]>
Commit | Line | Data |
---|---|---|
1 | # $OpenBSD: agent-getpeereid.sh,v 1.4 2007/11/25 15:35:09 jmc Exp $ | |
2 | # Placed in the Public Domain. | |
3 | ||
4 | tid="disallow agent attach from other uid" | |
5 | ||
6 | UNPRIV=nobody | |
7 | ASOCK=${OBJ}/agent | |
8 | SSH_AUTH_SOCK=/nonexistent | |
9 | ||
10 | if grep "#undef.*HAVE_GETPEEREID" ${BUILDDIR}/config.h >/dev/null 2>&1 && \ | |
11 | grep "#undef.*HAVE_GETPEERUCRED" ${BUILDDIR}/config.h >/dev/null && \ | |
12 | grep "#undef.*HAVE_SO_PEERCRED" ${BUILDDIR}/config.h >/dev/null | |
13 | then | |
14 | echo "skipped (not supported on this platform)" | |
15 | exit 0 | |
16 | fi | |
17 | if [ -z "$SUDO" ]; then | |
18 | echo "skipped: need SUDO to switch to uid $UNPRIV" | |
19 | exit 0 | |
20 | fi | |
21 | ||
22 | ||
23 | trace "start agent" | |
24 | eval `${SSHAGENT} -s -a ${ASOCK}` > /dev/null | |
25 | r=$? | |
26 | if [ $r -ne 0 ]; then | |
27 | fail "could not start ssh-agent: exit code $r" | |
28 | else | |
29 | chmod 644 ${SSH_AUTH_SOCK} | |
30 | ||
31 | ssh-add -l > /dev/null 2>&1 | |
32 | r=$? | |
33 | if [ $r -ne 1 ]; then | |
34 | fail "ssh-add failed with $r != 1" | |
35 | fi | |
36 | ||
37 | < /dev/null ${SUDO} -S -u ${UNPRIV} ssh-add -l > /dev/null 2>&1 | |
38 | r=$? | |
39 | if [ $r -lt 2 ]; then | |
40 | fail "ssh-add did not fail for ${UNPRIV}: $r < 2" | |
41 | fi | |
42 | ||
43 | trace "kill agent" | |
44 | ${SSHAGENT} -k > /dev/null | |
45 | fi | |
46 | ||
47 | rm -f ${OBJ}/agent |