[openssh.git] / regress / test-exec.sh

#	$OpenBSD: test-exec.sh,v 1.20 2004/06/22 22:45:52 dtucker Exp $
#	Placed in the Public Domain.

PORT=4242
#SUDO=sudo

if [ -x /usr/ucb/whoami ]; then
	USER=`/usr/ucb/whoami`
elif whoami >/dev/null 2>&1; then
	USER=`whoami`
else
	USER=`id -un`
fi

OBJ=$1
if [ "x$OBJ" = "x" ]; then
	echo '$OBJ not defined'
	exit 2
fi
if [ ! -d $OBJ ]; then
	echo "not a directory: $OBJ"
	exit 2
fi
SCRIPT=$2
if [ "x$SCRIPT" = "x" ]; then
	echo '$SCRIPT not defined'
	exit 2
fi
if [ ! -f $SCRIPT ]; then
	echo "not a file: $SCRIPT"
	exit 2
fi
if $TEST_SHELL -n $SCRIPT; then
	true
else
	echo "syntax error in $SCRIPT"
	exit 2
fi
unset SSH_AUTH_SOCK

# defaults
SSH=ssh
SSHD=sshd
SSHAGENT=ssh-agent
SSHADD=ssh-add
SSHKEYGEN=ssh-keygen
SSHKEYSCAN=ssh-keyscan
SFTP=sftp
SFTPSERVER=/usr/libexec/openssh/sftp-server
SCP=scp

if [ "x$TEST_SSH_SSH" != "x" ]; then
	SSH="${TEST_SSH_SSH}"
fi
if [ "x$TEST_SSH_SSHD" != "x" ]; then
	SSHD="${TEST_SSH_SSHD}"
fi
if [ "x$TEST_SSH_SSHAGENT" != "x" ]; then
	SSHAGENT="${TEST_SSH_SSHAGENT}"
fi
if [ "x$TEST_SSH_SSHADD" != "x" ]; then
	SSHADD="${TEST_SSH_SSHADD}"
fi
if [ "x$TEST_SSH_SSHKEYGEN" != "x" ]; then
	SSHKEYGEN="${TEST_SSH_SSHKEYGEN}"
fi
if [ "x$TEST_SSH_SSHKEYSCAN" != "x" ]; then
	SSHKEYSCAN="${TEST_SSH_SSHKEYSCAN}"
fi
if [ "x$TEST_SSH_SFTP" != "x" ]; then
	SFTP="${TEST_SSH_SFTP}"
fi
if [ "x$TEST_SSH_SFTPSERVER" != "x" ]; then
	SFTPSERVER="${TEST_SSH_SFTPSERVER}"
fi
if [ "x$TEST_SSH_SCP" != "x" ]; then
	SCP="${TEST_SSH_SCP}"
fi

# these should be used in tests
export SSH SSHD SSHAGENT SSHADD SSHKEYGEN SSHKEYSCAN SFTP SFTPSERVER SCP
#echo $SSH $SSHD $SSHAGENT $SSHADD $SSHKEYGEN $SSHKEYSCAN $SFTP $SFTPSERVER $SCP

# helper
echon()
{
       if [ "x`echo -n`" = "x" ]; then
               echo -n "$@"
       elif [ "x`echo '\c'`" = "x" ]; then
               echo "$@\c"
       else
               fatal "Don't know how to echo without newline."
       fi
}

have_prog()
{
	saved_IFS="$IFS"
	IFS=":"
	for i in $PATH
	do
		if [ -x $i/$1 ]; then
			IFS="$saved_IFS"
			return 0
		fi
	done
	IFS="$saved_IFS"
	return 1
}

cleanup ()
{
	if [ -f $PIDFILE ]; then
		pid=`cat $PIDFILE`
		if [ "X$pid" = "X" ]; then
			echo no sshd running
		else
			if [ $pid -lt 2 ]; then
				echo bad pid for ssd: $pid
			else
				$SUDO kill $pid
			fi
		fi
	fi
}

