[openssh.git] / regress / test-exec.sh

#	$OpenBSD: test-exec.sh,v 1.16 2004/04/27 09:47:30 djm Exp $
#	Placed in the Public Domain.

PORT=4242
#SUDO=sudo

if [ -x /usr/ucb/whoami ]; then
	USER=`/usr/ucb/whoami`
elif whoami >/dev/null 2>&1; then
	USER=`whoami`
else
	USER=`id -un`
fi

OBJ=$1
if [ "x$OBJ" = "x" ]; then
	echo '$OBJ not defined'
	exit 2
fi
if [ ! -d $OBJ ]; then
	echo "not a directory: $OBJ"
	exit 2
fi
SCRIPT=$2
if [ "x$SCRIPT" = "x" ]; then
	echo '$SCRIPT not defined'
	exit 2
fi
if [ ! -f $SCRIPT ]; then
	echo "not a file: $SCRIPT"
	exit 2
fi
if $TEST_SHELL -n $SCRIPT; then
	true
else
	echo "syntax error in $SCRIPT"
	exit 2
fi
unset SSH_AUTH_SOCK

# defaults
SSH=ssh
SSHD=sshd
SSHAGENT=ssh-agent
SSHADD=ssh-add
SSHKEYGEN=ssh-keygen
SSHKEYSCAN=ssh-keyscan
SFTP=sftp
SFTPSERVER=/usr/libexec/openssh/sftp-server

if [ "x$TEST_SSH_SSH" != "x" ]; then
	SSH="${TEST_SSH_SSH}"
fi
if [ "x$TEST_SSH_SSHD" != "x" ]; then
	SSHD="${TEST_SSH_SSHD}"
fi
if [ "x$TEST_SSH_SSHAGENT" != "x" ]; then
	SSHAGENT="${TEST_SSH_SSHAGENT}"
fi
if [ "x$TEST_SSH_SSHADD" != "x" ]; then
	SSHADD="${TEST_SSH_SSHADD}"
fi
if [ "x$TEST_SSH_SSHKEYGEN" != "x" ]; then
	SSHKEYGEN="${TEST_SSH_SSHKEYGEN}"
fi
if [ "x$TEST_SSH_SSHKEYSCAN" != "x" ]; then
	SSHKEYSCAN="${TEST_SSH_SSHKEYSCAN}"
fi
if [ "x$TEST_SSH_SFTP" != "x" ]; then
	SFTP="${TEST_SSH_SFTP}"
fi
if [ "x$TEST_SSH_SFTPSERVER" != "x" ]; then
	SFTPSERVER="${TEST_SSH_SFTPSERVER}"
fi

# these should be used in tests
export SSH SSHD SSHAGENT SSHADD SSHKEYGEN SSHKEYSCAN SFTP SFTPSERVER
#echo $SSH $SSHD $SSHAGENT $SSHADD $SSHKEYGEN $SSHKEYSCAN $SFTP $SFTPSERVER

# helper
echon()
{
       if [ "x`echo -n`" = "x" ]; then
               echo -n "$@"
       elif [ "x`echo '\c'`" = "x" ]; then
               echo "$@\c"
       else
               fatal "Don't know how to echo without newline."
       fi
}

have_prog()
{
	saved_IFS="$IFS"
	IFS=":"
	for i in $PATH
	do
		if [ -x $i/$1 ]; then
			IFS="$saved_IFS"
			return 0
		fi
	done
	IFS="$saved_IFS"
	return 1
}

cleanup ()
{
	if [ -f $PIDFILE ]; then
		pid=`cat $PIDFILE`
		if [ "X$pid" = "X" ]; then
			echo no sshd running
		else
			if [ $pid -lt 2 ]; then
				echo bad pid for ssd: $pid
			else
				$SUDO kill $pid
			fi
		fi
	fi
}

trace ()
{
	if [ "X$TEST_SSH_TRACE" = "Xyes" ]; then
		echo "$@"
	fi
}

verbose ()
{
	if [ "X$TEST_SSH_QUIET" != "Xyes" ]; then
		echo "$@"
	fi
}


fail ()
{
	RESULT=1
	echo "$@"
}

fatal ()
{
	echon "FATAL: "
	fail "$@"
	cleanup
	exit $RESULT
}

RESULT=0
PIDFILE=$OBJ/pidfile

trap fatal 3 2

# create server config
cat << EOF > $OBJ/sshd_config
	Port			$PORT
	ListenAddress		127.0.0.1
	#ListenAddress		::1
	PidFile			$PIDFILE
	AuthorizedKeysFile	$OBJ/authorized_keys_%u
	LogLevel		QUIET
	AcceptEnv		_XXX_TEST_*
	AcceptEnv		_XXX_TEST
	StrictModes		no
EOF

