[openssh.git] / regress / test-exec.sh

#	$OpenBSD: test-exec.sh,v 1.14 2002/04/15 15:19:48 markus Exp $
#	Placed in the Public Domain.

PORT=4242
USER=`id -un`
SUDO=
#SUDO=sudo

OBJ=$1
if [ "x$OBJ" = "x" ]; then
	echo '$OBJ not defined'
	exit 2
fi
if [ ! -d $OBJ ]; then
	echo "not a directory: $OBJ"
	exit 2
fi
SCRIPT=$2
if [ "x$SCRIPT" = "x" ]; then
	echo '$SCRIPT not defined'
	exit 2
fi
if [ ! -f $SCRIPT ]; then
	echo "not a file: $SCRIPT"
	exit 2
fi
if sh -n $SCRIPT; then
	true
else
	echo "syntax error in $SCRIPT"
	exit 2
fi
unset SSH_AUTH_SOCK

# defaults
SSH=ssh
SSHD=sshd
SSHAGENT=ssh-agent
SSHADD=ssh-add
SSHKEYGEN=ssh-keygen
SSHKEYSCAN=ssh-keyscan
SFTP=sftp
SFTPSERVER=/usr/libexec/openssh/sftp-server

if [ "x$TEST_SSH_SSH" != "x" ]; then
	SSH=${TEST_SSH_SSH}
fi
if [ "x$TEST_SSH_SSHD" != "x" ]; then
	SSHD=${TEST_SSH_SSHD}
fi
if [ "x$TEST_SSH_SSHAGENT" != "x" ]; then
	SSHAGENT=${TEST_SSH_SSHAGENT}
fi
if [ "x$TEST_SSH_SSHADD" != "x" ]; then
	SSHADD=${TEST_SSH_SSHADD}
fi
if [ "x$TEST_SSH_SSHKEYGEN" != "x" ]; then
	SSHKEYGEN=${TEST_SSH_SSHKEYGEN}
fi
if [ "x$TEST_SSH_SSHKEYSCAN" != "x" ]; then
	SSHKEYSCAN=${TEST_SSH_SSHKEYSCAN}
fi
if [ "x$TEST_SSH_SFTP" != "x" ]; then
	SFTP=${TEST_SSH_SFTP}
fi
if [ "x$TEST_SSH_SFTPSERVER" != "x" ]; then
	SFTPSERVER=${TEST_SSH_SFTPSERVER}
fi

# these should be used in tests
export SSH SSHD SSHAGENT SSHADD SSHKEYGEN SSHKEYSCAN SFTP SFTPSERVER
#echo $SSH $SSHD $SSHAGENT $SSHADD $SSHKEYGEN $SSHKEYSCAN $SFTP $SFTPSERVER

# helper
echon()
{
       if [ "x`echo -n`" = "x" ]; then
               echo -n "$@"
       elif [ "x`echo '\c'`" = "x" ]; then
               echo "$@\c"
       else
               fatal "Don't know how to echo without newline."
       fi
}

cleanup ()
{
	if [ -f $PIDFILE ]; then
		pid=`cat $PIDFILE`
		if [ "X$pid" = "X" ]; then
			echo no sshd running
		else
			if [ $pid -lt 2 ]; then
				echo bad pid for ssd: $pid
			else
				$SUDO kill $pid
			fi
		fi
	fi
}

trace ()
{
	if [ "X$TEST_SSH_TRACE" = "Xyes" ]; then
		echo "$@"
	fi
}

verbose ()
{
	if [ "X$TEST_SSH_QUIET" != "Xyes" ]; then
		echo "$@"
	fi
}


fail ()
{
	RESULT=1
	echo "$@"
}

fatal ()
{
	echon "FATAL: "
	fail "$@"
	cleanup
	exit $RESULT
}

RESULT=0
PIDFILE=$OBJ/pidfile

trap fatal 3 2

# create server config
cat << EOF > $OBJ/sshd_config
	Port			$PORT
	ListenAddress		127.0.0.1
	#ListenAddress		::1
	PidFile			$PIDFILE
	AuthorizedKeysFile	$OBJ/authorized_keys_%u
	LogLevel		QUIET
EOF

