[openssh.git] / regress / test-exec.sh

#	$OpenBSD: test-exec.sh,v 1.19 2004/06/13 15:16:54 djm Exp $
#	Placed in the Public Domain.

PORT=4242
#SUDO=sudo

if [ -x /usr/ucb/whoami ]; then
	USER=`/usr/ucb/whoami`
elif whoami >/dev/null 2>&1; then
	USER=`whoami`
else
	USER=`id -un`
fi

OBJ=$1
if [ "x$OBJ" = "x" ]; then
	echo '$OBJ not defined'
	exit 2
fi
if [ ! -d $OBJ ]; then
	echo "not a directory: $OBJ"
	exit 2
fi
SCRIPT=$2
if [ "x$SCRIPT" = "x" ]; then
	echo '$SCRIPT not defined'
	exit 2
fi
if [ ! -f $SCRIPT ]; then
	echo "not a file: $SCRIPT"
	exit 2
fi
if $TEST_SHELL -n $SCRIPT; then
	true
else
	echo "syntax error in $SCRIPT"
	exit 2
fi
unset SSH_AUTH_SOCK

# defaults
SSH=ssh
SSHD=sshd
SSHAGENT=ssh-agent
SSHADD=ssh-add
SSHKEYGEN=ssh-keygen
SSHKEYSCAN=ssh-keyscan
SFTP=sftp
SFTPSERVER=/usr/libexec/openssh/sftp-server
SCP=scp

if [ "x$TEST_SSH_SSH" != "x" ]; then
	SSH="${TEST_SSH_SSH}"
fi
if [ "x$TEST_SSH_SSHD" != "x" ]; then
	SSHD="${TEST_SSH_SSHD}"
fi
if [ "x$TEST_SSH_SSHAGENT" != "x" ]; then
	SSHAGENT="${TEST_SSH_SSHAGENT}"
fi
if [ "x$TEST_SSH_SSHADD" != "x" ]; then
	SSHADD="${TEST_SSH_SSHADD}"
fi
if [ "x$TEST_SSH_SSHKEYGEN" != "x" ]; then
	SSHKEYGEN="${TEST_SSH_SSHKEYGEN}"
fi
if [ "x$TEST_SSH_SSHKEYSCAN" != "x" ]; then
	SSHKEYSCAN="${TEST_SSH_SSHKEYSCAN}"
fi
if [ "x$TEST_SSH_SFTP" != "x" ]; then
	SFTP="${TEST_SSH_SFTP}"
fi
if [ "x$TEST_SSH_SFTPSERVER" != "x" ]; then
	SFTPSERVER="${TEST_SSH_SFTPSERVER}"
fi
if [ "x$TEST_SSH_SCP" != "x" ]; then
	SCP="${TEST_SSH_SCP}"
fi

# these should be used in tests
export SSH SSHD SSHAGENT SSHADD SSHKEYGEN SSHKEYSCAN SFTP SFTPSERVER SCP
#echo $SSH $SSHD $SSHAGENT $SSHADD $SSHKEYGEN $SSHKEYSCAN $SFTP $SFTPSERVER $SCP

# helper
echon()
{
       if [ "x`echo -n`" = "x" ]; then
               echo -n "$@"
       elif [ "x`echo '\c'`" = "x" ]; then
               echo "$@\c"
       else
               fatal "Don't know how to echo without newline."
       fi
}

have_prog()
{
	saved_IFS="$IFS"
	IFS=":"
	for i in $PATH
	do
		if [ -x $i/$1 ]; then
			IFS="$saved_IFS"
			return 0
		fi
	done
	IFS="$saved_IFS"
	return 1
}

cleanup ()
{
	if [ -f $PIDFILE ]; then
		pid=`cat $PIDFILE`
		if [ "X$pid" = "X" ]; then
			echo no sshd running
		else
			if [ $pid -lt 2 ]; then
				echo bad pid for ssd: $pid
			else
				$SUDO kill $pid
			fi
		fi
	fi
}

trace ()
{
	if [ "X$TEST_SSH_TRACE" = "Xyes" ]; then
		echo "$@"
	fi
}

verbose ()
{
	if [ "X$TEST_SSH_QUIET" != "Xyes" ]; then
		echo "$@"
	fi
}


fail ()
{
	RESULT=1
	echo "$@"
}

fatal ()
{
	echon "FATAL: "
	fail "$@"
	cleanup
	exit $RESULT
}

RESULT=0
PIDFILE=$OBJ/pidfile

trap fatal 3 2

# create server config
cat << EOF > $OBJ/sshd_config
	Port			$PORT
	ListenAddress		127.0.0.1
	#ListenAddress		::1
	PidFile			$PIDFILE
	AuthorizedKeysFile	$OBJ/authorized_keys_%u
	LogLevel		QUIET
	AcceptEnv		_XXX_TEST_*
	AcceptEnv		_XXX_TEST
	Subsystem	sftp	$SFTPSERVER
	StrictModes		no
EOF

