[openssh.git] / regress / test-exec.sh

#	$OpenBSD: test-exec.sh,v 1.25 2004/12/06 10:49:56 dtucker Exp $
#	Placed in the Public Domain.

#SUDO=sudo

# Unbreak GNU head(1)
_POSIX2_VERSION=199209
export _POSIX2_VERSION

if [ ! -z "$TEST_SSH_PORT" ]; then
	PORT="$TEST_SSH_PORT"
else
	PORT=4242
fi

if [ -x /usr/ucb/whoami ]; then
	USER=`/usr/ucb/whoami`
elif whoami >/dev/null 2>&1; then
	USER=`whoami`
else
	USER=`id -un`
fi

OBJ=$1
if [ "x$OBJ" = "x" ]; then
	echo '$OBJ not defined'
	exit 2
fi
if [ ! -d $OBJ ]; then
	echo "not a directory: $OBJ"
	exit 2
fi
SCRIPT=$2
if [ "x$SCRIPT" = "x" ]; then
	echo '$SCRIPT not defined'
	exit 2
fi
if [ ! -f $SCRIPT ]; then
	echo "not a file: $SCRIPT"
	exit 2
fi
if $TEST_SHELL -n $SCRIPT; then
	true
else
	echo "syntax error in $SCRIPT"
	exit 2
fi
unset SSH_AUTH_SOCK

# defaults
SSH=ssh
SSHD=sshd
SSHAGENT=ssh-agent
SSHADD=ssh-add
SSHKEYGEN=ssh-keygen
SSHKEYSCAN=ssh-keyscan
SFTP=sftp
SFTPSERVER=/usr/libexec/openssh/sftp-server
SCP=scp

if [ "x$TEST_SSH_SSH" != "x" ]; then
	SSH="${TEST_SSH_SSH}"
fi
if [ "x$TEST_SSH_SSHD" != "x" ]; then
	SSHD="${TEST_SSH_SSHD}"
fi
if [ "x$TEST_SSH_SSHAGENT" != "x" ]; then
	SSHAGENT="${TEST_SSH_SSHAGENT}"
fi
if [ "x$TEST_SSH_SSHADD" != "x" ]; then
	SSHADD="${TEST_SSH_SSHADD}"
fi
if [ "x$TEST_SSH_SSHKEYGEN" != "x" ]; then
	SSHKEYGEN="${TEST_SSH_SSHKEYGEN}"
fi
if [ "x$TEST_SSH_SSHKEYSCAN" != "x" ]; then
	SSHKEYSCAN="${TEST_SSH_SSHKEYSCAN}"
fi
if [ "x$TEST_SSH_SFTP" != "x" ]; then
	SFTP="${TEST_SSH_SFTP}"
fi
if [ "x$TEST_SSH_SFTPSERVER" != "x" ]; then
	SFTPSERVER="${TEST_SSH_SFTPSERVER}"
fi
if [ "x$TEST_SSH_SCP" != "x" ]; then
	SCP="${TEST_SSH_SCP}"
fi

# Path to sshd must be absolute for rexec
if [ ! -x /$SSHD ]; then
	SSHD=`which sshd`
fi

# these should be used in tests
export SSH SSHD SSHAGENT SSHADD SSHKEYGEN SSHKEYSCAN SFTP SFTPSERVER SCP
#echo $SSH $SSHD $SSHAGENT $SSHADD $SSHKEYGEN $SSHKEYSCAN $SFTP $SFTPSERVER $SCP

