[gssapi-openssh.git] / openssh / regress / test-exec.sh

#	$OpenBSD: test-exec.sh,v 1.14 2002/04/15 15:19:48 markus Exp $
#	Placed in the Public Domain.

PORT=4242
#SUDO=sudo

if [ -x /usr/ucb/whoami ]; then
	USER=`/usr/ucb/whoami`
elif whoami >/dev/null 2>&1; then
	USER=`whoami`
else
	USER=`id -un`
fi

OBJ=$1
if [ "x$OBJ" = "x" ]; then
	echo '$OBJ not defined'
	exit 2
fi
if [ ! -d $OBJ ]; then
	echo "not a directory: $OBJ"
	exit 2
fi
SCRIPT=$2
if [ "x$SCRIPT" = "x" ]; then
	echo '$SCRIPT not defined'
	exit 2
fi
if [ ! -f $SCRIPT ]; then
	echo "not a file: $SCRIPT"
	exit 2
fi
if sh -n $SCRIPT; then
	true
else
	echo "syntax error in $SCRIPT"
	exit 2
fi
unset SSH_AUTH_SOCK

# defaults
SSH=ssh
SSHD=sshd
SSHAGENT=ssh-agent
SSHADD=ssh-add
SSHKEYGEN=ssh-keygen
SSHKEYSCAN=ssh-keyscan
SFTP=sftp
SFTPSERVER=/usr/libexec/openssh/sftp-server

if [ "x$TEST_SSH_SSH" != "x" ]; then
	SSH=${TEST_SSH_SSH}
fi
if [ "x$TEST_SSH_SSHD" != "x" ]; then
	SSHD=${TEST_SSH_SSHD}
fi
if [ "x$TEST_SSH_SSHAGENT" != "x" ]; then
	SSHAGENT=${TEST_SSH_SSHAGENT}
fi
if [ "x$TEST_SSH_SSHADD" != "x" ]; then
	SSHADD=${TEST_SSH_SSHADD}
fi
if [ "x$TEST_SSH_SSHKEYGEN" != "x" ]; then
	SSHKEYGEN=${TEST_SSH_SSHKEYGEN}
fi
if [ "x$TEST_SSH_SSHKEYSCAN" != "x" ]; then
	SSHKEYSCAN=${TEST_SSH_SSHKEYSCAN}
fi
if [ "x$TEST_SSH_SFTP" != "x" ]; then
	SFTP=${TEST_SSH_SFTP}
fi
if [ "x$TEST_SSH_SFTPSERVER" != "x" ]; then
	SFTPSERVER=${TEST_SSH_SFTPSERVER}
fi

# these should be used in tests
export SSH SSHD SSHAGENT SSHADD SSHKEYGEN SSHKEYSCAN SFTP SFTPSERVER
#echo $SSH $SSHD $SSHAGENT $SSHADD $SSHKEYGEN $SSHKEYSCAN $SFTP $SFTPSERVER

# helper
echon()
{
       if [ "x`echo -n`" = "x" ]; then
               echo -n "$@"
       elif [ "x`echo '\c'`" = "x" ]; then
               echo "$@\c"
       else
               fatal "Don't know how to echo without newline."
       fi
}

have_prog()
{
	saved_IFS="$IFS"
	IFS=":"
	for i in $PATH
	do
		if [ -x $i/$1 ]; then
			IFS="$saved_IFS"
			return 0
		fi
	done
	IFS="$saved_IFS"
	return 1
}

cleanup ()
{
	if [ -f $PIDFILE ]; then
		pid=`cat $PIDFILE`
		if [ "X$pid" = "X" ]; then
			echo no sshd running
		else
			if [ $pid -lt 2 ]; then
				echo bad pid for ssd: $pid
			else
				$SUDO kill $pid
			fi
		fi
	fi
}

trace ()
{
	if [ "X$TEST_SSH_TRACE" = "Xyes" ]; then
		echo "$@"
	fi
}

verbose ()
{
	if [ "X$TEST_SSH_QUIET" != "Xyes" ]; then
		echo "$@"
	fi
}


fail ()
{
	RESULT=1
	echo "$@"
}

fatal ()
{
	echon "FATAL: "
	fail "$@"
	cleanup
	exit $RESULT
}

RESULT=0
PIDFILE=$OBJ/pidfile

trap fatal 3 2

# create server config
cat << EOF > $OBJ/sshd_config
	Port			$PORT
	ListenAddress		127.0.0.1
	#ListenAddress		::1
	PidFile			$PIDFILE
	AuthorizedKeysFile	$OBJ/authorized_keys_%u
	LogLevel		QUIET
	StrictModes		no
EOF