# server config for proxy connects
cp $OBJ/sshd_config $OBJ/sshd_proxy

# allow group-writable directories in proxy-mode
echo 'StrictModes no' >> $OBJ/sshd_proxy

# create client config
cat << EOF > $OBJ/ssh_config
Host *
	Hostname		127.0.0.1
	HostKeyAlias		localhost-with-alias
	Port			$PORT
	User			$USER
	GlobalKnownHostsFile	$OBJ/known_hosts
	UserKnownHostsFile	$OBJ/known_hosts
	RSAAuthentication	yes
	PubkeyAuthentication	yes
	ChallengeResponseAuthentication	no
	HostbasedAuthentication	no
	PasswordAuthentication	no
	RhostsRSAAuthentication	no
	BatchMode		yes
	StrictHostKeyChecking	yes
EOF

rm -f $OBJ/known_hosts $OBJ/authorized_keys_$USER

trace "generate keys"
for t in rsa rsa1; do
	# generate user key
	rm -f $OBJ/$t
	${SSHKEYGEN} -q -N '' -t $t  -f $OBJ/$t ||\
		fail "ssh-keygen for $t failed"

	# known hosts file for client
	(
		echon 'localhost-with-alias,127.0.0.1,::1 '
		cat $OBJ/$t.pub
	) >> $OBJ/known_hosts

	# setup authorized keys
	cat $OBJ/$t.pub >> $OBJ/authorized_keys_$USER
	echo IdentityFile $OBJ/$t >> $OBJ/ssh_config

	# use key as host key, too
	$SUDO cp $OBJ/$t $OBJ/host.$t
	echo HostKey $OBJ/host.$t >> $OBJ/sshd_config

	# don't use SUDO for proxy connect
	echo HostKey $OBJ/$t >> $OBJ/sshd_proxy
done
chmod 644 $OBJ/authorized_keys_$USER

# create a proxy version of the client config
(
	cat $OBJ/ssh_config
	echo proxycommand ${SUDO} ${SSHD} -i -f $OBJ/sshd_proxy
) > $OBJ/ssh_proxy

# check proxy config
${SSHD} -t -f $OBJ/sshd_proxy	|| fatal "sshd_proxy broken"

start_sshd ()
{
	# start sshd
	$SUDO ${SSHD} -f $OBJ/sshd_config -t	|| fatal "sshd_config broken"
	$SUDO ${SSHD} -f $OBJ/sshd_config

	trace "wait for sshd"
	i=0;
	while [ ! -f $PIDFILE -a $i -lt 10 ]; do
		i=`expr $i + 1`
		sleep $i
	done