# server config for proxy connects
cp $OBJ/sshd_config $OBJ/sshd_proxy

# allow group-writable directories in proxy-mode
echo 'StrictModes no' >> $OBJ/sshd_proxy

# create client config
cat << EOF > $OBJ/ssh_config
Host *
	Hostname		127.0.0.1
	HostKeyAlias		localhost-with-alias
	Port			$PORT
	User			$USER
	GlobalKnownHostsFile	$OBJ/known_hosts
	UserKnownHostsFile	$OBJ/known_hosts
	RSAAuthentication	yes
	PubkeyAuthentication	yes
	ChallengeResponseAuthentication	no
	HostbasedAuthentication	no
	PasswordAuthentication	no
	RhostsAuthentication	no
	RhostsRSAAuthentication	no
	BatchMode		yes
	StrictHostKeyChecking	yes
EOF

rm -f $OBJ/known_hosts $OBJ/authorized_keys_$USER

trace "generate keys"
for t in rsa rsa1; do
	# generate user key
	rm -f $OBJ/$t
	${SSHKEYGEN} -q -N '' -t $t  -f $OBJ/$t ||\
		fail "ssh-keygen for $t failed"

	# known hosts file for client
	(
		echon 'localhost-with-alias,127.0.0.1,::1 '
		cat $OBJ/$t.pub
	) >> $OBJ/known_hosts

	# setup authorized keys
	cat $OBJ/$t.pub >> $OBJ/authorized_keys_$USER
	echo IdentityFile $OBJ/$t >> $OBJ/ssh_config

	# use key as host key, too
	$SUDO cp $OBJ/$t $OBJ/host.$t
	echo HostKey $OBJ/host.$t >> $OBJ/sshd_config

	# don't use SUDO for proxy connect
	echo HostKey $OBJ/$t >> $OBJ/sshd_proxy
done
chmod 644 $OBJ/authorized_keys_$USER

# create a proxy version of the client config
(
	cat $OBJ/ssh_config
	echo proxycommand ${SSHD} -i -f $OBJ/sshd_proxy
) > $OBJ/ssh_proxy

# check proxy config
${SSHD} -t -f $OBJ/sshd_proxy	|| fatal "sshd_proxy broken"

start_sshd ()
{
	# start sshd
	$SUDO ${SSHD} -f $OBJ/sshd_config -t	|| fatal "sshd_config broken"
	$SUDO ${SSHD} -f $OBJ/sshd_config

	trace "wait for sshd"
	i=0;
	while [ ! -f $PIDFILE -a $i -lt 5 ]; do
		i=`expr $i + 1`
		sleep $i
	done