# helper
echon()
{
       if [ "x`echo -n`" = "x" ]; then
               echo -n "$@"
       elif [ "x`echo '\c'`" = "x" ]; then
               echo "$@\c"
       else
               fatal "Don't know how to echo without newline."
       fi
}

have_prog()
{
	saved_IFS="$IFS"
	IFS=":"
	for i in $PATH
	do
		if [ -x $i/$1 ]; then
			IFS="$saved_IFS"
			return 0
		fi
	done
	IFS="$saved_IFS"
	return 1
}

cleanup ()
{
	if [ -f $PIDFILE ]; then
		pid=`cat $PIDFILE`
		if [ "X$pid" = "X" ]; then
			echo no sshd running
		else
			if [ $pid -lt 2 ]; then
				echo bad pid for ssd: $pid
			else
				$SUDO kill $pid
			fi
		fi
	fi
}

trace ()
{
	if [ "X$TEST_SSH_TRACE" = "Xyes" ]; then
		echo "$@"
	fi
}

verbose ()
{
	if [ "X$TEST_SSH_QUIET" != "Xyes" ]; then
		echo "$@"
	fi
}


fail ()
{
	RESULT=1
	echo "$@"
}

fatal ()
{
	echon "FATAL: "
	fail "$@"
	cleanup
	exit $RESULT
}

RESULT=0
PIDFILE=$OBJ/pidfile

trap fatal 3 2

# create server config
cat << EOF > $OBJ/sshd_config
	StrictModes		no
	Port			$PORT
	ListenAddress		127.0.0.1
	#ListenAddress		::1
	PidFile			$PIDFILE
	AuthorizedKeysFile	$OBJ/authorized_keys_%u
	LogLevel		QUIET
	AcceptEnv		_XXX_TEST_*
	AcceptEnv		_XXX_TEST
	Subsystem	sftp	$SFTPSERVER
EOF

if [ ! -z "$TEST_SSH_SSHD_CONFOPTS" ]; then
	trace "adding sshd_config option $TEST_SSH_SSHD_CONFOPTS"
	echo "$TEST_SSH_SSHD_CONFOPTS" >> $OBJ/sshd_config
fi

# server config for proxy connects
cp $OBJ/sshd_config $OBJ/sshd_proxy

# allow group-writable directories in proxy-mode
echo 'StrictModes no' >> $OBJ/sshd_proxy

# create client config
cat << EOF > $OBJ/ssh_config
Host *
	Hostname		127.0.0.1
	HostKeyAlias		localhost-with-alias
	Port			$PORT
	User			$USER
	GlobalKnownHostsFile	$OBJ/known_hosts
	UserKnownHostsFile	$OBJ/known_hosts
	RSAAuthentication	yes
	PubkeyAuthentication	yes
	ChallengeResponseAuthentication	no
	HostbasedAuthentication	no
	PasswordAuthentication	no
	BatchMode		yes
	StrictHostKeyChecking	yes
EOF

if [ ! -z "$TEST_SSH_SSH_CONFOPTS" ]; then
	trace "adding ssh_config option $TEST_SSH_SSHD_CONFOPTS"
	echo "$TEST_SSH_SSH_CONFOPTS" >> $OBJ/ssh_config
fi

rm -f $OBJ/known_hosts $OBJ/authorized_keys_$USER

trace "generate keys"
for t in rsa rsa1; do
	# generate user key
	rm -f $OBJ/$t
	${SSHKEYGEN} -q -N '' -t $t  -f $OBJ/$t ||\
		fail "ssh-keygen for $t failed"

	# known hosts file for client
	(
		echon 'localhost-with-alias,127.0.0.1,::1 '
		cat $OBJ/$t.pub
	) >> $OBJ/known_hosts

	# setup authorized keys
	cat $OBJ/$t.pub >> $OBJ/authorized_keys_$USER
	echo IdentityFile $OBJ/$t >> $OBJ/ssh_config

	# use key as host key, too
	$SUDO cp $OBJ/$t $OBJ/host.$t
	echo HostKey $OBJ/host.$t >> $OBJ/sshd_config

	# don't use SUDO for proxy connect
	echo HostKey $OBJ/$t >> $OBJ/sshd_proxy
done
chmod 644 $OBJ/authorized_keys_$USER

# create a proxy version of the client config
(
	cat $OBJ/ssh_config
	echo proxycommand ${SUDO} ${SSHD} -i -f $OBJ/sshd_proxy
) > $OBJ/ssh_proxy

