]>
Commit | Line | Data |
---|---|---|
836d58d7 | 1 | # $OpenBSD: test-exec.sh,v 1.14 2002/04/15 15:19:48 markus Exp $ |
2 | # Placed in the Public Domain. | |
3 | ||
4 | PORT=4242 | |
5 | USER=`id -un` | |
6 | SUDO= | |
7 | #SUDO=sudo | |
8 | ||
9 | OBJ=$1 | |
10 | if [ "x$OBJ" = "x" ]; then | |
11 | echo '$OBJ not defined' | |
12 | exit 2 | |
13 | fi | |
14 | if [ ! -d $OBJ ]; then | |
15 | echo "not a directory: $OBJ" | |
16 | exit 2 | |
17 | fi | |
18 | SCRIPT=$2 | |
19 | if [ "x$SCRIPT" = "x" ]; then | |
20 | echo '$SCRIPT not defined' | |
21 | exit 2 | |
22 | fi | |
23 | if [ ! -f $SCRIPT ]; then | |
24 | echo "not a file: $SCRIPT" | |
25 | exit 2 | |
26 | fi | |
27 | if sh -n $SCRIPT; then | |
28 | true | |
29 | else | |
30 | echo "syntax error in $SCRIPT" | |
31 | exit 2 | |
32 | fi | |
33 | unset SSH_AUTH_SOCK | |
34 | ||
35 | # defaults | |
36 | SSH=ssh | |
37 | SSHD=sshd | |
38 | SSHAGENT=ssh-agent | |
39 | SSHADD=ssh-add | |
40 | SSHKEYGEN=ssh-keygen | |
41 | SSHKEYSCAN=ssh-keyscan | |
42 | SFTP=sftp | |
43 | SFTPSERVER=/usr/libexec/openssh/sftp-server | |
44 | ||
45 | if [ "x$TEST_SSH_SSH" != "x" ]; then | |
46 | SSH=${TEST_SSH_SSH} | |
47 | fi | |
48 | if [ "x$TEST_SSH_SSHD" != "x" ]; then | |
49 | SSHD=${TEST_SSH_SSHD} | |
50 | fi | |
51 | if [ "x$TEST_SSH_SSHAGENT" != "x" ]; then | |
52 | SSHAGENT=${TEST_SSH_SSHAGENT} | |
53 | fi | |
54 | if [ "x$TEST_SSH_SSHADD" != "x" ]; then | |
55 | SSHADD=${TEST_SSH_SSHADD} | |
56 | fi | |
57 | if [ "x$TEST_SSH_SSHKEYGEN" != "x" ]; then | |
58 | SSHKEYGEN=${TEST_SSH_SSHKEYGEN} | |
59 | fi | |
60 | if [ "x$TEST_SSH_SSHKEYSCAN" != "x" ]; then | |
61 | SSHKEYSCAN=${TEST_SSH_SSHKEYSCAN} | |
62 | fi | |
63 | if [ "x$TEST_SSH_SFTP" != "x" ]; then | |
64 | SFTP=${TEST_SSH_SFTP} | |
65 | fi | |
66 | if [ "x$TEST_SSH_SFTPSERVER" != "x" ]; then | |
67 | SFTPSERVER=${TEST_SSH_SFTPSERVER} | |
68 | fi | |
69 | ||
70 | # these should be used in tests | |
71 | export SSH SSHD SSHAGENT SSHADD SSHKEYGEN SSHKEYSCAN SFTP SFTPSERVER | |
72 | #echo $SSH $SSHD $SSHAGENT $SSHADD $SSHKEYGEN $SSHKEYSCAN $SFTP $SFTPSERVER | |
73 | ||
74 | # helper | |
c7751424 | 75 | echon() |
76 | { | |
77 | if [ "x`echo -n`" = "x" ]; then | |
78 | echo -n "$@" | |
79 | elif [ "x`echo '\c'`" = "x" ]; then | |
80 | echo "$@\c" | |
81 | else | |
82 | fatal "Don't know how to echo without newline." | |
83 | fi | |
84 | } | |
85 | ||
836d58d7 | 86 | cleanup () |
87 | { | |
88 | if [ -f $PIDFILE ]; then | |
89 | pid=`cat $PIDFILE` | |
90 | if [ "X$pid" = "X" ]; then | |
91 | echo no sshd running | |
92 | else | |
93 | if [ $pid -lt 2 ]; then | |
94 | echo bad pid for ssd: $pid | |
95 | else | |
96 | $SUDO kill $pid | |
97 | fi | |
98 | fi | |
99 | fi | |
100 | } | |
101 | ||
102 | trace () | |
103 | { | |
104 | if [ "X$TEST_SSH_TRACE" = "Xyes" ]; then | |
105 | echo "$@" | |
106 | fi | |
107 | } | |
108 | ||
109 | verbose () | |
110 | { | |
111 | if [ "X$TEST_SSH_QUIET" != "Xyes" ]; then | |
112 | echo "$@" | |
113 | fi | |
114 | } | |
115 | ||
116 | ||
117 | fail () | |
118 | { | |
119 | RESULT=1 | |
120 | echo "$@" | |
121 | } | |
122 | ||
123 | fatal () | |
124 | { | |
c7751424 | 125 | echon "FATAL: " |
836d58d7 | 126 | fail "$@" |
127 | cleanup | |