	test -f $PIDFILE || fatal "no sshd running on port $PORT"
}

# source test body
. $SCRIPT

# kill sshd
cleanup
if [ $RESULT -eq 0 ]; then
	verbose ok $tid
else
	echo failed $tid
fi
exit $RESULT
Commit	Line	Data
836d58d7	1	# $OpenBSD: test-exec.sh,v 1.14 2002/04/15 15:19:48 markus Exp $
	2	# Placed in the Public Domain.
	3
	4	PORT=4242
	5	USER=`id -un`
	6	SUDO=
	7	#SUDO=sudo
	8
	9	OBJ=$1
	10	if [ "x$OBJ" = "x" ]; then
	11	echo '$OBJ not defined'
	12	exit 2
	13	fi
	14	if [ ! -d $OBJ ]; then
	15	echo "not a directory: $OBJ"
	16	exit 2
	17	fi
	18	SCRIPT=$2
	19	if [ "x$SCRIPT" = "x" ]; then
	20	echo '$SCRIPT not defined'
	21	exit 2
	22	fi
	23	if [ ! -f $SCRIPT ]; then
	24	echo "not a file: $SCRIPT"
	25	exit 2
	26	fi
	27	if sh -n $SCRIPT; then
	28	true
	29	else
	30	echo "syntax error in $SCRIPT"
	31	exit 2
	32	fi
	33	unset SSH_AUTH_SOCK
	34
	35	# defaults
	36	SSH=ssh
	37	SSHD=sshd
	38	SSHAGENT=ssh-agent
	39	SSHADD=ssh-add
	40	SSHKEYGEN=ssh-keygen
	41	SSHKEYSCAN=ssh-keyscan
	42	SFTP=sftp
	43	SFTPSERVER=/usr/libexec/openssh/sftp-server
	44
	45	if [ "x$TEST_SSH_SSH" != "x" ]; then
	46	SSH=${TEST_SSH_SSH}
	47	fi
	48	if [ "x$TEST_SSH_SSHD" != "x" ]; then
	49	SSHD=${TEST_SSH_SSHD}
	50	fi
	51	if [ "x$TEST_SSH_SSHAGENT" != "x" ]; then
	52	SSHAGENT=${TEST_SSH_SSHAGENT}
	53	fi
	54	if [ "x$TEST_SSH_SSHADD" != "x" ]; then
	55	SSHADD=${TEST_SSH_SSHADD}
	56	fi
	57	if [ "x$TEST_SSH_SSHKEYGEN" != "x" ]; then
	58	SSHKEYGEN=${TEST_SSH_SSHKEYGEN}
	59	fi
	60	if [ "x$TEST_SSH_SSHKEYSCAN" != "x" ]; then
	61	SSHKEYSCAN=${TEST_SSH_SSHKEYSCAN}
	62	fi
	63	if [ "x$TEST_SSH_SFTP" != "x" ]; then
	64	SFTP=${TEST_SSH_SFTP}
65	fi
66	if [ "x$TEST_SSH_SFTPSERVER" != "x" ]; then
67	SFTPSERVER=${TEST_SSH_SFTPSERVER}
68	fi
69
70	# these should be used in tests
71	export SSH SSHD SSHAGENT SSHADD SSHKEYGEN SSHKEYSCAN SFTP SFTPSERVER
72	#echo $SSH $SSHD $SSHAGENT $SSHADD $SSHKEYGEN $SSHKEYSCAN $SFTP $SFTPSERVER
73
74	# helper
c7751424	75	echon()
	76	{
	77	if [ "x`echo -n`" = "x" ]; then
	78	echo -n "$@"
	79	elif [ "x`echo '\c'`" = "x" ]; then
	80	echo "$@\c"
	81	else
	82	fatal "Don't know how to echo without newline."
	83	fi
	84	}
	85
836d58d7	86	cleanup ()
	87	{
	88	if [ -f $PIDFILE ]; then
	89	pid=`cat $PIDFILE`
	90	if [ "X$pid" = "X" ]; then
	91	echo no sshd running
	92	else
	93	if [ $pid -lt 2 ]; then
	94	echo bad pid for ssd: $pid
	95	else
	96	$SUDO kill $pid
	97	fi
	98	fi
	99	fi
	100	}
	101
	102	trace ()
	103	{
	104	if [ "X$TEST_SSH_TRACE" = "Xyes" ]; then
	105	echo "$@"
	106	fi
	107	}
	108
	109	verbose ()
	110	{
	111	if [ "X$TEST_SSH_QUIET" != "Xyes" ]; then
	112	echo "$@"
	113	fi
	114	}
	115
	116
	117	fail ()
	118	{
	119	RESULT=1
	120	echo "$@"
	121	}
	122
	123	fatal ()
	124	{
c7751424	125	echon "FATAL: "