# server config for proxy connects
cp $OBJ/sshd_config $OBJ/sshd_proxy

# allow group-writable directories in proxy-mode
echo 'StrictModes no' >> $OBJ/sshd_proxy

# create client config
cat << EOF > $OBJ/ssh_config
Host *
	Hostname		127.0.0.1
	HostKeyAlias		localhost-with-alias
	Port			$PORT
	User			$USER
	GlobalKnownHostsFile	$OBJ/known_hosts
	UserKnownHostsFile	$OBJ/known_hosts
	RSAAuthentication	yes
	PubkeyAuthentication	yes
	ChallengeResponseAuthentication	no
	HostbasedAuthentication	no
	PasswordAuthentication	no
	RhostsAuthentication	no
	RhostsRSAAuthentication	no
	BatchMode		yes
	StrictHostKeyChecking	yes
EOF

rm -f $OBJ/known_hosts $OBJ/authorized_keys_$USER

trace "generate keys"
for t in rsa rsa1; do
	# generate user key
	rm -f $OBJ/$t
	${SSHKEYGEN} -q -N '' -t $t  -f $OBJ/$t ||\
		fail "ssh-keygen for $t failed"

	# known hosts file for client
	(
		echon 'localhost-with-alias,127.0.0.1,::1 '
		cat $OBJ/$t.pub
	) >> $OBJ/known_hosts

	# setup authorized keys
	cat $OBJ/$t.pub >> $OBJ/authorized_keys_$USER
	echo IdentityFile $OBJ/$t >> $OBJ/ssh_config

	# use key as host key, too
	$SUDO cp $OBJ/$t $OBJ/host.$t
	echo HostKey $OBJ/host.$t >> $OBJ/sshd_config

	# don't use SUDO for proxy connect
	echo HostKey $OBJ/$t >> $OBJ/sshd_proxy
done
chmod 644 $OBJ/authorized_keys_$USER

# create a proxy version of the client config
(
	cat $OBJ/ssh_config
	echo proxycommand ${SUDO} ${SSHD} -i -f $OBJ/sshd_proxy
) > $OBJ/ssh_proxy

# check proxy config
${SSHD} -t -f $OBJ/sshd_proxy	|| fatal "sshd_proxy broken"

start_sshd ()
{
	# start sshd
	$SUDO ${SSHD} -f $OBJ/sshd_config -t	|| fatal "sshd_config broken"
	$SUDO ${SSHD} -f $OBJ/sshd_config

	trace "wait for sshd"
	i=0;
	while [ ! -f $PIDFILE -a $i -lt 10 ]; do
		i=`expr $i + 1`
		sleep $i
	done