trace ()
{
	if [ "X$TEST_SSH_TRACE" = "Xyes" ]; then
		echo "$@"
	fi
}

verbose ()
{
	if [ "X$TEST_SSH_QUIET" != "Xyes" ]; then
		echo "$@"
	fi
}


fail ()
{
	RESULT=1
	echo "$@"
}

fatal ()
{
	echon "FATAL: "
	fail "$@"
	cleanup
	exit $RESULT
}

RESULT=0
PIDFILE=$OBJ/pidfile

trap fatal 3 2

# create server config
cat << EOF > $OBJ/sshd_config
	StrictModes		no
	Port			$PORT
	ListenAddress		127.0.0.1
	#ListenAddress		::1
	PidFile			$PIDFILE
	AuthorizedKeysFile	$OBJ/authorized_keys_%u
	LogLevel		QUIET
	AcceptEnv		_XXX_TEST_*
	AcceptEnv		_XXX_TEST
	Subsystem	sftp	$SFTPSERVER
EOF

if [ ! -z "$TEST_SSH_SSHD_CONFOPTS" ]; then
	trace "adding sshd_config option $TEST_SSH_SSHD_CONFOPTS"
	echo "$TEST_SSH_SSHD_CONFOPTS" >> $OBJ/sshd_config
fi

# server config for proxy connects
cp $OBJ/sshd_config $OBJ/sshd_proxy

# allow group-writable directories in proxy-mode
echo 'StrictModes no' >> $OBJ/sshd_proxy

# create client config
cat << EOF > $OBJ/ssh_config
Host *
	Hostname		127.0.0.1
	HostKeyAlias		localhost-with-alias
	Port			$PORT
	User			$USER
	GlobalKnownHostsFile	$OBJ/known_hosts
	UserKnownHostsFile	$OBJ/known_hosts
	RSAAuthentication	yes
	PubkeyAuthentication	yes
	ChallengeResponseAuthentication	no
	HostbasedAuthentication	no
	PasswordAuthentication	no
	RhostsRSAAuthentication	no
	BatchMode		yes
	StrictHostKeyChecking	yes
EOF

if [ ! -z "$TEST_SSH_SSH_CONFOPTS" ]; then
	trace "adding ssh_config option $TEST_SSH_SSHD_CONFOPTS"
	echo "$TEST_SSH_SSH_CONFOPTS" >> $OBJ/ssh_config
fi

rm -f $OBJ/known_hosts $OBJ/authorized_keys_$USER

trace "generate keys"
for t in rsa rsa1; do
	# generate user key
	rm -f $OBJ/$t
	${SSHKEYGEN} -q -N '' -t $t  -f $OBJ/$t ||\
		fail "ssh-keygen for $t failed"

	# known hosts file for client
	(
		echon 'localhost-with-alias,127.0.0.1,::1 '
		cat $OBJ/$t.pub
	) >> $OBJ/known_hosts

	# setup authorized keys
	cat $OBJ/$t.pub >> $OBJ/authorized_keys_$USER
	echo IdentityFile $OBJ/$t >> $OBJ/ssh_config

	# use key as host key, too
	$SUDO cp $OBJ/$t $OBJ/host.$t
	echo HostKey $OBJ/host.$t >> $OBJ/sshd_config

	# don't use SUDO for proxy connect
	echo HostKey $OBJ/$t >> $OBJ/sshd_proxy
done
chmod 644 $OBJ/authorized_keys_$USER

# create a proxy version of the client config
(
	cat $OBJ/ssh_config
	echo proxycommand ${SUDO} ${SSHD} -i -f $OBJ/sshd_proxy
) > $OBJ/ssh_proxy

