[openssh.git] / regress / test-exec.sh

#	$OpenBSD: test-exec.sh,v 1.27 2005/02/27 11:33:30 dtucker Exp $
#	Placed in the Public Domain.

#SUDO=sudo

# Unbreak GNU head(1)
_POSIX2_VERSION=199209
export _POSIX2_VERSION

case `uname -s 2>/dev/null` in
OSF1*)
	BIN_SH=xpg4
	export BIN_SH
	;;
esac

if [ ! -z "$TEST_SSH_PORT" ]; then
	PORT="$TEST_SSH_PORT"
else
	PORT=4242
fi

if [ -x /usr/ucb/whoami ]; then
	USER=`/usr/ucb/whoami`
elif whoami >/dev/null 2>&1; then
	USER=`whoami`
else
	USER=`id -un`
fi

OBJ=$1
if [ "x$OBJ" = "x" ]; then
	echo '$OBJ not defined'
	exit 2
fi
if [ ! -d $OBJ ]; then
	echo "not a directory: $OBJ"
	exit 2
fi
SCRIPT=$2
if [ "x$SCRIPT" = "x" ]; then
	echo '$SCRIPT not defined'
	exit 2
fi
if [ ! -f $SCRIPT ]; then
	echo "not a file: $SCRIPT"
	exit 2
fi
if $TEST_SHELL -n $SCRIPT; then
	true
else
	echo "syntax error in $SCRIPT"
	exit 2
fi
unset SSH_AUTH_SOCK

SRC=`dirname ${SCRIPT}`

# defaults
SSH=ssh
SSHD=sshd
SSHAGENT=ssh-agent
SSHADD=ssh-add
SSHKEYGEN=ssh-keygen
SSHKEYSCAN=ssh-keyscan
SFTP=sftp
SFTPSERVER=/usr/libexec/openssh/sftp-server
SCP=scp

if [ "x$TEST_SSH_SSH" != "x" ]; then
	SSH="${TEST_SSH_SSH}"
fi
if [ "x$TEST_SSH_SSHD" != "x" ]; then
	SSHD="${TEST_SSH_SSHD}"
fi
if [ "x$TEST_SSH_SSHAGENT" != "x" ]; then
	SSHAGENT="${TEST_SSH_SSHAGENT}"
fi
if [ "x$TEST_SSH_SSHADD" != "x" ]; then
	SSHADD="${TEST_SSH_SSHADD}"
fi
if [ "x$TEST_SSH_SSHKEYGEN" != "x" ]; then
	SSHKEYGEN="${TEST_SSH_SSHKEYGEN}"
fi
if [ "x$TEST_SSH_SSHKEYSCAN" != "x" ]; then
	SSHKEYSCAN="${TEST_SSH_SSHKEYSCAN}"
fi
if [ "x$TEST_SSH_SFTP" != "x" ]; then
	SFTP="${TEST_SSH_SFTP}"
fi
if [ "x$TEST_SSH_SFTPSERVER" != "x" ]; then
	SFTPSERVER="${TEST_SSH_SFTPSERVER}"
fi
if [ "x$TEST_SSH_SCP" != "x" ]; then
	SCP="${TEST_SSH_SCP}"
fi

# Path to sshd must be absolute for rexec
case "$SSHD" in
/*) ;;
*) SSHD=`which sshd` ;;
esac

if [ "x$TEST_SSH_LOGFILE" = "x" ]; then
	TEST_SSH_LOGFILE=/dev/null
fi

# these should be used in tests
export SSH SSHD SSHAGENT SSHADD SSHKEYGEN SSHKEYSCAN SFTP SFTPSERVER SCP
#echo $SSH $SSHD $SSHAGENT $SSHADD $SSHKEYGEN $SSHKEYSCAN $SFTP $SFTPSERVER $SCP