# server config for proxy connects
cp $OBJ/sshd_config $OBJ/sshd_proxy

# allow group-writable directories in proxy-mode
echo 'StrictModes no' >> $OBJ/sshd_proxy

# create client config
cat << EOF > $OBJ/ssh_config
Host *
	Hostname		127.0.0.1
	HostKeyAlias		localhost-with-alias
	Port			$PORT
	User			$USER
	GlobalKnownHostsFile	$OBJ/known_hosts
	UserKnownHostsFile	$OBJ/known_hosts
	RSAAuthentication	yes
	PubkeyAuthentication	yes
	ChallengeResponseAuthentication	no
	HostbasedAuthentication	no
	PasswordAuthentication	no
	RhostsRSAAuthentication	no
	BatchMode		yes
	StrictHostKeyChecking	yes
EOF

rm -f $OBJ/known_hosts $OBJ/authorized_keys_$USER

trace "generate keys"
for t in rsa rsa1; do
	# generate user key
	rm -f $OBJ/$t
	${SSHKEYGEN} -q -N '' -t $t  -f $OBJ/$t ||\
		fail "ssh-keygen for $t failed"

	# known hosts file for client
	(
		echon 'localhost-with-alias,127.0.0.1,::1 '
		cat $OBJ/$t.pub
	) >> $OBJ/known_hosts

	# setup authorized keys
	cat $OBJ/$t.pub >> $OBJ/authorized_keys_$USER
	echo IdentityFile $OBJ/$t >> $OBJ/ssh_config

	# use key as host key, too
	$SUDO cp $OBJ/$t $OBJ/host.$t
	echo HostKey $OBJ/host.$t >> $OBJ/sshd_config

	# don't use SUDO for proxy connect
	echo HostKey $OBJ/$t >> $OBJ/sshd_proxy
done
chmod 644 $OBJ/authorized_keys_$USER

# create a proxy version of the client config
(
	cat $OBJ/ssh_config
	echo proxycommand ${SUDO} ${SSHD} -i -f $OBJ/sshd_proxy
) > $OBJ/ssh_proxy

# check proxy config
${SSHD} -t -f $OBJ/sshd_proxy	|| fatal "sshd_proxy broken"

start_sshd ()
{
	# start sshd
	$SUDO ${SSHD} -f $OBJ/sshd_config -t	|| fatal "sshd_config broken"
	$SUDO ${SSHD} -f $OBJ/sshd_config

	trace "wait for sshd"
	i=0;
	while [ ! -f $PIDFILE -a $i -lt 10 ]; do
		i=`expr $i + 1`
		sleep $i
	done

