[gssapi-openssh.git] / openssh / regress / test-exec.sh

#	$OpenBSD: test-exec.sh,v 1.28 2005/05/20 23:14:15 djm Exp $
#	Placed in the Public Domain.

#SUDO=sudo

# Unbreak GNU head(1)
_POSIX2_VERSION=199209
export _POSIX2_VERSION

case `uname -s 2>/dev/null` in
OSF1*)
	BIN_SH=xpg4
	export BIN_SH
	;;
esac

if [ ! -z "$TEST_SSH_PORT" ]; then
	PORT="$TEST_SSH_PORT"
else
	PORT=4242
fi

if [ -x /usr/ucb/whoami ]; then
	USER=`/usr/ucb/whoami`
elif whoami >/dev/null 2>&1; then
	USER=`whoami`
elif logname >/dev/null 2>&1; then
	USER=`logname`
else
	USER=`id -un`
fi

OBJ=$1
if [ "x$OBJ" = "x" ]; then
	echo '$OBJ not defined'
	exit 2
fi
if [ ! -d $OBJ ]; then
	echo "not a directory: $OBJ"
	exit 2
fi
SCRIPT=$2
if [ "x$SCRIPT" = "x" ]; then
	echo '$SCRIPT not defined'
	exit 2
fi
if [ ! -f $SCRIPT ]; then
	echo "not a file: $SCRIPT"
	exit 2
fi
if $TEST_SHELL -n $SCRIPT; then
	true
else
	echo "syntax error in $SCRIPT"
	exit 2
fi
unset SSH_AUTH_SOCK

SRC=`dirname ${SCRIPT}`

# defaults
SSH=ssh
SSHD=sshd
SSHAGENT=ssh-agent
SSHADD=ssh-add
SSHKEYGEN=ssh-keygen
SSHKEYSCAN=ssh-keyscan
SFTP=sftp
SFTPSERVER=/usr/libexec/openssh/sftp-server
SCP=scp

if [ "x$TEST_SSH_SSH" != "x" ]; then
	SSH="${TEST_SSH_SSH}"
fi
if [ "x$TEST_SSH_SSHD" != "x" ]; then
	SSHD="${TEST_SSH_SSHD}"
fi
if [ "x$TEST_SSH_SSHAGENT" != "x" ]; then
	SSHAGENT="${TEST_SSH_SSHAGENT}"
fi
if [ "x$TEST_SSH_SSHADD" != "x" ]; then
	SSHADD="${TEST_SSH_SSHADD}"
fi
if [ "x$TEST_SSH_SSHKEYGEN" != "x" ]; then
	SSHKEYGEN="${TEST_SSH_SSHKEYGEN}"
fi
if [ "x$TEST_SSH_SSHKEYSCAN" != "x" ]; then
	SSHKEYSCAN="${TEST_SSH_SSHKEYSCAN}"
fi
if [ "x$TEST_SSH_SFTP" != "x" ]; then
	SFTP="${TEST_SSH_SFTP}"
fi
if [ "x$TEST_SSH_SFTPSERVER" != "x" ]; then
	SFTPSERVER="${TEST_SSH_SFTPSERVER}"
fi
if [ "x$TEST_SSH_SCP" != "x" ]; then
	SCP="${TEST_SSH_SCP}"
fi

# Path to sshd must be absolute for rexec
case "$SSHD" in
/*) ;;
*) SSHD=`which sshd` ;;
esac

if [ "x$TEST_SSH_LOGFILE" = "x" ]; then
	TEST_SSH_LOGFILE=/dev/null
fi

# these should be used in tests
export SSH SSHD SSHAGENT SSHADD SSHKEYGEN SSHKEYSCAN SFTP SFTPSERVER SCP
#echo $SSH $SSHD $SSHAGENT $SSHADD $SSHKEYGEN $SSHKEYSCAN $SFTP $SFTPSERVER $SCP