836d58d7	126	fail "$@"
	127	cleanup
	128	exit $RESULT
	129	}
	130
	131	RESULT=0
	132	PIDFILE=$OBJ/pidfile
	133
	134	trap fatal 3 2
	135
	136	# create server config
	137	cat << EOF > $OBJ/sshd_config
	138	Port $PORT
	139	ListenAddress 127.0.0.1
	140	#ListenAddress ::1
	141	PidFile $PIDFILE
	142	AuthorizedKeysFile $OBJ/authorized_keys_%u
	143	LogLevel QUIET
	144	EOF
	145
	146	# server config for proxy connects
	147	cp $OBJ/sshd_config $OBJ/sshd_proxy
	148
	149	# allow group-writable directories in proxy-mode
	150	echo 'StrictModes no' >> $OBJ/sshd_proxy
	151
	152	# create client config
	153	cat << EOF > $OBJ/ssh_config
	154	Host *
	155	Hostname 127.0.0.1
	156	HostKeyAlias localhost-with-alias
	157	Port $PORT
	158	User $USER
	159	GlobalKnownHostsFile $OBJ/known_hosts
	160	UserKnownHostsFile $OBJ/known_hosts
	161	RSAAuthentication yes
	162	PubkeyAuthentication yes
	163	ChallengeResponseAuthentication no
	164	HostbasedAuthentication no
	165	PasswordAuthentication no
	166	RhostsAuthentication no
	167	RhostsRSAAuthentication no
	168	BatchMode yes
	169	StrictHostKeyChecking yes
	170	EOF
	171
	172	rm -f $OBJ/known_hosts $OBJ/authorized_keys_$USER
	173
	174	trace "generate keys"
	175	for t in rsa rsa1; do
	176	# generate user key
	177	rm -f $OBJ/$t
	178	${SSHKEYGEN} -q -N '' -t $t -f $OBJ/$t \|\|\
	179	fail "ssh-keygen for $t failed"
	180
	181	# known hosts file for client
	182	(
c7751424	183	echon 'localhost-with-alias,127.0.0.1,::1 '
836d58d7	184	cat $OBJ/$t.pub
	185	) >> $OBJ/known_hosts
	186
	187	# setup authorized keys
	188	cat $OBJ/$t.pub >> $OBJ/authorized_keys_$USER
	189	echo IdentityFile $OBJ/$t >> $OBJ/ssh_config
	190
	191	# use key as host key, too
	192	$SUDO cp $OBJ/$t $OBJ/host.$t
	193	echo HostKey $OBJ/host.$t >> $OBJ/sshd_config
	194
	195	# don't use SUDO for proxy connect
	196	echo HostKey $OBJ/$t >> $OBJ/sshd_proxy
	197	done
	198	chmod 644 $OBJ/authorized_keys_$USER
	199
	200	# create a proxy version of the client config
	201	(
	202	cat $OBJ/ssh_config
	203	echo proxycommand ${SSHD} -i -f $OBJ/sshd_proxy
	204	) > $OBJ/ssh_proxy
	205
	206	# check proxy config
	207	${SSHD} -t -f $OBJ/sshd_proxy \|\| fatal "sshd_proxy broken"
	208
	209	start_sshd ()
	210	{
	211	# start sshd
	212	$SUDO ${SSHD} -f $OBJ/sshd_config -t \|\| fatal "sshd_config broken"
	213	$SUDO ${SSHD} -f $OBJ/sshd_config
	214
	215	trace "wait for sshd"
	216	i=0;
	217	while [ ! -f $PIDFILE -a $i -lt 5 ]; do
	218	i=`expr $i + 1`
	219	sleep $i
	220	done
	221
	222	test -f $PIDFILE \|\| fatal "no sshd running on port $PORT"
	223	}
	224
	225	# source test body
	226	. $SCRIPT
	227
	228	# kill sshd
	229	cleanup
	230	if [ $RESULT -eq 0 ]; then
	231	verbose ok $tid
	232	else
	233	echo failed $tid
	234	fi
	235	exit $RESULT