects["loggedAs"])
require.Equal(t, expSource, event.Source.Value)
require.Equal(t, expPort, event.Source.Extra["port"])

default:
Expand All @@ -117,16 +117,16 @@ func TestFailedPasswordAuth(t *testing.T) {

p, events := newMiscLogSSHDProcessor(t,
fmt.Sprintf("Failed password for %s from %s port %s ssh2",
username, source, expPort))
expUsername, expSource, expPort))

err := failedPasswordAuth(p)

require.NoError(t, err)

select {
case event := <-events:
require.Equal(t, username, event.Subjects["loggedAs"])
require.Equal(t, source, event.Source.Value)
require.Equal(t, expUsername, event.Subjects["loggedAs"])
require.Equal(t, expSource, event.Source.Value)
require.Equal(t, expPort, event.Source.Extra["port"])

default:
Expand Down
50 changes: 25 additions & 25 deletions processors/sshd/user_type_test.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -15,8 +15,8 @@ import (

// The linter made me do this, sorry.
const (
username = "foo foo"
source = "bar"
expUsername = "foo foo"
expSource = "bar"
)

func TestUserTypeLogAuditFn(t *testing.T) {
Expand Down Expand Up @@ -47,16 +47,16 @@ func TestProcessNotInAllowUsersEntry(t *testing.T) {

p, events := newUserLogSSHDProcessor(t,
fmt.Sprintf("User %s from %s not allowed because not listed in AllowUsers",
username, source))
expUsername, expSource))

err := processNotInAllowUsersEntry(p)

require.NoError(t, err)

select {
case event := <-events:
require.Equal(t, source, event.Source.Value)
require.Equal(t, event.Subjects["loggedAs"], username)
require.Equal(t, expSource, event.Source.Value)
require.Equal(t, expUsername, event.Subjects["loggedAs"])
default:
t.Fatal("expected a channel write - got none")
}
Expand All @@ -65,20 +65,20 @@ func TestProcessNotInAllowUsersEntry(t *testing.T) {
func TestUserNonExistentShell(t *testing.T) {
t.Parallel()

shell := "/bin/foo"
expShell := "/bin/foo"

p, events := newUserLogSSHDProcessor(t,
fmt.Sprintf("User %s not allowed because shell %s does not exist",
username, shell))
expUsername, expShell))

err := userNonExistentShell(p)

require.NoError(t, err)

select {
case event := <-events:
require.Equal(t, event.Metadata.Extra["shell"], shell)
require.Equal(t, event.Subjects["loggedAs"], username)
require.Equal(t, expShell, event.Metadata.Extra["shell"])
require.Equal(t, expUsername, event.Subjects["loggedAs"])
default:
t.Fatal("expected a channel write - got none")
}
Expand All @@ -87,20 +87,20 @@ func TestUserNonExistentShell(t *testing.T) {
func TestUserNonExecutableShell(t *testing.T) {
t.Parallel()

shell := "/bin/foo"
expShell := "/bin/foo"

p, events := newUserLogSSHDProcessor(t,
fmt.Sprintf("User %s not allowed because shell %s is not executable",
username, shell))
expUsername, expShell))

err := userNonExecutableShell(p)

require.NoError(t, err)

select {
case event := <-events:
require.Equal(t, event.Metadata.Extra["shell"], shell)
require.Equal(t, event.Subjects["loggedAs"], username)
require.Equal(t, expShell, event.Metadata.Extra["shell"])
require.Equal(t, expUsername, event.Subjects["loggedAs"])
default:
t.Fatal("expected a channel write - got none")
}
Expand All @@ -111,16 +111,16 @@ func TestUserInDenyUsers(t *testing.T) {

p, events := newUserLogSSHDProcessor(t,
fmt.Sprintf("User %s from %s not allowed because listed in DenyUsers",
username, source))
expUsername, expSource))

err := userInDenyUsers(p)

require.NoError(t, err)

select {
case event := <-events:
require.Equal(t, source, event.Source.Value)
require.Equal(t, event.Subjects["loggedAs"], username)
require.Equal(t, expSource, event.Source.Value)
require.Equal(t, expUsername, event.Subjects["loggedAs"])
default:
t.Fatal("expected a channel write - got none")
}
Expand All @@ -131,16 +131,16 @@ func TestUserNotInAnyGroup(t *testing.T) {

p, events := newUserLogSSHDProcessor(t,
fmt.Sprintf("User %s from %s not allowed because not in any group",
username, source))
expUsername, expSource))

err := userNotInAnyGroup(p)

require.NoError(t, err)

select {
case event := <-events:
require.Equal(t, source, event.Source.Value)
require.Equal(t, event.Subjects["loggedAs"], username)
require.Equal(t, expSource, event.Source.Value)
require.Equal(t, expUsername, event.Subjects["loggedAs"])
default:
t.Fatal("expected a channel write - got none")
}
Expand All @@ -151,16 +151,16 @@ func TestUserGroupInDenyGroups(t *testing.T) {

p, events := newUserLogSSHDProcessor(t,
fmt.Sprintf("User %s from %s not allowed because a group is listed in DenyGroups",
username, source))
expUsername, expSource))

err := userGroupInDenyGroups(p)

require.NoError(t, err)

select {
case event := <-events:
require.Equal(t, source, event.Source.Value)
require.Equal(t, event.Subjects["loggedAs"], username)
require.Equal(t, expSource, event.Source.Value)
require.Equal(t, expUsername, event.Subjects["loggedAs"])
default:
t.Fatal("expected a channel write - got none")
}
Expand All @@ -171,16 +171,16 @@ func TestUserGroupNotListedInAllowGroups(t *testing.T) {

p, events := newUserLogSSHDProcessor(t,
fmt.Sprintf("User %s from %s not allowed because none of user's groups are listed in AllowGroups",
username, source))
expUsername, expSource))

err := userGroupNotListedInAllowGroups(p)

require.NoError(t, err)

select {
case event := <-events:
require.Equal(t, source, event.Source.Value)
require.Equal(t, event.Subjects["loggedAs"], username)
require.Equal(t, expSource, event.Source.Value)
require.Equal(t, expUsername, event.Subjects["loggedAs"])
default:
t.Fatal("expected a channel write - got none")
}
Expand Down

0 comments on commit 21c4853

Please sign in to comment.