# helper
echon()
{
       if [ "x`echo -n`" = "x" ]; then
               echo -n "$@"
       elif [ "x`echo '\c'`" = "x" ]; then
               echo "$@\c"
       else
               fatal "Don't know how to echo without newline."
       fi
}

have_prog()
{
	saved_IFS="$IFS"
	IFS=":"
	for i in $PATH
	do
		if [ -x $i/$1 ]; then
			IFS="$saved_IFS"
			return 0
		fi
	done
	IFS="$saved_IFS"
	return 1
}

cleanup ()
{
	if [ -f $PIDFILE ]; then
		pid=`cat $PIDFILE`
		if [ "X$pid" = "X" ]; then
			echo no sshd running
		else
			if [ $pid -lt 2 ]; then
				echo bad pid for ssd: $pid
			else
				$SUDO kill $pid
			fi
		fi
	fi
}

trace ()
{
	echo "trace: $@" >>$TEST_SSH_LOGFILE
	if [ "X$TEST_SSH_TRACE" = "Xyes" ]; then
		echo "$@"
	fi
}

verbose ()
{
	echo "verbose: $@" >>$TEST_SSH_LOGFILE
	if [ "X$TEST_SSH_QUIET" != "Xyes" ]; then
		echo "$@"
	fi
}


fail ()
{
	echo "FAIL: $@" >>$TEST_SSH_LOGFILE
	RESULT=1
	echo "$@"
}

fatal ()
{
	echo "FATAL: $@" >>$TEST_SSH_LOGFILE
	echon "FATAL: "
	fail "$@"
	cleanup
	exit $RESULT
}

RESULT=0
PIDFILE=$OBJ/pidfile

trap fatal 3 2

# create server config
cat << EOF > $OBJ/sshd_config
	StrictModes		no
	Port			$PORT
	AddressFamily		inet
	ListenAddress		127.0.0.1
	#ListenAddress		::1
	PidFile			$PIDFILE
	AuthorizedKeysFile	$OBJ/authorized_keys_%u
	LogLevel		VERBOSE
	AcceptEnv		_XXX_TEST_*
	AcceptEnv		_XXX_TEST
	Subsystem	sftp	$SFTPSERVER
EOF

if [ ! -z "$TEST_SSH_SSHD_CONFOPTS" ]; then
	trace "adding sshd_config option $TEST_SSH_SSHD_CONFOPTS"
	echo "$TEST_SSH_SSHD_CONFOPTS" >> $OBJ/sshd_config
fi

# server config for proxy connects
cp $OBJ/sshd_config $OBJ/sshd_proxy

# allow group-writable directories in proxy-mode
echo 'StrictModes no' >> $OBJ/sshd_proxy

# create client config
cat << EOF > $OBJ/ssh_config
Host *
	Hostname		127.0.0.1
	HostKeyAlias		localhost-with-alias
	Port			$PORT
	User			$USER
	GlobalKnownHostsFile	$OBJ/known_hosts
	UserKnownHostsFile	$OBJ/known_hosts
	RSAAuthentication	yes
	PubkeyAuthentication	yes
	ChallengeResponseAuthentication	no
	HostbasedAuthentication	no
	PasswordAuthentication	no
	BatchMode		yes
	StrictHostKeyChecking	yes
EOF

if [ ! -z "$TEST_SSH_SSH_CONFOPTS" ]; then
	trace "adding ssh_config option $TEST_SSH_SSHD_CONFOPTS"
	echo "$TEST_SSH_SSH_CONFOPTS" >> $OBJ/ssh_config
fi

rm -f $OBJ/known_hosts $OBJ/authorized_keys_$USER

trace "generate keys"
for t in rsa rsa1; do
	# generate user key
	rm -f $OBJ/$t
	${SSHKEYGEN} -b 1024 -q -N '' -t $t  -f $OBJ/$t ||\
		fail "ssh-keygen for $t failed"

	# known hosts file for client
	(
		echon 'localhost-with-alias,127.0.0.1,::1 '
		cat $OBJ/$t.pub
	) >> $OBJ/known_hosts

	# setup authorized keys
	cat $OBJ/$t.pub >> $OBJ/authorized_keys_$USER
	echo IdentityFile $OBJ/$t >> $OBJ/ssh_config

	# use key as host key, too
	$SUDO cp $OBJ/$t $OBJ/host.$t
	echo HostKey $OBJ/host.$t >> $OBJ/sshd_config

	# don't use SUDO for proxy connect
	echo HostKey $OBJ/$t >> $OBJ/sshd_proxy
done
chmod 644 $OBJ/authorized_keys_$USER

# create a proxy version of the client config
(
	cat $OBJ/ssh_config
	echo proxycommand ${SUDO} sh ${SRC}/sshd-log-wrapper.sh ${SSHD} ${TEST_SSH_LOGFILE} -i -f $OBJ/sshd_proxy
) > $OBJ/ssh_proxy