# check proxy config
${SSHD} -t -f $OBJ/sshd_proxy	|| fatal "sshd_proxy broken"

start_sshd ()
{
	# start sshd
	$SUDO ${SSHD} -f $OBJ/sshd_config -t	|| fatal "sshd_config broken"
	$SUDO ${SSHD} -f $OBJ/sshd_config

	trace "wait for sshd"
	i=0;
	while [ ! -f $PIDFILE -a $i -lt 10 ]; do
		i=`expr $i + 1`
		sleep $i
	done

	test -f $PIDFILE || fatal "no sshd running on port $PORT"
}

# source test body
. $SCRIPT

# kill sshd
cleanup
if [ $RESULT -eq 0 ]; then
	verbose ok $tid
else
	echo failed $tid
fi
exit $RESULT
Commit	Line	Data
677dd470	1	# $OpenBSD: test-exec.sh,v 1.20 2004/06/22 22:45:52 dtucker Exp $
836d58d7	2	# Placed in the Public Domain.
	3
	4	PORT=4242
836d58d7	5	#SUDO=sudo
836d58d7	6
4638d96a	7	if [ -x /usr/ucb/whoami ]; then
4638d96a	8	USER=`/usr/ucb/whoami`
c1b10a96	9	elif whoami >/dev/null 2>&1; then
4638d96a	10	USER=`whoami`
	11	else
	12	USER=`id -un`
	13	fi
	14
836d58d7	15	OBJ=$1
	16	if [ "x$OBJ" = "x" ]; then
	17	echo '$OBJ not defined'
	18	exit 2
	19	fi
	20	if [ ! -d $OBJ ]; then
	21	echo "not a directory: $OBJ"
	22	exit 2
	23	fi
	24	SCRIPT=$2
	25	if [ "x$SCRIPT" = "x" ]; then
	26	echo '$SCRIPT not defined'
	27	exit 2
	28	fi
	29	if [ ! -f $SCRIPT ]; then
	30	echo "not a file: $SCRIPT"
	31	exit 2
	32	fi
006cb311	33	if $TEST_SHELL -n $SCRIPT; then
836d58d7	34	true
	35	else
	36	echo "syntax error in $SCRIPT"
	37	exit 2
	38	fi
	39	unset SSH_AUTH_SOCK
	40
	41	# defaults
	42	SSH=ssh
	43	SSHD=sshd
	44	SSHAGENT=ssh-agent
	45	SSHADD=ssh-add
	46	SSHKEYGEN=ssh-keygen
	47	SSHKEYSCAN=ssh-keyscan
	48	SFTP=sftp
	49	SFTPSERVER=/usr/libexec/openssh/sftp-server
53e2a65c	50	SCP=scp
836d58d7	51
836d58d7	52	if [ "x$TEST_SSH_SSH" != "x" ]; then
dd75dc6d	53	SSH="${TEST_SSH_SSH}"
836d58d7	54	fi
836d58d7	55	if [ "x$TEST_SSH_SSHD" != "x" ]; then
dd75dc6d	56	SSHD="${TEST_SSH_SSHD}"
836d58d7	57	fi
836d58d7	58	if [ "x$TEST_SSH_SSHAGENT" != "x" ]; then
dd75dc6d	59	SSHAGENT="${TEST_SSH_SSHAGENT}"
836d58d7	60	fi
836d58d7	61	if [ "x$TEST_SSH_SSHADD" != "x" ]; then
dd75dc6d	62	SSHADD="${TEST_SSH_SSHADD}"
836d58d7	63	fi
836d58d7	64	if [ "x$TEST_SSH_SSHKEYGEN" != "x" ]; then
dd75dc6d	65	SSHKEYGEN="${TEST_SSH_SSHKEYGEN}"
836d58d7	66	fi
836d58d7	67	if [ "x$TEST_SSH_SSHKEYSCAN" != "x" ]; then
dd75dc6d	68	SSHKEYSCAN="${TEST_SSH_SSHKEYSCAN}"
836d58d7	69	fi
836d58d7	70	if [ "x$TEST_SSH_SFTP" != "x" ]; then
dd75dc6d	71	SFTP="${TEST_SSH_SFTP}"
836d58d7	72	fi