# helper
echon()
{
       if [ "x`echo -n`" = "x" ]; then
               echo -n "$@"
       elif [ "x`echo '\c'`" = "x" ]; then
               echo "$@\c"
       else
               fatal "Don't know how to echo without newline."
       fi
}

have_prog()
{
	saved_IFS="$IFS"
	IFS=":"
	for i in $PATH
	do
		if [ -x $i/$1 ]; then
			IFS="$saved_IFS"
			return 0
		fi
	done
	IFS="$saved_IFS"
	return 1
}

cleanup ()
{
	if [ -f $PIDFILE ]; then
		pid=`cat $PIDFILE`
		if [ "X$pid" = "X" ]; then
			echo no sshd running
		else
			if [ $pid -lt 2 ]; then
				echo bad pid for ssd: $pid
			else
				$SUDO kill $pid
			fi
		fi
	fi
}

trace ()
{
	echo "trace: $@" >>$TEST_SSH_LOGFILE
	if [ "X$TEST_SSH_TRACE" = "Xyes" ]; then
		echo "$@"
	fi
}

verbose ()
{
	echo "verbose: $@" >>$TEST_SSH_LOGFILE
	if [ "X$TEST_SSH_QUIET" != "Xyes" ]; then
		echo "$@"
	fi
}


fail ()
{
	echo "FAIL: $@" >>$TEST_SSH_LOGFILE
	RESULT=1
	echo "$@"
}

fatal ()
{
	echo "FATAL: $@" >>$TEST_SSH_LOGFILE
	echon "FATAL: "
	fail "$@"
	cleanup
	exit $RESULT
}

RESULT=0
PIDFILE=$OBJ/pidfile

trap fatal 3 2

# create server config
cat << EOF > $OBJ/sshd_config
	StrictModes		no
	Port			$PORT
	ListenAddress		127.0.0.1
	#ListenAddress		::1
	PidFile			$PIDFILE
	AuthorizedKeysFile	$OBJ/authorized_keys_%u
	LogLevel		VERBOSE
	AcceptEnv		_XXX_TEST_*
	AcceptEnv		_XXX_TEST
	Subsystem	sftp	$SFTPSERVER
EOF

if [ ! -z "$TEST_SSH_SSHD_CONFOPTS" ]; then
	trace "adding sshd_config option $TEST_SSH_SSHD_CONFOPTS"
	echo "$TEST_SSH_SSHD_CONFOPTS" >> $OBJ/sshd_config
fi

# server config for proxy connects
cp $OBJ/sshd_config $OBJ/sshd_proxy

# allow group-writable directories in proxy-mode
echo 'StrictModes no' >> $OBJ/sshd_proxy

# create client config
cat << EOF > $OBJ/ssh_config
Host *
	Hostname		127.0.0.1
	HostKeyAlias		localhost-with-alias
	Port			$PORT
	User			$USER
	GlobalKnownHostsFile	$OBJ/known_hosts
	UserKnownHostsFile	$OBJ/known_hosts
	RSAAuthentication	yes
	PubkeyAuthentication	yes
	ChallengeResponseAuthentication	no
	HostbasedAuthentication	no
	PasswordAuthentication	no
	BatchMode		yes
	StrictHostKeyChecking	yes
EOF

if [ ! -z "$TEST_SSH_SSH_CONFOPTS" ]; then
	trace "adding ssh_config option $TEST_SSH_SSHD_CONFOPTS"
	echo "$TEST_SSH_SSH_CONFOPTS" >> $OBJ/ssh_config
fi

rm -f $OBJ/known_hosts $OBJ/authorized_keys_$USER

trace "generate keys"
for t in rsa rsa1; do
	# generate user key
	rm -f $OBJ/$t
	${SSHKEYGEN} -b 1024 -q -N '' -t $t  -f $OBJ/$t ||\
		fail "ssh-keygen for $t failed"