# check proxy config
${SSHD} -t -f $OBJ/sshd_proxy	|| fatal "sshd_proxy broken"

start_sshd ()
{
	# start sshd
	$SUDO ${SSHD} -f $OBJ/sshd_config -t	|| fatal "sshd_config broken"
	$SUDO ${SSHD} -f $OBJ/sshd_config -e >>$TEST_SSH_LOGFILE 2>&1

	trace "wait for sshd"
	i=0;
	while [ ! -f $PIDFILE -a $i -lt 10 ]; do
		i=`expr $i + 1`
		sleep $i
	done

	test -f $PIDFILE || fatal "no sshd running on port $PORT"
}

# source test body
. $SCRIPT

# kill sshd
cleanup
if [ $RESULT -eq 0 ]; then
	verbose ok $tid
else
	echo failed $tid
fi
exit $RESULT
Commit	Line	Data
2c06c99b	1	# $OpenBSD: test-exec.sh,v 1.28 2005/05/20 23:14:15 djm Exp $
700318f3	2	# Placed in the Public Domain.
700318f3	3
700318f3	4	#SUDO=sudo
700318f3	5
996d5e62	6	# Unbreak GNU head(1)
	7	_POSIX2_VERSION=199209
	8	export _POSIX2_VERSION
	9
	10	case `uname -s 2>/dev/null` in
	11	OSF1*)
	12	BIN_SH=xpg4
	13	export BIN_SH
	14	;;
	15	esac
	16
c9f39d2c	17	if [ ! -z "$TEST_SSH_PORT" ]; then
	18	PORT="$TEST_SSH_PORT"
	19	else
	20	PORT=4242
	21	fi
	22
0fff78ff	23	if [ -x /usr/ucb/whoami ]; then
	24	USER=`/usr/ucb/whoami`
	25	elif whoami >/dev/null 2>&1; then
	26	USER=`whoami`
2c06c99b	27	elif logname >/dev/null 2>&1; then
2c06c99b	28	USER=`logname`
0fff78ff	29	else
	30	USER=`id -un`
	31	fi
	32
700318f3	33	OBJ=$1
	34	if [ "x$OBJ" = "x" ]; then
	35	echo '$OBJ not defined'
	36	exit 2
	37	fi
	38	if [ ! -d $OBJ ]; then
	39	echo "not a directory: $OBJ"
	40	exit 2
	41	fi
	42	SCRIPT=$2
	43	if [ "x$SCRIPT" = "x" ]; then
	44	echo '$SCRIPT not defined'
	45	exit 2
	46	fi
	47	if [ ! -f $SCRIPT ]; then
	48	echo "not a file: $SCRIPT"
	49	exit 2
	50	fi
cdd66111	51	if $TEST_SHELL -n $SCRIPT; then
700318f3	52	true
	53	else
	54	echo "syntax error in $SCRIPT"
	55	exit 2
	56	fi
	57	unset SSH_AUTH_SOCK
	58
996d5e62	59	SRC=`dirname ${SCRIPT}`
996d5e62	60
700318f3	61	# defaults
	62	SSH=ssh
	63	SSHD=sshd
	64	SSHAGENT=ssh-agent
	65	SSHADD=ssh-add
	66	SSHKEYGEN=ssh-keygen
	67	SSHKEYSCAN=ssh-keyscan
	68	SFTP=sftp
	69	SFTPSERVER=/usr/libexec/openssh/sftp-server
c9f39d2c	70	SCP=scp
700318f3	71
700318f3	72	if [ "x$TEST_SSH_SSH" != "x" ]; then
99be0775	73	SSH="${TEST_SSH_SSH}"
700318f3	74	fi
700318f3	75	if [ "x$TEST_SSH_SSHD" != "x" ]; then
99be0775	76	SSHD="${TEST_SSH_SSHD}"
700318f3	77	fi
700318f3	78	if [ "x$TEST_SSH_SSHAGENT" != "x" ]; then
99be0775	79	SSHAGENT="${TEST_SSH_SSHAGENT}"
700318f3	80	fi
700318f3	81	if [ "x$TEST_SSH_SSHADD" != "x" ]; then
99be0775	82	SSHADD="${TEST_SSH_SSHADD}"
700318f3	83	fi
700318f3	84	if [ "x$TEST_SSH_SSHKEYGEN" != "x" ]; then
99be0775	85	SSHKEYGEN="${TEST_SSH_SSHKEYGEN}"
700318f3	86	fi
700318f3	87	if [ "x$TEST_SSH_SSHKEYSCAN" != "x" ]; then
99be0775	88	SSHKEYSCAN="${TEST_SSH_SSHKEYSCAN}"
700318f3	89	fi
700318f3	90	if [ "x$TEST_SSH_SFTP" != "x" ]; then