836d58d7	73	if [ "x$TEST_SSH_SFTPSERVER" != "x" ]; then
dd75dc6d	74	SFTPSERVER="${TEST_SSH_SFTPSERVER}"
836d58d7	75	fi
53e2a65c	76	if [ "x$TEST_SSH_SCP" != "x" ]; then
	77	SCP="${TEST_SSH_SCP}"
	78	fi
836d58d7	79
836d58d7	80	# these should be used in tests
53e2a65c	81	export SSH SSHD SSHAGENT SSHADD SSHKEYGEN SSHKEYSCAN SFTP SFTPSERVER SCP
53e2a65c	82	#echo $SSH $SSHD $SSHAGENT $SSHADD $SSHKEYGEN $SSHKEYSCAN $SFTP $SFTPSERVER $SCP
836d58d7	83
836d58d7	84	# helper
c7751424	85	echon()
	86	{
	87	if [ "x`echo -n`" = "x" ]; then
	88	echo -n "$@"
	89	elif [ "x`echo '\c'`" = "x" ]; then
	90	echo "$@\c"
	91	else
	92	fatal "Don't know how to echo without newline."
	93	fi
	94	}
	95
c1b10a96	96	have_prog()
	97	{
	98	saved_IFS="$IFS"
	99	IFS=":"
	100	for i in $PATH
	101	do
	102	if [ -x $i/$1 ]; then
	103	IFS="$saved_IFS"
	104	return 0
	105	fi
	106	done
	107	IFS="$saved_IFS"
	108	return 1
	109	}
	110
836d58d7	111	cleanup ()
	112	{
	113	if [ -f $PIDFILE ]; then
	114	pid=`cat $PIDFILE`
	115	if [ "X$pid" = "X" ]; then
	116	echo no sshd running
	117	else
	118	if [ $pid -lt 2 ]; then
	119	echo bad pid for ssd: $pid
	120	else
	121	$SUDO kill $pid
	122	fi
	123	fi
	124	fi
	125	}
	126
	127	trace ()
	128	{
	129	if [ "X$TEST_SSH_TRACE" = "Xyes" ]; then
	130	echo "$@"
	131	fi
	132	}
	133
	134	verbose ()
	135	{
	136	if [ "X$TEST_SSH_QUIET" != "Xyes" ]; then
	137	echo "$@"
	138	fi
	139	}
	140
	141
	142	fail ()
	143	{
	144	RESULT=1
	145	echo "$@"
	146	}
	147
	148	fatal ()
	149	{
c7751424	150	echon "FATAL: "
836d58d7	151	fail "$@"
	152	cleanup
	153	exit $RESULT
	154	}
	155
	156	RESULT=0
	157	PIDFILE=$OBJ/pidfile
	158
	159	trap fatal 3 2
	160
	161	# create server config
	162	cat << EOF > $OBJ/sshd_config
828d4b6f	163	StrictModes no
836d58d7	164	Port $PORT
	165	ListenAddress 127.0.0.1
	166	#ListenAddress ::1
	167	PidFile $PIDFILE
	168	AuthorizedKeysFile $OBJ/authorized_keys_%u
	169	LogLevel QUIET
1b0a92c0	170	AcceptEnv _XXX_TEST_*
1b0a92c0	171	AcceptEnv _XXX_TEST
00995aa0	172	Subsystem sftp $SFTPSERVER
836d58d7	173	EOF
836d58d7	174
677dd470	175	if [ ! -z "$TEST_SSH_SSHD_CONFOPTS" ]; then
	176	trace "adding sshd_config option $TEST_SSH_SSHD_CONFOPTS"
	177	echo "$TEST_SSH_SSHD_CONFOPTS" >> $OBJ/sshd_config
	178	fi
	179
836d58d7	180	# server config for proxy connects
	181	cp $OBJ/sshd_config $OBJ/sshd_proxy
	182
	183	# allow group-writable directories in proxy-mode
	184	echo 'StrictModes no' >> $OBJ/sshd_proxy