	# known hosts file for client
	(
		echon 'localhost-with-alias,127.0.0.1,::1 '
		cat $OBJ/$t.pub
	) >> $OBJ/known_hosts

	# setup authorized keys
	cat $OBJ/$t.pub >> $OBJ/authorized_keys_$USER
	echo IdentityFile $OBJ/$t >> $OBJ/ssh_config

	# use key as host key, too
	$SUDO cp $OBJ/$t $OBJ/host.$t
	echo HostKey $OBJ/host.$t >> $OBJ/sshd_config

	# don't use SUDO for proxy connect
	echo HostKey $OBJ/$t >> $OBJ/sshd_proxy
done
chmod 644 $OBJ/authorized_keys_$USER

# create a proxy version of the client config
(
	cat $OBJ/ssh_config
	echo proxycommand ${SUDO} sh ${SRC}/sshd-log-wrapper.sh ${SSHD} ${TEST_SSH_LOGFILE} -i -f $OBJ/sshd_proxy
) > $OBJ/ssh_proxy

# check proxy config
${SSHD} -t -f $OBJ/sshd_proxy	|| fatal "sshd_proxy broken"

start_sshd ()
{
	# start sshd
	$SUDO ${SSHD} -f $OBJ/sshd_config -t	|| fatal "sshd_config broken"
	$SUDO ${SSHD} -f $OBJ/sshd_config -e >>$TEST_SSH_LOGFILE 2>&1

	trace "wait for sshd"
	i=0;
	while [ ! -f $PIDFILE -a $i -lt 10 ]; do
		i=`expr $i + 1`
		sleep $i
	done