	test -f $PIDFILE || fatal "no sshd running on port $PORT"
}

# source test body
. $SCRIPT

# kill sshd
cleanup
if [ $RESULT -eq 0 ]; then
	verbose ok $tid
else
	echo failed $tid
fi
exit $RESULT
Commit	Line	Data
099e2052	1	# $OpenBSD: test-exec.sh,v 1.19 2004/06/13 15:16:54 djm Exp $
836d58d7	2	# Placed in the Public Domain.
	3
	4	PORT=4242
836d58d7	5	#SUDO=sudo
836d58d7	6
4638d96a	7	if [ -x /usr/ucb/whoami ]; then
4638d96a	8	USER=`/usr/ucb/whoami`
c1b10a96	9	elif whoami >/dev/null 2>&1; then
4638d96a	10	USER=`whoami`
	11	else
	12	USER=`id -un`
	13	fi
	14
836d58d7	15	OBJ=$1
	16	if [ "x$OBJ" = "x" ]; then
	17	echo '$OBJ not defined'
	18	exit 2
	19	fi
	20	if [ ! -d $OBJ ]; then
	21	echo "not a directory: $OBJ"
	22	exit 2
	23	fi
	24	SCRIPT=$2
	25	if [ "x$SCRIPT" = "x" ]; then
	26	echo '$SCRIPT not defined'
	27	exit 2
	28	fi
	29	if [ ! -f $SCRIPT ]; then
	30	echo "not a file: $SCRIPT"
	31	exit 2
	32	fi
006cb311	33	if $TEST_SHELL -n $SCRIPT; then
836d58d7	34	true
	35	else
	36	echo "syntax error in $SCRIPT"
	37	exit 2
	38	fi
	39	unset SSH_AUTH_SOCK
	40
	41	# defaults
	42	SSH=ssh
	43	SSHD=sshd
	44	SSHAGENT=ssh-agent
	45	SSHADD=ssh-add
	46	SSHKEYGEN=ssh-keygen
	47	SSHKEYSCAN=ssh-keyscan
	48	SFTP=sftp
	49	SFTPSERVER=/usr/libexec/openssh/sftp-server
53e2a65c	50	SCP=scp
836d58d7	51
836d58d7	52	if [ "x$TEST_SSH_SSH" != "x" ]; then
dd75dc6d	53	SSH="${TEST_SSH_SSH}"
836d58d7	54	fi
836d58d7	55	if [ "x$TEST_SSH_SSHD" != "x" ]; then
dd75dc6d	56	SSHD="${TEST_SSH_SSHD}"
836d58d7	57	fi
836d58d7	58	if [ "x$TEST_SSH_SSHAGENT" != "x" ]; then
dd75dc6d	59	SSHAGENT="${TEST_SSH_SSHAGENT}"
836d58d7	60	fi
836d58d7	61	if [ "x$TEST_SSH_SSHADD" != "x" ]; then
dd75dc6d	62	SSHADD="${TEST_SSH_SSHADD}"
836d58d7	63	fi
836d58d7	64	if [ "x$TEST_SSH_SSHKEYGEN" != "x" ]; then
dd75dc6d	65	SSHKEYGEN="${TEST_SSH_SSHKEYGEN}"
836d58d7	66	fi
836d58d7	67	if [ "x$TEST_SSH_SSHKEYSCAN" != "x" ]; then
dd75dc6d	68	SSHKEYSCAN="${TEST_SSH_SSHKEYSCAN}"
836d58d7	69	fi
836d58d7	70	if [ "x$TEST_SSH_SFTP" != "x" ]; then
dd75dc6d	71	SFTP="${TEST_SSH_SFTP}"
836d58d7	72	fi
836d58d7	73	if [ "x$TEST_SSH_SFTPSERVER" != "x" ]; then
dd75dc6d	74	SFTPSERVER="${TEST_SSH_SFTPSERVER}"
836d58d7	75	fi
53e2a65c	76	if [ "x$TEST_SSH_SCP" != "x" ]; then
	77	SCP="${TEST_SSH_SCP}"
	78	fi
836d58d7	79
836d58d7	80	# these should be used in tests
53e2a65c	81	export SSH SSHD SSHAGENT SSHADD SSHKEYGEN SSHKEYSCAN SFTP SFTPSERVER SCP
53e2a65c	82	#echo $SSH $SSHD $SSHAGENT $SSHADD $SSHKEYGEN $SSHKEYSCAN $SFTP $SFTPSERVER $SCP
836d58d7	83
836d58d7	84	# helper
c7751424	85	echon()
	86	{
	87	if [ "x`echo -n`" = "x" ]; then
	88	echo -n "$@"
	89	elif [ "x`echo '\c'`" = "x" ]; then
	90	echo "$@\c"
	91	else
	92	fatal "Don't know how to echo without newline."
	93	fi
	94	}
	95
c1b10a96	96	have_prog()
	97	{
	98	saved_IFS="$IFS"
	99	IFS=":"
	100	for i in $PATH
	101	do
	102	if [ -x $i/$1 ]; then
	103	IFS="$saved_IFS"
	104	return 0
	105	fi
	106	done
	107	IFS="$saved_IFS"
	108	return 1
	109	}
	110
836d58d7	111	cleanup ()
	112	{
	113	if [ -f $PIDFILE ]; then
	114	pid=`cat $PIDFILE`
	115	if [ "X$pid" = "X" ]; then
	116	echo no sshd running
	117	else
	118	if [ $pid -lt 2 ]; then
	119	echo bad pid for ssd: $pid
	120	else
	121	$SUDO kill $pid
	122	fi
	123	fi
	124	fi
	125	}