	test -f $PIDFILE || fatal "no sshd running on port $PORT"
}

# source test body
. $SCRIPT

# kill sshd
cleanup
if [ $RESULT -eq 0 ]; then
	verbose ok $tid
else
	echo failed $tid
fi
exit $RESULT
Commit	Line	Data
700318f3	1	# $OpenBSD: test-exec.sh,v 1.14 2002/04/15 15:19:48 markus Exp $
	2	# Placed in the Public Domain.
	3
	4	PORT=4242
700318f3	5	#SUDO=sudo
700318f3	6
0fff78ff	7	if [ -x /usr/ucb/whoami ]; then
	8	USER=`/usr/ucb/whoami`
	9	elif whoami >/dev/null 2>&1; then
	10	USER=`whoami`
	11	else
	12	USER=`id -un`
	13	fi
	14
700318f3	15	OBJ=$1
	16	if [ "x$OBJ" = "x" ]; then
	17	echo '$OBJ not defined'
	18	exit 2
	19	fi
	20	if [ ! -d $OBJ ]; then
	21	echo "not a directory: $OBJ"
	22	exit 2
	23	fi
	24	SCRIPT=$2
	25	if [ "x$SCRIPT" = "x" ]; then
	26	echo '$SCRIPT not defined'
	27	exit 2
	28	fi
	29	if [ ! -f $SCRIPT ]; then
	30	echo "not a file: $SCRIPT"
	31	exit 2
	32	fi
	33	if sh -n $SCRIPT; then
	34	true
	35	else
	36	echo "syntax error in $SCRIPT"
	37	exit 2
	38	fi
	39	unset SSH_AUTH_SOCK
	40
	41	# defaults
	42	SSH=ssh
	43	SSHD=sshd
	44	SSHAGENT=ssh-agent
	45	SSHADD=ssh-add
	46	SSHKEYGEN=ssh-keygen
	47	SSHKEYSCAN=ssh-keyscan
	48	SFTP=sftp
	49	SFTPSERVER=/usr/libexec/openssh/sftp-server
	50
	51	if [ "x$TEST_SSH_SSH" != "x" ]; then
	52	SSH=${TEST_SSH_SSH}
	53	fi
	54	if [ "x$TEST_SSH_SSHD" != "x" ]; then
	55	SSHD=${TEST_SSH_SSHD}
	56	fi
	57	if [ "x$TEST_SSH_SSHAGENT" != "x" ]; then
	58	SSHAGENT=${TEST_SSH_SSHAGENT}
	59	fi
	60	if [ "x$TEST_SSH_SSHADD" != "x" ]; then
	61	SSHADD=${TEST_SSH_SSHADD}
	62	fi
	63	if [ "x$TEST_SSH_SSHKEYGEN" != "x" ]; then
	64	SSHKEYGEN=${TEST_SSH_SSHKEYGEN}
	65	fi
	66	if [ "x$TEST_SSH_SSHKEYSCAN" != "x" ]; then
	67	SSHKEYSCAN=${TEST_SSH_SSHKEYSCAN}
	68	fi
	69	if [ "x$TEST_SSH_SFTP" != "x" ]; then
	70	SFTP=${TEST_SSH_SFTP}
	71	fi
	72	if [ "x$TEST_SSH_SFTPSERVER" != "x" ]; then
	73	SFTPSERVER=${TEST_SSH_SFTPSERVER}
	74	fi
	75
	76	# these should be used in tests
	77	export SSH SSHD SSHAGENT SSHADD SSHKEYGEN SSHKEYSCAN SFTP SFTPSERVER
	78	#echo $SSH $SSHD $SSHAGENT $SSHADD $SSHKEYGEN $SSHKEYSCAN $SFTP $SFTPSERVER
79
80	# helper
0fff78ff	81	echon()
	82	{
	83	if [ "x`echo -n`" = "x" ]; then
	84	echo -n "$@"
	85	elif [ "x`echo '\c'`" = "x" ]; then
	86	echo "$@\c"
	87	else
	88	fatal "Don't know how to echo without newline."
	89	fi
	90	}
	91
	92	have_prog()
	93	{
	94	saved_IFS="$IFS"
	95	IFS=":"
	96	for i in $PATH
	97	do
	98	if [ -x $i/$1 ]; then
	99	IFS="$saved_IFS"
	100	return 0
	101	fi
	102	done
	103	IFS="$saved_IFS"
	104	return 1
	105	}
	106
700318f3	107	cleanup ()
	108	{
	109	if [ -f $PIDFILE ]; then
	110	pid=`cat $PIDFILE`
	111	if [ "X$pid" = "X" ]; then
	112	echo no sshd running
	113	else
	114	if [ $pid -lt 2 ]; then
	115	echo bad pid for ssd: $pid
	116	else
	117	$SUDO kill $pid
	118	fi
	119	fi
	120	fi
	121	}
	122
	123	trace ()
	124	{
	125	if [ "X$TEST_SSH_TRACE" = "Xyes" ]; then
	126	echo "$@"
	127	fi
	128	}
	129
	130	verbose ()
	131	{
	132	if [ "X$TEST_SSH_QUIET" != "Xyes" ]; then