	test -f $PIDFILE || fatal "no sshd running on port $PORT"
}

# source test body
. $SCRIPT

# kill sshd
cleanup
if [ $RESULT -eq 0 ]; then
	verbose ok $tid
else
	echo failed $tid
fi
exit $RESULT
Commit	Line	Data
83154755	1	# $OpenBSD: test-exec.sh,v 1.27 2005/02/27 11:33:30 dtucker Exp $
836d58d7	2	# Placed in the Public Domain.
836d58d7	3
836d58d7	4	#SUDO=sudo
836d58d7	5
9c70ca37	6	# Unbreak GNU head(1)
	7	_POSIX2_VERSION=199209
	8	export _POSIX2_VERSION
	9
13863e85	10	case `uname -s 2>/dev/null` in
	11	OSF1*)
	12	BIN_SH=xpg4
	13	export BIN_SH
	14	;;
	15	esac
	16
08f8b491	17	if [ ! -z "$TEST_SSH_PORT" ]; then
	18	PORT="$TEST_SSH_PORT"
	19	else
	20	PORT=4242
	21	fi
	22
4638d96a	23	if [ -x /usr/ucb/whoami ]; then
4638d96a	24	USER=`/usr/ucb/whoami`
c1b10a96	25	elif whoami >/dev/null 2>&1; then
4638d96a	26	USER=`whoami`
	27	else
	28	USER=`id -un`
	29	fi
	30
836d58d7	31	OBJ=$1
	32	if [ "x$OBJ" = "x" ]; then
	33	echo '$OBJ not defined'
	34	exit 2
	35	fi
	36	if [ ! -d $OBJ ]; then
	37	echo "not a directory: $OBJ"
	38	exit 2
	39	fi
	40	SCRIPT=$2
	41	if [ "x$SCRIPT" = "x" ]; then
	42	echo '$SCRIPT not defined'
	43	exit 2
	44	fi
	45	if [ ! -f $SCRIPT ]; then
	46	echo "not a file: $SCRIPT"
	47	exit 2
	48	fi
006cb311	49	if $TEST_SHELL -n $SCRIPT; then
836d58d7	50	true
	51	else
	52	echo "syntax error in $SCRIPT"
	53	exit 2
	54	fi
	55	unset SSH_AUTH_SOCK
	56
83154755	57	SRC=`dirname ${SCRIPT}`
83154755	58
836d58d7	59	# defaults
	60	SSH=ssh
	61	SSHD=sshd
	62	SSHAGENT=ssh-agent
	63	SSHADD=ssh-add
	64	SSHKEYGEN=ssh-keygen
	65	SSHKEYSCAN=ssh-keyscan
	66	SFTP=sftp
	67	SFTPSERVER=/usr/libexec/openssh/sftp-server
53e2a65c	68	SCP=scp
836d58d7	69
836d58d7	70	if [ "x$TEST_SSH_SSH" != "x" ]; then
dd75dc6d	71	SSH="${TEST_SSH_SSH}"
836d58d7	72	fi
836d58d7	73	if [ "x$TEST_SSH_SSHD" != "x" ]; then
dd75dc6d	74	SSHD="${TEST_SSH_SSHD}"
836d58d7	75	fi
836d58d7	76	if [ "x$TEST_SSH_SSHAGENT" != "x" ]; then
dd75dc6d	77	SSHAGENT="${TEST_SSH_SSHAGENT}"
836d58d7	78	fi
836d58d7	79	if [ "x$TEST_SSH_SSHADD" != "x" ]; then
dd75dc6d	80	SSHADD="${TEST_SSH_SSHADD}"
836d58d7	81	fi
836d58d7	82	if [ "x$TEST_SSH_SSHKEYGEN" != "x" ]; then
dd75dc6d	83	SSHKEYGEN="${TEST_SSH_SSHKEYGEN}"
836d58d7	84	fi
836d58d7	85	if [ "x$TEST_SSH_SSHKEYSCAN" != "x" ]; then
dd75dc6d	86	SSHKEYSCAN="${TEST_SSH_SSHKEYSCAN}"
836d58d7	87	fi
836d58d7	88	if [ "x$TEST_SSH_SFTP" != "x" ]; then
dd75dc6d	89	SFTP="${TEST_SSH_SFTP}"
836d58d7	90	fi
836d58d7	91	if [ "x$TEST_SSH_SFTPSERVER" != "x" ]; then
dd75dc6d	92	SFTPSERVER="${TEST_SSH_SFTPSERVER}"
836d58d7	93	fi
53e2a65c	94	if [ "x$TEST_SSH_SCP" != "x" ]; then
	95	SCP="${TEST_SSH_SCP}"
	96	fi
836d58d7	97
403447b4	98	# Path to sshd must be absolute for rexec
6177fa47	99	case "$SSHD" in
	100	/*) ;;
	101	*) SSHD=`which sshd` ;;
	102	esac
403447b4	103
83154755	104	if [ "x$TEST_SSH_LOGFILE" = "x" ]; then
	105	TEST_SSH_LOGFILE=/dev/null
	106	fi
	107
836d58d7	108	# these should be used in tests
53e2a65c	109	export SSH SSHD SSHAGENT SSHADD SSHKEYGEN SSHKEYSCAN SFTP SFTPSERVER SCP
53e2a65c	110	#echo $SSH $SSHD $SSHAGENT $SSHADD $SSHKEYGEN $SSHKEYSCAN $SFTP $SFTPSERVER $SCP
836d58d7	111
836d58d7	112	# helper
c7751424	113	echon()