# check proxy config
${SSHD} -t -f $OBJ/sshd_proxy	|| fatal "sshd_proxy broken"

start_sshd ()
{
	# start sshd
	$SUDO ${SSHD} -f $OBJ/sshd_config -t	|| fatal "sshd_config broken"
	$SUDO ${SSHD} -f $OBJ/sshd_config

	trace "wait for sshd"
	i=0;
	while [ ! -f $PIDFILE -a $i -lt 10 ]; do
		i=`expr $i + 1`
		sleep $i
	done

	test -f $PIDFILE || fatal "no sshd running on port $PORT"
}

# source test body
. $SCRIPT

# kill sshd
cleanup
if [ $RESULT -eq 0 ]; then
	verbose ok $tid
else
	echo failed $tid
fi
exit $RESULT
Commit	Line	Data
185a020b	1	# $OpenBSD: test-exec.sh,v 1.25 2004/12/06 10:49:56 dtucker Exp $
836d58d7	2	# Placed in the Public Domain.
836d58d7	3
836d58d7	4	#SUDO=sudo
836d58d7	5
9c70ca37	6	# Unbreak GNU head(1)
	7	_POSIX2_VERSION=199209
	8	export _POSIX2_VERSION
	9
08f8b491	10	if [ ! -z "$TEST_SSH_PORT" ]; then
	11	PORT="$TEST_SSH_PORT"
	12	else
	13	PORT=4242
	14	fi
	15
4638d96a	16	if [ -x /usr/ucb/whoami ]; then
4638d96a	17	USER=`/usr/ucb/whoami`
c1b10a96	18	elif whoami >/dev/null 2>&1; then
4638d96a	19	USER=`whoami`
	20	else
	21	USER=`id -un`
	22	fi
	23
836d58d7	24	OBJ=$1
	25	if [ "x$OBJ" = "x" ]; then
	26	echo '$OBJ not defined'
	27	exit 2
	28	fi
	29	if [ ! -d $OBJ ]; then
	30	echo "not a directory: $OBJ"
	31	exit 2
	32	fi
	33	SCRIPT=$2
	34	if [ "x$SCRIPT" = "x" ]; then
	35	echo '$SCRIPT not defined'
	36	exit 2
	37	fi
	38	if [ ! -f $SCRIPT ]; then
	39	echo "not a file: $SCRIPT"
	40	exit 2
	41	fi
006cb311	42	if $TEST_SHELL -n $SCRIPT; then
836d58d7	43	true
	44	else
	45	echo "syntax error in $SCRIPT"
	46	exit 2
	47	fi
	48	unset SSH_AUTH_SOCK
	49
	50	# defaults
	51	SSH=ssh
	52	SSHD=sshd
	53	SSHAGENT=ssh-agent
	54	SSHADD=ssh-add
	55	SSHKEYGEN=ssh-keygen
	56	SSHKEYSCAN=ssh-keyscan
	57	SFTP=sftp
	58	SFTPSERVER=/usr/libexec/openssh/sftp-server
53e2a65c	59	SCP=scp
836d58d7	60
836d58d7	61	if [ "x$TEST_SSH_SSH" != "x" ]; then
dd75dc6d	62	SSH="${TEST_SSH_SSH}"
836d58d7	63	fi
836d58d7	64	if [ "x$TEST_SSH_SSHD" != "x" ]; then
dd75dc6d	65	SSHD="${TEST_SSH_SSHD}"
836d58d7	66	fi
836d58d7	67	if [ "x$TEST_SSH_SSHAGENT" != "x" ]; then
dd75dc6d	68	SSHAGENT="${TEST_SSH_SSHAGENT}"
836d58d7	69	fi
836d58d7	70	if [ "x$TEST_SSH_SSHADD" != "x" ]; then
dd75dc6d	71	SSHADD="${TEST_SSH_SSHADD}"
836d58d7	72	fi
836d58d7	73	if [ "x$TEST_SSH_SSHKEYGEN" != "x" ]; then
dd75dc6d	74	SSHKEYGEN="${TEST_SSH_SSHKEYGEN}"
836d58d7	75	fi
836d58d7	76	if [ "x$TEST_SSH_SSHKEYSCAN" != "x" ]; then
dd75dc6d	77	SSHKEYSCAN="${TEST_SSH_SSHKEYSCAN}"
836d58d7	78	fi
836d58d7	79	if [ "x$TEST_SSH_SFTP" != "x" ]; then