	185
	186	# create client config
	187	cat << EOF > $OBJ/ssh_config
	188	Host *
	189	Hostname 127.0.0.1
	190	HostKeyAlias localhost-with-alias
	191	Port $PORT
	192	User $USER
	193	GlobalKnownHostsFile $OBJ/known_hosts
	194	UserKnownHostsFile $OBJ/known_hosts
	195	RSAAuthentication yes
	196	PubkeyAuthentication yes
	197	ChallengeResponseAuthentication no
	198	HostbasedAuthentication no
	199	PasswordAuthentication no
836d58d7	200	RhostsRSAAuthentication no
	201	BatchMode yes
	202	StrictHostKeyChecking yes
	203	EOF
	204
677dd470	205	if [ ! -z "$TEST_SSH_SSH_CONFOPTS" ]; then
	206	trace "adding ssh_config option $TEST_SSH_SSHD_CONFOPTS"
	207	echo "$TEST_SSH_SSH_CONFOPTS" >> $OBJ/ssh_config
	208	fi
	209
836d58d7	210	rm -f $OBJ/known_hosts $OBJ/authorized_keys_$USER
	211
	212	trace "generate keys"
	213	for t in rsa rsa1; do
	214	# generate user key
	215	rm -f $OBJ/$t
	216	${SSHKEYGEN} -q -N '' -t $t -f $OBJ/$t \|\|\
	217	fail "ssh-keygen for $t failed"
	218
	219	# known hosts file for client
	220	(
c7751424	221	echon 'localhost-with-alias,127.0.0.1,::1 '
836d58d7	222	cat $OBJ/$t.pub
	223	) >> $OBJ/known_hosts
	224
	225	# setup authorized keys
	226	cat $OBJ/$t.pub >> $OBJ/authorized_keys_$USER
	227	echo IdentityFile $OBJ/$t >> $OBJ/ssh_config
	228
	229	# use key as host key, too
	230	$SUDO cp $OBJ/$t $OBJ/host.$t
	231	echo HostKey $OBJ/host.$t >> $OBJ/sshd_config
	232
	233	# don't use SUDO for proxy connect
	234	echo HostKey $OBJ/$t >> $OBJ/sshd_proxy
	235	done
	236	chmod 644 $OBJ/authorized_keys_$USER
	237
	238	# create a proxy version of the client config
	239	(
	240	cat $OBJ/ssh_config
4638d96a	241	echo proxycommand ${SUDO} ${SSHD} -i -f $OBJ/sshd_proxy
836d58d7	242	) > $OBJ/ssh_proxy
	243
	244	# check proxy config
	245	${SSHD} -t -f $OBJ/sshd_proxy \|\| fatal "sshd_proxy broken"
	246
	247	start_sshd ()
	248	{
	249	# start sshd
	250	$SUDO ${SSHD} -f $OBJ/sshd_config -t \|\| fatal "sshd_config broken"
	251	$SUDO ${SSHD} -f $OBJ/sshd_config
	252
	253	trace "wait for sshd"
	254	i=0;
4638d96a	255	while [ ! -f $PIDFILE -a $i -lt 10 ]; do
836d58d7	256	i=`expr $i + 1`
	257	sleep $i
	258	done
	259
	260	test -f $PIDFILE \|\| fatal "no sshd running on port $PORT"
	261	}
	262
	263	# source test body
	264	. $SCRIPT
	265
	266	# kill sshd
	267	cleanup
	268	if [ $RESULT -eq 0 ]; then
	269	verbose ok $tid
	270	else
	271	echo failed $tid
	272	fi
	273	exit $RESULT