99be0775	91	SFTP="${TEST_SSH_SFTP}"
700318f3	92	fi
700318f3	93	if [ "x$TEST_SSH_SFTPSERVER" != "x" ]; then
99be0775	94	SFTPSERVER="${TEST_SSH_SFTPSERVER}"
700318f3	95	fi
c9f39d2c	96	if [ "x$TEST_SSH_SCP" != "x" ]; then
	97	SCP="${TEST_SSH_SCP}"
	98	fi
	99
	100	# Path to sshd must be absolute for rexec
665a873d	101	case "$SSHD" in
	102	/*) ;;
	103	*) SSHD=`which sshd` ;;
	104	esac
996d5e62	105
	106	if [ "x$TEST_SSH_LOGFILE" = "x" ]; then
	107	TEST_SSH_LOGFILE=/dev/null
	108	fi
700318f3	109
700318f3	110	# these should be used in tests
c9f39d2c	111	export SSH SSHD SSHAGENT SSHADD SSHKEYGEN SSHKEYSCAN SFTP SFTPSERVER SCP
c9f39d2c	112	#echo $SSH $SSHD $SSHAGENT $SSHADD $SSHKEYGEN $SSHKEYSCAN $SFTP $SFTPSERVER $SCP
700318f3	113
700318f3	114	# helper
0fff78ff	115	echon()
	116	{
	117	if [ "x`echo -n`" = "x" ]; then
	118	echo -n "$@"
	119	elif [ "x`echo '\c'`" = "x" ]; then
	120	echo "$@\c"
	121	else
	122	fatal "Don't know how to echo without newline."
	123	fi
	124	}
	125
	126	have_prog()
	127	{
	128	saved_IFS="$IFS"
	129	IFS=":"
	130	for i in $PATH
	131	do
	132	if [ -x $i/$1 ]; then
	133	IFS="$saved_IFS"
	134	return 0
	135	fi
	136	done
	137	IFS="$saved_IFS"
	138	return 1
	139	}
	140
700318f3	141	cleanup ()
	142	{
	143	if [ -f $PIDFILE ]; then
	144	pid=`cat $PIDFILE`
	145	if [ "X$pid" = "X" ]; then
	146	echo no sshd running
	147	else
	148	if [ $pid -lt 2 ]; then
	149	echo bad pid for ssd: $pid
	150	else
	151	$SUDO kill $pid
	152	fi
	153	fi
	154	fi
	155	}
	156
	157	trace ()
	158	{
996d5e62	159	echo "trace: $@" >>$TEST_SSH_LOGFILE
700318f3	160	if [ "X$TEST_SSH_TRACE" = "Xyes" ]; then
	161	echo "$@"
	162	fi
	163	}
	164
	165	verbose ()
	166	{
996d5e62	167	echo "verbose: $@" >>$TEST_SSH_LOGFILE
700318f3	168	if [ "X$TEST_SSH_QUIET" != "Xyes" ]; then
	169	echo "$@"
	170	fi
	171	}
	172
	173
	174	fail ()
	175	{
996d5e62	176	echo "FAIL: $@" >>$TEST_SSH_LOGFILE
700318f3	177	RESULT=1
	178	echo "$@"
	179	}
	180
	181	fatal ()
	182	{
996d5e62	183	echo "FATAL: $@" >>$TEST_SSH_LOGFILE
0fff78ff	184	echon "FATAL: "
700318f3	185	fail "$@"
	186	cleanup
	187	exit $RESULT
	188	}
	189
	190	RESULT=0
	191	PIDFILE=$OBJ/pidfile
	192
	193	trap fatal 3 2
	194
	195	# create server config
	196	cat << EOF > $OBJ/sshd_config
c9f39d2c	197	StrictModes no
700318f3	198	Port $PORT
2c06c99b	199	AddressFamily inet
700318f3	200	ListenAddress 127.0.0.1
	201	#ListenAddress ::1
	202	PidFile $PIDFILE
	203	AuthorizedKeysFile $OBJ/authorized_keys_%u
dec6d9fe	204	LogLevel VERBOSE
c9f39d2c	205	AcceptEnv _XXX_TEST_*
	206	AcceptEnv _XXX_TEST
	207	Subsystem sftp $SFTPSERVER
700318f3	208	EOF
700318f3	209
c9f39d2c	210	if [ ! -z "$TEST_SSH_SSHD_CONFOPTS" ]; then
	211	trace "adding sshd_config option $TEST_SSH_SSHD_CONFOPTS"
