[gssapi-openssh.git] / openssh / regress / test-exec.sh

#	$OpenBSD: test-exec.sh,v 1.14 2002/04/15 15:19:48 markus Exp $
#	Placed in the Public Domain.

PORT=4242
USER=`id -un`
SUDO=
#SUDO=sudo

OBJ=$1
if [ "x$OBJ" = "x" ]; then
	echo '$OBJ not defined'
	exit 2
fi
if [ ! -d $OBJ ]; then
	echo "not a directory: $OBJ"
	exit 2
fi
SCRIPT=$2
if [ "x$SCRIPT" = "x" ]; then
	echo '$SCRIPT not defined'
	exit 2
fi
if [ ! -f $SCRIPT ]; then
	echo "not a file: $SCRIPT"
	exit 2
fi
if sh -n $SCRIPT; then
	true
else
	echo "syntax error in $SCRIPT"
	exit 2
fi
unset SSH_AUTH_SOCK

# defaults
SSH=ssh
SSHD=sshd
SSHAGENT=ssh-agent
SSHADD=ssh-add
SSHKEYGEN=ssh-keygen
SSHKEYSCAN=ssh-keyscan
SFTP=sftp
SFTPSERVER=/usr/libexec/openssh/sftp-server

if [ "x$TEST_SSH_SSH" != "x" ]; then
	SSH=${TEST_SSH_SSH}
fi
if [ "x$TEST_SSH_SSHD" != "x" ]; then
	SSHD=${TEST_SSH_SSHD}
fi
if [ "x$TEST_SSH_SSHAGENT" != "x" ]; then
	SSHAGENT=${TEST_SSH_SSHAGENT}
fi
if [ "x$TEST_SSH_SSHADD" != "x" ]; then
	SSHADD=${TEST_SSH_SSHADD}
fi
if [ "x$TEST_SSH_SSHKEYGEN" != "x" ]; then
	SSHKEYGEN=${TEST_SSH_SSHKEYGEN}
fi
if [ "x$TEST_SSH_SSHKEYSCAN" != "x" ]; then
	SSHKEYSCAN=${TEST_SSH_SSHKEYSCAN}
fi
if [ "x$TEST_SSH_SFTP" != "x" ]; then
	SFTP=${TEST_SSH_SFTP}
fi
if [ "x$TEST_SSH_SFTPSERVER" != "x" ]; then
	SFTPSERVER=${TEST_SSH_SFTPSERVER}
fi

# these should be used in tests
export SSH SSHD SSHAGENT SSHADD SSHKEYGEN SSHKEYSCAN SFTP SFTPSERVER
#echo $SSH $SSHD $SSHAGENT $SSHADD $SSHKEYGEN $SSHKEYSCAN $SFTP $SFTPSERVER

# helper
cleanup ()
{
	if [ -f $PIDFILE ]; then
		pid=`cat $PIDFILE`
		if [ "X$pid" = "X" ]; then
			echo no sshd running
		else
			if [ $pid -lt 2 ]; then
				echo bad pid for ssd: $pid
			else
				$SUDO kill $pid
			fi
		fi
	fi
}

trace ()
{
	if [ "X$TEST_SSH_TRACE" = "Xyes" ]; then
		echo "$@"
	fi
}

verbose ()
{
	if [ "X$TEST_SSH_QUIET" != "Xyes" ]; then
		echo "$@"
	fi
}


fail ()
{
	RESULT=1
	echo "$@"
}

fatal ()
{
	echo -n "FATAL: "
	fail "$@"
	cleanup
	exit $RESULT
}

RESULT=0
PIDFILE=$OBJ/pidfile

trap fatal 3 2

# create server config
cat << EOF > $OBJ/sshd_config
	Port			$PORT
	ListenAddress		127.0.0.1
	#ListenAddress		::1
	PidFile			$PIDFILE
	AuthorizedKeysFile	$OBJ/authorized_keys_%u
	LogLevel		QUIET
EOF

# server config for proxy connects
cp $OBJ/sshd_config $OBJ/sshd_proxy

# allow group-writable directories in proxy-mode
echo 'StrictModes no' >> $OBJ/sshd_proxy

# create client config
cat << EOF > $OBJ/ssh_config
Host *
	Hostname		127.0.0.1
	HostKeyAlias		localhost-with-alias
	Port			$PORT
	User			$USER
	GlobalKnownHostsFile	$OBJ/known_hosts
	UserKnownHostsFile	$OBJ/known_hosts
	RSAAuthentication	yes
	PubkeyAuthentication	yes
	ChallengeResponseAuthentication	no
	HostbasedAuthentication	no
	PasswordAuthentication	no
	RhostsAuthentication	no
	RhostsRSAAuthentication	no
	BatchMode		yes
	StrictHostKeyChecking	yes
EOF

rm -f $OBJ/known_hosts $OBJ/authorized_keys_$USER

trace "generate keys"
for t in rsa rsa1; do
	# generate user key
	rm -f $OBJ/$t
	${SSHKEYGEN} -q -N '' -t $t  -f $OBJ/$t ||\
		fail "ssh-keygen for $t failed"