	test -f $PIDFILE || fatal "no sshd running on port $PORT"
}

# source test body
. $SCRIPT

# kill sshd
cleanup
if [ $RESULT -eq 0 ]; then
	verbose ok $tid
else
	echo failed $tid
fi
exit $RESULT
Commit	Line	Data
1b0a92c0	1	# $OpenBSD: test-exec.sh,v 1.16 2004/04/27 09:47:30 djm Exp $
836d58d7	2	# Placed in the Public Domain.
	3
	4	PORT=4242
836d58d7	5	#SUDO=sudo
836d58d7	6
4638d96a	7	if [ -x /usr/ucb/whoami ]; then
4638d96a	8	USER=`/usr/ucb/whoami`
c1b10a96	9	elif whoami >/dev/null 2>&1; then
4638d96a	10	USER=`whoami`
	11	else
	12	USER=`id -un`
	13	fi
	14
836d58d7	15	OBJ=$1
	16	if [ "x$OBJ" = "x" ]; then
	17	echo '$OBJ not defined'
	18	exit 2
	19	fi
	20	if [ ! -d $OBJ ]; then
	21	echo "not a directory: $OBJ"
	22	exit 2
	23	fi
	24	SCRIPT=$2
	25	if [ "x$SCRIPT" = "x" ]; then
	26	echo '$SCRIPT not defined'
	27	exit 2
	28	fi
	29	if [ ! -f $SCRIPT ]; then
	30	echo "not a file: $SCRIPT"
	31	exit 2
	32	fi
006cb311	33	if $TEST_SHELL -n $SCRIPT; then
836d58d7	34	true
	35	else
	36	echo "syntax error in $SCRIPT"
	37	exit 2
	38	fi
	39	unset SSH_AUTH_SOCK
	40
	41	# defaults
	42	SSH=ssh
	43	SSHD=sshd
	44	SSHAGENT=ssh-agent
	45	SSHADD=ssh-add
	46	SSHKEYGEN=ssh-keygen
	47	SSHKEYSCAN=ssh-keyscan
	48	SFTP=sftp
	49	SFTPSERVER=/usr/libexec/openssh/sftp-server
	50
	51	if [ "x$TEST_SSH_SSH" != "x" ]; then
dd75dc6d	52	SSH="${TEST_SSH_SSH}"
836d58d7	53	fi
836d58d7	54	if [ "x$TEST_SSH_SSHD" != "x" ]; then
dd75dc6d	55	SSHD="${TEST_SSH_SSHD}"
836d58d7	56	fi
836d58d7	57	if [ "x$TEST_SSH_SSHAGENT" != "x" ]; then
dd75dc6d	58	SSHAGENT="${TEST_SSH_SSHAGENT}"
836d58d7	59	fi
836d58d7	60	if [ "x$TEST_SSH_SSHADD" != "x" ]; then
dd75dc6d	61	SSHADD="${TEST_SSH_SSHADD}"
836d58d7	62	fi
836d58d7	63	if [ "x$TEST_SSH_SSHKEYGEN" != "x" ]; then
dd75dc6d	64	SSHKEYGEN="${TEST_SSH_SSHKEYGEN}"
836d58d7	65	fi
836d58d7	66	if [ "x$TEST_SSH_SSHKEYSCAN" != "x" ]; then
dd75dc6d	67	SSHKEYSCAN="${TEST_SSH_SSHKEYSCAN}"
836d58d7	68	fi
836d58d7	69	if [ "x$TEST_SSH_SFTP" != "x" ]; then
dd75dc6d	70	SFTP="${TEST_SSH_SFTP}"
836d58d7	71	fi
836d58d7	72	if [ "x$TEST_SSH_SFTPSERVER" != "x" ]; then
dd75dc6d	73	SFTPSERVER="${TEST_SSH_SFTPSERVER}"
836d58d7	74	fi
	75
	76	# these should be used in tests
	77	export SSH SSHD SSHAGENT SSHADD SSHKEYGEN SSHKEYSCAN SFTP SFTPSERVER
	78	#echo $SSH $SSHD $SSHAGENT $SSHADD $SSHKEYGEN $SSHKEYSCAN $SFTP $SFTPSERVER
	79
	80	# helper
c7751424	81	echon()
	82	{
	83	if [ "x`echo -n`" = "x" ]; then
	84	echo -n "$@"
	85	elif [ "x`echo '\c'`" = "x" ]; then
	86	echo "$@\c"
	87	else
	88	fatal "Don't know how to echo without newline."
	89	fi
	90	}
	91
c1b10a96	92	have_prog()
	93	{
	94	saved_IFS="$IFS"
	95	IFS=":"
	96	for i in $PATH
	97	do
	98	if [ -x $i/$1 ]; then
	99	IFS="$saved_IFS"
	100	return 0
	101	fi
	102	done
	103	IFS="$saved_IFS"
	104	return 1
	105	}
	106
836d58d7	107	cleanup ()
	108	{
	109	if [ -f $PIDFILE ]; then
	110	pid=`cat $PIDFILE`
	111	if [ "X$pid" = "X" ]; then
	112	echo no sshd running
	113	else
	114	if [ $pid -lt 2 ]; then
	115	echo bad pid for ssd: $pid
	116	else
	117	$SUDO kill $pid
	118	fi
	119	fi
	120	fi
	121	}
	122
	123	trace ()
	124	{
	125	if [ "X$TEST_SSH_TRACE" = "Xyes" ]; then