	126
	127	trace ()
	128	{
	129	if [ "X$TEST_SSH_TRACE" = "Xyes" ]; then
	130	echo "$@"
	131	fi
	132	}
	133
	134	verbose ()
	135	{
	136	if [ "X$TEST_SSH_QUIET" != "Xyes" ]; then
	137	echo "$@"
	138	fi
	139	}
	140
	141
	142	fail ()
	143	{
	144	RESULT=1
	145	echo "$@"
	146	}
	147
	148	fatal ()
	149	{
c7751424	150	echon "FATAL: "
836d58d7	151	fail "$@"
	152	cleanup
	153	exit $RESULT
	154	}
	155
	156	RESULT=0
	157	PIDFILE=$OBJ/pidfile
	158
	159	trap fatal 3 2
	160
	161	# create server config
	162	cat << EOF > $OBJ/sshd_config
	163	Port $PORT
	164	ListenAddress 127.0.0.1
	165	#ListenAddress ::1
	166	PidFile $PIDFILE
	167	AuthorizedKeysFile $OBJ/authorized_keys_%u
	168	LogLevel QUIET
1b0a92c0	169	AcceptEnv _XXX_TEST_*
1b0a92c0	170	AcceptEnv _XXX_TEST
00995aa0	171	Subsystem sftp $SFTPSERVER
4638d96a	172	StrictModes no
836d58d7	173	EOF
	174
	175	# server config for proxy connects
	176	cp $OBJ/sshd_config $OBJ/sshd_proxy
	177
	178	# allow group-writable directories in proxy-mode
	179	echo 'StrictModes no' >> $OBJ/sshd_proxy
	180
	181	# create client config
	182	cat << EOF > $OBJ/ssh_config
	183	Host *
	184	Hostname 127.0.0.1
	185	HostKeyAlias localhost-with-alias
	186	Port $PORT
	187	User $USER
	188	GlobalKnownHostsFile $OBJ/known_hosts
	189	UserKnownHostsFile $OBJ/known_hosts
	190	RSAAuthentication yes
	191	PubkeyAuthentication yes
	192	ChallengeResponseAuthentication no
	193	HostbasedAuthentication no
	194	PasswordAuthentication no
836d58d7	195	RhostsRSAAuthentication no
	196	BatchMode yes
	197	StrictHostKeyChecking yes
	198	EOF
	199
	200	rm -f $OBJ/known_hosts $OBJ/authorized_keys_$USER
	201
	202	trace "generate keys"
	203	for t in rsa rsa1; do
	204	# generate user key
	205	rm -f $OBJ/$t
	206	${SSHKEYGEN} -q -N '' -t $t -f $OBJ/$t \|\|\
	207	fail "ssh-keygen for $t failed"
	208
	209	# known hosts file for client
	210	(
c7751424	211	echon 'localhost-with-alias,127.0.0.1,::1 '
836d58d7	212	cat $OBJ/$t.pub
	213	) >> $OBJ/known_hosts
	214
	215	# setup authorized keys
	216	cat $OBJ/$t.pub >> $OBJ/authorized_keys_$USER
	217	echo IdentityFile $OBJ/$t >> $OBJ/ssh_config
	218
	219	# use key as host key, too
	220	$SUDO cp $OBJ/$t $OBJ/host.$t
	221	echo HostKey $OBJ/host.$t >> $OBJ/sshd_config
	222
	223	# don't use SUDO for proxy connect
	224	echo HostKey $OBJ/$t >> $OBJ/sshd_proxy
	225	done
	226	chmod 644 $OBJ/authorized_keys_$USER
	227
	228	# create a proxy version of the client config
	229	(
	230	cat $OBJ/ssh_config
4638d96a	231	echo proxycommand ${SUDO} ${SSHD} -i -f $OBJ/sshd_proxy
836d58d7	232	) > $OBJ/ssh_proxy
	233
	234	# check proxy config
	235	${SSHD} -t -f $OBJ/sshd_proxy \|\| fatal "sshd_proxy broken"
	236
	237	start_sshd ()
	238	{
	239	# start sshd
	240	$SUDO ${SSHD} -f $OBJ/sshd_config -t \|\| fatal "sshd_config broken"
	241	$SUDO ${SSHD} -f $OBJ/sshd_config
	242
	243	trace "wait for sshd"
	244	i=0;
4638d96a	245	while [ ! -f $PIDFILE -a $i -lt 10 ]; do
836d58d7	246	i=`expr $i + 1`
	247	sleep $i
	248	done
	249
	250	test -f $PIDFILE \|\| fatal "no sshd running on port $PORT"
	251	}
	252
	253	# source test body
	254	. $SCRIPT
	255
	256	# kill sshd
	257	cleanup
	258	if [ $RESULT -eq 0 ]; then
	259	verbose ok $tid
	260	else
	261	echo failed $tid
	262	fi
	263	exit $RESULT