	# known hosts file for client
	(
		echo -n 'localhost-with-alias,127.0.0.1,::1 '
		cat $OBJ/$t.pub
	) >> $OBJ/known_hosts

	# setup authorized keys
	cat $OBJ/$t.pub >> $OBJ/authorized_keys_$USER
	echo IdentityFile $OBJ/$t >> $OBJ/ssh_config

	# use key as host key, too
	$SUDO cp $OBJ/$t $OBJ/host.$t
	echo HostKey $OBJ/host.$t >> $OBJ/sshd_config

	# don't use SUDO for proxy connect
	echo HostKey $OBJ/$t >> $OBJ/sshd_proxy
done
chmod 644 $OBJ/authorized_keys_$USER

# create a proxy version of the client config
(
	cat $OBJ/ssh_config
	echo proxycommand ${SSHD} -i -f $OBJ/sshd_proxy
) > $OBJ/ssh_proxy

# check proxy config
${SSHD} -t -f $OBJ/sshd_proxy	|| fatal "sshd_proxy broken"

start_sshd ()
{
	# start sshd
	$SUDO ${SSHD} -f $OBJ/sshd_config -t	|| fatal "sshd_config broken"
	$SUDO ${SSHD} -f $OBJ/sshd_config

	trace "wait for sshd"
	i=0;
	while [ ! -f $PIDFILE -a $i -lt 5 ]; do
		i=`expr $i + 1`
		sleep $i
	done