128 | exit $RESULT | |
129 | } | |
130 | ||
131 | RESULT=0 | |
132 | PIDFILE=$OBJ/pidfile | |
133 | ||
134 | trap fatal 3 2 | |
135 | ||
136 | # create server config | |
137 | cat << EOF > $OBJ/sshd_config | |
138 | Port $PORT | |
139 | ListenAddress 127.0.0.1 | |
140 | #ListenAddress ::1 | |
141 | PidFile $PIDFILE | |
142 | AuthorizedKeysFile $OBJ/authorized_keys_%u | |
143 | LogLevel QUIET | |
144 | EOF | |
145 | ||
146 | # server config for proxy connects | |
147 | cp $OBJ/sshd_config $OBJ/sshd_proxy | |
148 | ||
149 | # allow group-writable directories in proxy-mode | |
150 | echo 'StrictModes no' >> $OBJ/sshd_proxy | |
151 | ||
152 | # create client config | |
153 | cat << EOF > $OBJ/ssh_config | |
154 | Host * | |
155 | Hostname 127.0.0.1 | |
156 | HostKeyAlias localhost-with-alias | |
157 | Port $PORT | |
158 | User $USER | |
159 | GlobalKnownHostsFile $OBJ/known_hosts | |
160 | UserKnownHostsFile $OBJ/known_hosts | |
161 | RSAAuthentication yes | |
162 | PubkeyAuthentication yes | |
163 | ChallengeResponseAuthentication no | |
164 | HostbasedAuthentication no | |
165 | PasswordAuthentication no | |
166 | RhostsAuthentication no | |
167 | RhostsRSAAuthentication no | |
168 | BatchMode yes | |
169 | StrictHostKeyChecking yes | |
170 | EOF | |
171 | ||
172 | rm -f $OBJ/known_hosts $OBJ/authorized_keys_$USER | |
173 | ||
174 | trace "generate keys" | |
175 | for t in rsa rsa1; do | |
176 | # generate user key | |
177 | rm -f $OBJ/$t | |
178 | ${SSHKEYGEN} -q -N '' -t $t -f $OBJ/$t ||\ | |
179 | fail "ssh-keygen for $t failed" | |
180 | ||
181 | # known hosts file for client | |
182 | ( | |
c7751424 | 183 | echon 'localhost-with-alias,127.0.0.1,::1 ' |
836d58d7 | 184 | cat $OBJ/$t.pub |
185 | ) >> $OBJ/known_hosts | |
186 | ||
187 | # setup authorized keys | |
188 | cat $OBJ/$t.pub >> $OBJ/authorized_keys_$USER | |
189 | echo IdentityFile $OBJ/$t >> $OBJ/ssh_config | |
190 | ||
191 | # use key as host key, too | |
192 | $SUDO cp $OBJ/$t $OBJ/host.$t | |
193 | echo HostKey $OBJ/host.$t >> $OBJ/sshd_config | |
194 | ||
195 | # don't use SUDO for proxy connect | |
196 | echo HostKey $OBJ/$t >> $OBJ/sshd_proxy | |
197 | done | |
198 | chmod 644 $OBJ/authorized_keys_$USER | |
199 | ||
200 | # create a proxy version of the client config | |
201 | ( | |
202 | cat $OBJ/ssh_config | |
203 | echo proxycommand ${SSHD} -i -f $OBJ/sshd_proxy | |
204 | ) > $OBJ/ssh_proxy | |
205 | ||
206 | # check proxy config | |
207 | ${SSHD} -t -f $OBJ/sshd_proxy || fatal "sshd_proxy broken" | |
208 | ||
209 | start_sshd () | |
210 | { | |
211 | # start sshd | |
212 | $SUDO ${SSHD} -f $OBJ/sshd_config -t || fatal "sshd_config broken" | |
213 | $SUDO ${SSHD} -f $OBJ/sshd_config | |
214 | ||
215 | trace "wait for sshd" | |
216 | i=0; | |
217 | while [ ! -f $PIDFILE -a $i -lt 5 ]; do | |
218 | i=`expr $i + 1` | |
219 | sleep $i | |
220 | done | |
221 | ||
222 | test -f $PIDFILE || fatal "no sshd running on port $PORT" | |
223 | } | |
224 | ||
225 | # source test body | |
226 | . $SCRIPT | |
227 | ||
228 | # kill sshd | |
229 | cleanup | |
230 | if [ $RESULT -eq 0 ]; then | |
231 | verbose ok $tid | |
232 | else | |
233 | echo failed $tid | |
234 | fi | |
235 | exit $RESULT |