	133	echo "$@"
	134	fi
	135	}
	136
	137
	138	fail ()
	139	{
	140	RESULT=1
	141	echo "$@"
	142	}
	143
	144	fatal ()
	145	{
0fff78ff	146	echon "FATAL: "
700318f3	147	fail "$@"
	148	cleanup
	149	exit $RESULT
	150	}
	151
	152	RESULT=0
	153	PIDFILE=$OBJ/pidfile
	154
	155	trap fatal 3 2
	156
	157	# create server config
	158	cat << EOF > $OBJ/sshd_config
	159	Port $PORT
	160	ListenAddress 127.0.0.1
	161	#ListenAddress ::1
	162	PidFile $PIDFILE
	163	AuthorizedKeysFile $OBJ/authorized_keys_%u
	164	LogLevel QUIET
0fff78ff	165	StrictModes no
700318f3	166	EOF
	167
	168	# server config for proxy connects
	169	cp $OBJ/sshd_config $OBJ/sshd_proxy
	170
	171	# allow group-writable directories in proxy-mode
	172	echo 'StrictModes no' >> $OBJ/sshd_proxy
	173
	174	# create client config
	175	cat << EOF > $OBJ/ssh_config
	176	Host *
	177	Hostname 127.0.0.1
	178	HostKeyAlias localhost-with-alias
	179	Port $PORT
	180	User $USER
	181	GlobalKnownHostsFile $OBJ/known_hosts
	182	UserKnownHostsFile $OBJ/known_hosts
	183	RSAAuthentication yes
	184	PubkeyAuthentication yes
	185	ChallengeResponseAuthentication no
	186	HostbasedAuthentication no
	187	PasswordAuthentication no
	188	RhostsAuthentication no
	189	RhostsRSAAuthentication no
	190	BatchMode yes
	191	StrictHostKeyChecking yes
	192	EOF
	193
	194	rm -f $OBJ/known_hosts $OBJ/authorized_keys_$USER
	195
	196	trace "generate keys"
	197	for t in rsa rsa1; do
	198	# generate user key
	199	rm -f $OBJ/$t
	200	${SSHKEYGEN} -q -N '' -t $t -f $OBJ/$t \|\|\
	201	fail "ssh-keygen for $t failed"
	202
	203	# known hosts file for client
	204	(
0fff78ff	205	echon 'localhost-with-alias,127.0.0.1,::1 '
700318f3	206	cat $OBJ/$t.pub
	207	) >> $OBJ/known_hosts
	208
	209	# setup authorized keys
	210	cat $OBJ/$t.pub >> $OBJ/authorized_keys_$USER
	211	echo IdentityFile $OBJ/$t >> $OBJ/ssh_config
	212
	213	# use key as host key, too
	214	$SUDO cp $OBJ/$t $OBJ/host.$t
	215	echo HostKey $OBJ/host.$t >> $OBJ/sshd_config
	216
	217	# don't use SUDO for proxy connect
	218	echo HostKey $OBJ/$t >> $OBJ/sshd_proxy
	219	done
	220	chmod 644 $OBJ/authorized_keys_$USER
	221
	222	# create a proxy version of the client config
	223	(
	224	cat $OBJ/ssh_config
0fff78ff	225	echo proxycommand ${SUDO} ${SSHD} -i -f $OBJ/sshd_proxy
700318f3	226	) > $OBJ/ssh_proxy
	227
	228	# check proxy config
	229	${SSHD} -t -f $OBJ/sshd_proxy \|\| fatal "sshd_proxy broken"
	230
	231	start_sshd ()
	232	{
	233	# start sshd
	234	$SUDO ${SSHD} -f $OBJ/sshd_config -t \|\| fatal "sshd_config broken"
	235	$SUDO ${SSHD} -f $OBJ/sshd_config
	236
	237	trace "wait for sshd"
	238	i=0;
0fff78ff	239	while [ ! -f $PIDFILE -a $i -lt 10 ]; do
700318f3	240	i=`expr $i + 1`
	241	sleep $i
	242	done
	243
	244	test -f $PIDFILE \|\| fatal "no sshd running on port $PORT"
	245	}
	246
	247	# source test body
	248	. $SCRIPT
	249
	250	# kill sshd
	251	cleanup
	252	if [ $RESULT -eq 0 ]; then
	253	verbose ok $tid
	254	else
	255	echo failed $tid
	256	fi
	257	exit $RESULT