diff options
Diffstat (limited to 'tests/auth.py')
-rw-r--r-- | tests/auth.py | 22 |
1 files changed, 22 insertions, 0 deletions
diff --git a/tests/auth.py b/tests/auth.py index a12aa5fe..5d732218 100644 --- a/tests/auth.py +++ b/tests/auth.py @@ -9,6 +9,7 @@ from pytest import raises from paramiko import ( RSAKey, DSSKey, + PKey, BadAuthenticationType, AuthenticationException, SSHException, @@ -165,6 +166,27 @@ class AuthOnlyHandler_: assert tc._agreed_pubkey_algorithm == "ssh-rsa" @requires_sha1_signing + def key_type_algo_selection_is_cert_suffix_aware(self): + # This key has a cert next to it, which should trigger cert-aware + # loading within key classes. + privkey = PKey.from_path(_support("rsa.key")) + server_init = dict(_disable_sha2_pubkey, server_sig_algs=False) + with self._server( + pubkeys=[privkey], + connect=dict(pkey=privkey), + server_init=server_init, + catch_error=True, + ) as (tc, ts, err): + assert not err + # Auth did work + assert tc.is_authenticated() + # Selected expected cert type + assert ( + tc._agreed_pubkey_algorithm + == "ssh-rsa-cert-v01@openssh.com" + ) + + @requires_sha1_signing def uses_first_preferred_algo_if_key_type_not_in_list(self): # This is functionally the same as legacy AuthHandler, just # arriving at the same place in a different manner. |