	212	echo "$TEST_SSH_SSHD_CONFOPTS" >> $OBJ/sshd_config
	213	fi
	214
700318f3	215	# server config for proxy connects
	216	cp $OBJ/sshd_config $OBJ/sshd_proxy
	217
	218	# allow group-writable directories in proxy-mode
	219	echo 'StrictModes no' >> $OBJ/sshd_proxy
	220
	221	# create client config
	222	cat << EOF > $OBJ/ssh_config
	223	Host *
	224	Hostname 127.0.0.1
	225	HostKeyAlias localhost-with-alias
	226	Port $PORT
	227	User $USER
	228	GlobalKnownHostsFile $OBJ/known_hosts
	229	UserKnownHostsFile $OBJ/known_hosts
	230	RSAAuthentication yes
	231	PubkeyAuthentication yes
	232	ChallengeResponseAuthentication no
	233	HostbasedAuthentication no
	234	PasswordAuthentication no
700318f3	235	BatchMode yes
	236	StrictHostKeyChecking yes
	237	EOF
	238
c9f39d2c	239	if [ ! -z "$TEST_SSH_SSH_CONFOPTS" ]; then
	240	trace "adding ssh_config option $TEST_SSH_SSHD_CONFOPTS"
	241	echo "$TEST_SSH_SSH_CONFOPTS" >> $OBJ/ssh_config
	242	fi
	243
700318f3	244	rm -f $OBJ/known_hosts $OBJ/authorized_keys_$USER
	245
	246	trace "generate keys"
	247	for t in rsa rsa1; do
	248	# generate user key
	249	rm -f $OBJ/$t
2c06c99b	250	${SSHKEYGEN} -b 1024 -q -N '' -t $t -f $OBJ/$t \|\|\
700318f3	251	fail "ssh-keygen for $t failed"
	252
	253	# known hosts file for client
	254	(
0fff78ff	255	echon 'localhost-with-alias,127.0.0.1,::1 '
700318f3	256	cat $OBJ/$t.pub
	257	) >> $OBJ/known_hosts
	258
	259	# setup authorized keys
	260	cat $OBJ/$t.pub >> $OBJ/authorized_keys_$USER
	261	echo IdentityFile $OBJ/$t >> $OBJ/ssh_config
	262
	263	# use key as host key, too
	264	$SUDO cp $OBJ/$t $OBJ/host.$t
	265	echo HostKey $OBJ/host.$t >> $OBJ/sshd_config
	266
	267	# don't use SUDO for proxy connect
	268	echo HostKey $OBJ/$t >> $OBJ/sshd_proxy
	269	done
	270	chmod 644 $OBJ/authorized_keys_$USER
	271
	272	# create a proxy version of the client config
	273	(
	274	cat $OBJ/ssh_config
996d5e62	275	echo proxycommand ${SUDO} sh ${SRC}/sshd-log-wrapper.sh ${SSHD} ${TEST_SSH_LOGFILE} -i -f $OBJ/sshd_proxy
700318f3	276	) > $OBJ/ssh_proxy
	277
	278	# check proxy config
	279	${SSHD} -t -f $OBJ/sshd_proxy \|\| fatal "sshd_proxy broken"
	280
	281	start_sshd ()
	282	{
	283	# start sshd
	284	$SUDO ${SSHD} -f $OBJ/sshd_config -t \|\| fatal "sshd_config broken"
996d5e62	285	$SUDO ${SSHD} -f $OBJ/sshd_config -e >>$TEST_SSH_LOGFILE 2>&1
700318f3	286
	287	trace "wait for sshd"
	288	i=0;
0fff78ff	289	while [ ! -f $PIDFILE -a $i -lt 10 ]; do
700318f3	290	i=`expr $i + 1`
	291	sleep $i
	292	done
	293
	294	test -f $PIDFILE \|\| fatal "no sshd running on port $PORT"
	295	}
	296
	297	# source test body
	298	. $SCRIPT
	299
	300	# kill sshd
	301	cleanup
	302	if [ $RESULT -eq 0 ]; then
	303	verbose ok $tid
	304	else
	305	echo failed $tid
	306	fi
	307	exit $RESULT