dd75dc6d	80	SFTP="${TEST_SSH_SFTP}"
836d58d7	81	fi
836d58d7	82	if [ "x$TEST_SSH_SFTPSERVER" != "x" ]; then
dd75dc6d	83	SFTPSERVER="${TEST_SSH_SFTPSERVER}"
836d58d7	84	fi
53e2a65c	85	if [ "x$TEST_SSH_SCP" != "x" ]; then
	86	SCP="${TEST_SSH_SCP}"
	87	fi
836d58d7	88
403447b4	89	# Path to sshd must be absolute for rexec
185a020b	90	if [ ! -x /$SSHD ]; then
	91	SSHD=`which sshd`
	92	fi
403447b4	93
836d58d7	94	# these should be used in tests
53e2a65c	95	export SSH SSHD SSHAGENT SSHADD SSHKEYGEN SSHKEYSCAN SFTP SFTPSERVER SCP
53e2a65c	96	#echo $SSH $SSHD $SSHAGENT $SSHADD $SSHKEYGEN $SSHKEYSCAN $SFTP $SFTPSERVER $SCP
836d58d7	97
836d58d7	98	# helper
c7751424	99	echon()
	100	{
	101	if [ "x`echo -n`" = "x" ]; then
	102	echo -n "$@"
	103	elif [ "x`echo '\c'`" = "x" ]; then
	104	echo "$@\c"
	105	else
	106	fatal "Don't know how to echo without newline."
	107	fi
	108	}
	109
c1b10a96	110	have_prog()
	111	{
	112	saved_IFS="$IFS"
	113	IFS=":"
	114	for i in $PATH
	115	do
	116	if [ -x $i/$1 ]; then
	117	IFS="$saved_IFS"
	118	return 0
	119	fi
	120	done
	121	IFS="$saved_IFS"
	122	return 1
	123	}
	124
836d58d7	125	cleanup ()
	126	{
	127	if [ -f $PIDFILE ]; then
	128	pid=`cat $PIDFILE`
	129	if [ "X$pid" = "X" ]; then
	130	echo no sshd running
	131	else
	132	if [ $pid -lt 2 ]; then
	133	echo bad pid for ssd: $pid
	134	else
	135	$SUDO kill $pid
	136	fi
	137	fi
	138	fi
	139	}
	140
	141	trace ()
	142	{
	143	if [ "X$TEST_SSH_TRACE" = "Xyes" ]; then
	144	echo "$@"
	145	fi
	146	}
	147
	148	verbose ()
	149	{
	150	if [ "X$TEST_SSH_QUIET" != "Xyes" ]; then
	151	echo "$@"
	152	fi
	153	}
	154
	155
	156	fail ()
	157	{
	158	RESULT=1
	159	echo "$@"
	160	}
	161
	162	fatal ()
	163	{
c7751424	164	echon "FATAL: "
836d58d7	165	fail "$@"
	166	cleanup
	167	exit $RESULT
	168	}
	169
	170	RESULT=0
	171	PIDFILE=$OBJ/pidfile
	172
	173	trap fatal 3 2
	174
	175	# create server config
	176	cat << EOF > $OBJ/sshd_config
828d4b6f	177	StrictModes no
836d58d7	178	Port $PORT
	179	ListenAddress 127.0.0.1
	180	#ListenAddress ::1
	181	PidFile $PIDFILE
	182	AuthorizedKeysFile $OBJ/authorized_keys_%u
	183	LogLevel QUIET
1b0a92c0	184	AcceptEnv _XXX_TEST_*
1b0a92c0	185	AcceptEnv _XXX_TEST
00995aa0	186	Subsystem sftp $SFTPSERVER
836d58d7	187	EOF
836d58d7	188
677dd470	189	if [ ! -z "$TEST_SSH_SSHD_CONFOPTS" ]; then
	190	trace "adding sshd_config option $TEST_SSH_SSHD_CONFOPTS"
	191	echo "$TEST_SSH_SSHD_CONFOPTS" >> $OBJ/sshd_config
	192	fi
	193
836d58d7	194	# server config for proxy connects