	test -f $PIDFILE || fatal "no sshd running on port $PORT"
}

# source test body
. $SCRIPT

# kill sshd
cleanup
if [ $RESULT -eq 0 ]; then
	verbose ok $tid
else
	echo failed $tid
fi
exit $RESULT
Commit	Line	Data
826f3a39	1	# $OpenBSD: test-exec.sh,v 1.14 2002/04/15 15:19:48 markus Exp $
	2	# Placed in the Public Domain.
	3
	4	PORT=4242
	5	USER=`id -un`
	6	SUDO=
	7	#SUDO=sudo
	8
	9	OBJ=$1
	10	if [ "x$OBJ" = "x" ]; then
	11	echo '$OBJ not defined'
	12	exit 2
	13	fi
	14	if [ ! -d $OBJ ]; then
	15	echo "not a directory: $OBJ"
	16	exit 2
	17	fi
	18	SCRIPT=$2
	19	if [ "x$SCRIPT" = "x" ]; then
	20	echo '$SCRIPT not defined'
	21	exit 2
	22	fi
	23	if [ ! -f $SCRIPT ]; then
	24	echo "not a file: $SCRIPT"
	25	exit 2
	26	fi
	27	if sh -n $SCRIPT; then
	28	true
	29	else
	30	echo "syntax error in $SCRIPT"
	31	exit 2
	32	fi
	33	unset SSH_AUTH_SOCK
	34
	35	# defaults
	36	SSH=ssh
	37	SSHD=sshd
	38	SSHAGENT=ssh-agent
	39	SSHADD=ssh-add
	40	SSHKEYGEN=ssh-keygen
	41	SSHKEYSCAN=ssh-keyscan
	42	SFTP=sftp
	43	SFTPSERVER=/usr/libexec/openssh/sftp-server
	44
	45	if [ "x$TEST_SSH_SSH" != "x" ]; then
	46	SSH=${TEST_SSH_SSH}
	47	fi
	48	if [ "x$TEST_SSH_SSHD" != "x" ]; then
	49	SSHD=${TEST_SSH_SSHD}
	50	fi
	51	if [ "x$TEST_SSH_SSHAGENT" != "x" ]; then
	52	SSHAGENT=${TEST_SSH_SSHAGENT}
	53	fi
	54	if [ "x$TEST_SSH_SSHADD" != "x" ]; then
	55	SSHADD=${TEST_SSH_SSHADD}
	56	fi
	57	if [ "x$TEST_SSH_SSHKEYGEN" != "x" ]; then
	58	SSHKEYGEN=${TEST_SSH_SSHKEYGEN}
	59	fi
	60	if [ "x$TEST_SSH_SSHKEYSCAN" != "x" ]; then
	61	SSHKEYSCAN=${TEST_SSH_SSHKEYSCAN}
	62	fi
	63	if [ "x$TEST_SSH_SFTP" != "x" ]; then
	64	SFTP=${TEST_SSH_SFTP}
65	fi
66	if [ "x$TEST_SSH_SFTPSERVER" != "x" ]; then
67	SFTPSERVER=${TEST_SSH_SFTPSERVER}
68	fi
69
70	# these should be used in tests
71	export SSH SSHD SSHAGENT SSHADD SSHKEYGEN SSHKEYSCAN SFTP SFTPSERVER
72	#echo $SSH $SSHD $SSHAGENT $SSHADD $SSHKEYGEN $SSHKEYSCAN $SFTP $SFTPSERVER
73
74	# helper
75	cleanup ()
76	{
77	if [ -f $PIDFILE ]; then
78	pid=`cat $PIDFILE`
79	if [ "X$pid" = "X" ]; then
80	echo no sshd running
81	else
82	if [ $pid -lt 2 ]; then
83	echo bad pid for ssd: $pid
84	else
85	$SUDO kill $pid
86	fi
87	fi
88	fi
89	}
90
91	trace ()
92	{
93	if [ "X$TEST_SSH_TRACE" = "Xyes" ]; then
94	echo "$@"
95	fi
96	}
97
98	verbose ()
99	{
100	if [ "X$TEST_SSH_QUIET" != "Xyes" ]; then
101	echo "$@"
102	fi
103	}
104
105
106	fail ()
107	{
108	RESULT=1
109	echo "$@"
110	}
111
112	fatal ()
113	{
114	echo -n "FATAL: "
115	fail "$@"
116	cleanup
117	exit $RESULT
118	}
119
120	RESULT=0
121	PIDFILE=$OBJ/pidfile
122
123	trap fatal 3 2
124
125	# create server config
126	cat << EOF > $OBJ/sshd_config
127	Port $PORT
128	ListenAddress 127.0.0.1
129	#ListenAddress ::1
130	PidFile $PIDFILE
131	AuthorizedKeysFile $OBJ/authorized_keys_%u
132	LogLevel QUIET
133	EOF
134
135	# server config for proxy connects
136	cp $OBJ/sshd_config $OBJ/sshd_proxy
137
138	# allow group-writable directories in proxy-mode
139	echo 'StrictModes no' >> $OBJ/sshd_proxy
140
141	# create client config
142	cat << EOF > $OBJ/ssh_config
143	Host *
144	Hostname 127.0.0.1
145	HostKeyAlias localhost-with-alias
146	Port $PORT
147	User $USER
148	GlobalKnownHostsFile $OBJ/known_hosts
149	UserKnownHostsFile $OBJ/known_hosts
150	RSAAuthentication yes
151	PubkeyAuthentication yes
152	ChallengeResponseAuthentication no
153	HostbasedAuthentication no
154	PasswordAuthentication no
155	RhostsAuthentication no
156	RhostsRSAAuthentication no
157	BatchMode yes
158	StrictHostKeyChecking yes
159	EOF
160
161	rm -f $OBJ/known_hosts $OBJ/authorized_keys_$USER
162
163	trace "generate keys"
164	for t in rsa rsa1; do
165	# generate user key
166	rm -f $OBJ/$t
167	${SSHKEYGEN} -q -N '' -t $t -f $OBJ/$t \|\|\
168	fail "ssh-keygen for $t failed"
169
170	# known hosts file for client
171	(
172	echo -n 'localhost-with-alias,127.0.0.1,::1 '
173	cat $OBJ/$t.pub
174	) >> $OBJ/known_hosts
175
176	# setup authorized keys
177	cat $OBJ/$t.pub >> $OBJ/authorized_keys_$USER
178	echo IdentityFile $OBJ/$t >> $OBJ/ssh_config
179
180	# use key as host key, too
181	$SUDO cp $OBJ/$t $OBJ/host.$t
182	echo HostKey $OBJ/host.$t >> $OBJ/sshd_config
183
184	# don't use SUDO for proxy connect
185	echo HostKey $OBJ/$t >> $OBJ/sshd_proxy
186	done
187	chmod 644 $OBJ/authorized_keys_$USER
188
189	# create a proxy version of the client config
190	(
191	cat $OBJ/ssh_config
192	echo proxycommand ${SSHD} -i -f $OBJ/sshd_proxy
193	) > $OBJ/ssh_proxy
194
195	# check proxy config
196	${SSHD} -t -f $OBJ/sshd_proxy \|\| fatal "sshd_proxy broken"
197
198	start_sshd ()
199	{
200	# start sshd
201	$SUDO ${SSHD} -f $OBJ/sshd_config -t \|\| fatal "sshd_config broken"
202	$SUDO ${SSHD} -f $OBJ/sshd_config
203
204	trace "wait for sshd"
205	i=0;
206	while [ ! -f $PIDFILE -a $i -lt 5 ]; do
207	i=`expr $i + 1`
208	sleep $i
209	done
210
211	test -f $PIDFILE \|\| fatal "no sshd running on port $PORT"
212	}
213
214	# source test body
215	. $SCRIPT
216
217	# kill sshd
218	cleanup
219	if [ $RESULT -eq 0 ]; then
220	verbose ok $tid
221	else
222	echo failed $tid
223	fi
224	exit $RESULT