	126	echo "$@"
	127	fi
	128	}
	129
	130	verbose ()
	131	{
	132	if [ "X$TEST_SSH_QUIET" != "Xyes" ]; then
	133	echo "$@"
	134	fi
	135	}
	136
	137
	138	fail ()
	139	{
	140	RESULT=1
	141	echo "$@"
	142	}
	143
	144	fatal ()
	145	{
c7751424	146	echon "FATAL: "
836d58d7	147	fail "$@"
	148	cleanup
	149	exit $RESULT
	150	}
	151
	152	RESULT=0
	153	PIDFILE=$OBJ/pidfile
	154
	155	trap fatal 3 2
	156
	157	# create server config
	158	cat << EOF > $OBJ/sshd_config
	159	Port $PORT
	160	ListenAddress 127.0.0.1
	161	#ListenAddress ::1
	162	PidFile $PIDFILE
	163	AuthorizedKeysFile $OBJ/authorized_keys_%u
	164	LogLevel QUIET
1b0a92c0	165	AcceptEnv _XXX_TEST_*
1b0a92c0	166	AcceptEnv _XXX_TEST
4638d96a	167	StrictModes no
836d58d7	168	EOF
	169
	170	# server config for proxy connects
	171	cp $OBJ/sshd_config $OBJ/sshd_proxy
	172
	173	# allow group-writable directories in proxy-mode
	174	echo 'StrictModes no' >> $OBJ/sshd_proxy
	175
	176	# create client config
	177	cat << EOF > $OBJ/ssh_config
	178	Host *
	179	Hostname 127.0.0.1
	180	HostKeyAlias localhost-with-alias
	181	Port $PORT
	182	User $USER
	183	GlobalKnownHostsFile $OBJ/known_hosts
	184	UserKnownHostsFile $OBJ/known_hosts
	185	RSAAuthentication yes
	186	PubkeyAuthentication yes
	187	ChallengeResponseAuthentication no
	188	HostbasedAuthentication no
	189	PasswordAuthentication no
836d58d7	190	RhostsRSAAuthentication no
	191	BatchMode yes
	192	StrictHostKeyChecking yes
	193	EOF
	194
	195	rm -f $OBJ/known_hosts $OBJ/authorized_keys_$USER
	196
	197	trace "generate keys"
	198	for t in rsa rsa1; do
	199	# generate user key
	200	rm -f $OBJ/$t
	201	${SSHKEYGEN} -q -N '' -t $t -f $OBJ/$t \|\|\
	202	fail "ssh-keygen for $t failed"
	203
	204	# known hosts file for client
	205	(
c7751424	206	echon 'localhost-with-alias,127.0.0.1,::1 '
836d58d7	207	cat $OBJ/$t.pub
	208	) >> $OBJ/known_hosts
	209
	210	# setup authorized keys
	211	cat $OBJ/$t.pub >> $OBJ/authorized_keys_$USER
	212	echo IdentityFile $OBJ/$t >> $OBJ/ssh_config
	213
	214	# use key as host key, too
	215	$SUDO cp $OBJ/$t $OBJ/host.$t
	216	echo HostKey $OBJ/host.$t >> $OBJ/sshd_config
	217
	218	# don't use SUDO for proxy connect
	219	echo HostKey $OBJ/$t >> $OBJ/sshd_proxy
	220	done
	221	chmod 644 $OBJ/authorized_keys_$USER
	222
	223	# create a proxy version of the client config
	224	(
	225	cat $OBJ/ssh_config
4638d96a	226	echo proxycommand ${SUDO} ${SSHD} -i -f $OBJ/sshd_proxy
836d58d7	227	) > $OBJ/ssh_proxy
	228
	229	# check proxy config
	230	${SSHD} -t -f $OBJ/sshd_proxy \|\| fatal "sshd_proxy broken"
	231
	232	start_sshd ()
	233	{
	234	# start sshd
	235	$SUDO ${SSHD} -f $OBJ/sshd_config -t \|\| fatal "sshd_config broken"
	236	$SUDO ${SSHD} -f $OBJ/sshd_config
	237
	238	trace "wait for sshd"
	239	i=0;
4638d96a	240	while [ ! -f $PIDFILE -a $i -lt 10 ]; do
836d58d7	241	i=`expr $i + 1`
	242	sleep $i
	243	done
	244
	245	test -f $PIDFILE \|\| fatal "no sshd running on port $PORT"
	246	}
	247
	248	# source test body
	249	. $SCRIPT
	250
	251	# kill sshd
	252	cleanup
	253	if [ $RESULT -eq 0 ]; then
	254	verbose ok $tid
	255	else
	256	echo failed $tid
	257	fi
	258	exit $RESULT