	195	cp $OBJ/sshd_config $OBJ/sshd_proxy
	196
	197	# allow group-writable directories in proxy-mode
	198	echo 'StrictModes no' >> $OBJ/sshd_proxy
	199
	200	# create client config
	201	cat << EOF > $OBJ/ssh_config
	202	Host *
	203	Hostname 127.0.0.1
	204	HostKeyAlias localhost-with-alias
	205	Port $PORT
	206	User $USER
	207	GlobalKnownHostsFile $OBJ/known_hosts
	208	UserKnownHostsFile $OBJ/known_hosts
	209	RSAAuthentication yes
	210	PubkeyAuthentication yes
	211	ChallengeResponseAuthentication no
	212	HostbasedAuthentication no
	213	PasswordAuthentication no
836d58d7	214	BatchMode yes
	215	StrictHostKeyChecking yes
	216	EOF
	217
677dd470	218	if [ ! -z "$TEST_SSH_SSH_CONFOPTS" ]; then
	219	trace "adding ssh_config option $TEST_SSH_SSHD_CONFOPTS"
	220	echo "$TEST_SSH_SSH_CONFOPTS" >> $OBJ/ssh_config
	221	fi
	222
836d58d7	223	rm -f $OBJ/known_hosts $OBJ/authorized_keys_$USER
	224
	225	trace "generate keys"
	226	for t in rsa rsa1; do
	227	# generate user key
	228	rm -f $OBJ/$t
	229	${SSHKEYGEN} -q -N '' -t $t -f $OBJ/$t \|\|\
	230	fail "ssh-keygen for $t failed"
	231
	232	# known hosts file for client
	233	(
c7751424	234	echon 'localhost-with-alias,127.0.0.1,::1 '
836d58d7	235	cat $OBJ/$t.pub
	236	) >> $OBJ/known_hosts
	237
	238	# setup authorized keys
	239	cat $OBJ/$t.pub >> $OBJ/authorized_keys_$USER
	240	echo IdentityFile $OBJ/$t >> $OBJ/ssh_config
	241
	242	# use key as host key, too
	243	$SUDO cp $OBJ/$t $OBJ/host.$t
	244	echo HostKey $OBJ/host.$t >> $OBJ/sshd_config
	245
	246	# don't use SUDO for proxy connect
	247	echo HostKey $OBJ/$t >> $OBJ/sshd_proxy
	248	done
	249	chmod 644 $OBJ/authorized_keys_$USER
	250
	251	# create a proxy version of the client config
	252	(
	253	cat $OBJ/ssh_config
4638d96a	254	echo proxycommand ${SUDO} ${SSHD} -i -f $OBJ/sshd_proxy
836d58d7	255	) > $OBJ/ssh_proxy
	256
	257	# check proxy config
	258	${SSHD} -t -f $OBJ/sshd_proxy \|\| fatal "sshd_proxy broken"
	259
	260	start_sshd ()
	261	{
	262	# start sshd
	263	$SUDO ${SSHD} -f $OBJ/sshd_config -t \|\| fatal "sshd_config broken"
	264	$SUDO ${SSHD} -f $OBJ/sshd_config
	265
	266	trace "wait for sshd"
	267	i=0;
4638d96a	268	while [ ! -f $PIDFILE -a $i -lt 10 ]; do
836d58d7	269	i=`expr $i + 1`
	270	sleep $i
	271	done
	272
	273	test -f $PIDFILE \|\| fatal "no sshd running on port $PORT"
	274	}
	275
	276	# source test body
	277	. $SCRIPT
	278
	279	# kill sshd
	280	cleanup
	281	if [ $RESULT -eq 0 ]; then
	282	verbose ok $tid
	283	else
	284	echo failed $tid
	285	fi
	286	exit $RESULT