	114	{
	115	if [ "x`echo -n`" = "x" ]; then
	116	echo -n "$@"
	117	elif [ "x`echo '\c'`" = "x" ]; then
	118	echo "$@\c"
	119	else
	120	fatal "Don't know how to echo without newline."
	121	fi
	122	}
	123
c1b10a96	124	have_prog()
	125	{
	126	saved_IFS="$IFS"
	127	IFS=":"
	128	for i in $PATH
	129	do
	130	if [ -x $i/$1 ]; then
	131	IFS="$saved_IFS"
	132	return 0
	133	fi
	134	done
	135	IFS="$saved_IFS"
	136	return 1
	137	}
	138
836d58d7	139	cleanup ()
	140	{
	141	if [ -f $PIDFILE ]; then
	142	pid=`cat $PIDFILE`
	143	if [ "X$pid" = "X" ]; then
	144	echo no sshd running
	145	else
	146	if [ $pid -lt 2 ]; then
	147	echo bad pid for ssd: $pid
	148	else
	149	$SUDO kill $pid
	150	fi
	151	fi
	152	fi
	153	}
	154
	155	trace ()
	156	{
83154755	157	echo "trace: $@" >>$TEST_SSH_LOGFILE
836d58d7	158	if [ "X$TEST_SSH_TRACE" = "Xyes" ]; then
	159	echo "$@"
	160	fi
	161	}
	162
	163	verbose ()
	164	{
83154755	165	echo "verbose: $@" >>$TEST_SSH_LOGFILE
836d58d7	166	if [ "X$TEST_SSH_QUIET" != "Xyes" ]; then
	167	echo "$@"
	168	fi
	169	}
	170
	171
	172	fail ()
	173	{
83154755	174	echo "FAIL: $@" >>$TEST_SSH_LOGFILE
836d58d7	175	RESULT=1
	176	echo "$@"
	177	}
	178
	179	fatal ()
	180	{
83154755	181	echo "FATAL: $@" >>$TEST_SSH_LOGFILE
c7751424	182	echon "FATAL: "
836d58d7	183	fail "$@"
	184	cleanup
	185	exit $RESULT
	186	}
	187
	188	RESULT=0
	189	PIDFILE=$OBJ/pidfile
	190
	191	trap fatal 3 2
	192
	193	# create server config
	194	cat << EOF > $OBJ/sshd_config
828d4b6f	195	StrictModes no
836d58d7	196	Port $PORT
	197	ListenAddress 127.0.0.1
	198	#ListenAddress ::1
	199	PidFile $PIDFILE
	200	AuthorizedKeysFile $OBJ/authorized_keys_%u
433f6c0f	201	LogLevel VERBOSE
1b0a92c0	202	AcceptEnv _XXX_TEST_*
1b0a92c0	203	AcceptEnv _XXX_TEST
00995aa0	204	Subsystem sftp $SFTPSERVER
836d58d7	205	EOF
836d58d7	206
677dd470	207	if [ ! -z "$TEST_SSH_SSHD_CONFOPTS" ]; then
	208	trace "adding sshd_config option $TEST_SSH_SSHD_CONFOPTS"
	209	echo "$TEST_SSH_SSHD_CONFOPTS" >> $OBJ/sshd_config
	210	fi
	211
836d58d7	212	# server config for proxy connects
	213	cp $OBJ/sshd_config $OBJ/sshd_proxy
	214
	215	# allow group-writable directories in proxy-mode
	216	echo 'StrictModes no' >> $OBJ/sshd_proxy
	217
	218	# create client config
	219	cat << EOF > $OBJ/ssh_config
	220	Host *
	221	Hostname 127.0.0.1
	222	HostKeyAlias localhost-with-alias
	223	Port $PORT
	224	User $USER
	225	GlobalKnownHostsFile $OBJ/known_hosts
	226	UserKnownHostsFile $OBJ/known_hosts
	227	RSAAuthentication yes
	228	PubkeyAuthentication yes
	229	ChallengeResponseAuthentication no
	230	HostbasedAuthentication no
	231	PasswordAuthentication no
836d58d7	232	BatchMode yes
	233	StrictHostKeyChecking yes
	234	EOF
	235
677dd470	236	if [ ! -z "$TEST_SSH_SSH_CONFOPTS" ]; then
	237	trace "adding ssh_config option $TEST_SSH_SSHD_CONFOPTS"
	238	echo "$TEST_SSH_SSH_CONFOPTS" >> $OBJ/ssh_config
	239	fi
	240
836d58d7	241	rm -f $OBJ/known_hosts $OBJ/authorized_keys_$USER
	242
	243	trace "generate keys"
	244	for t in rsa rsa1; do
	245	# generate user key
	246	rm -f $OBJ/$t
d77c7dff	247	${SSHKEYGEN} -b 1024 -q -N '' -t $t -f $OBJ/$t \|\|\
836d58d7	248	fail "ssh-keygen for $t failed"
	249
	250	# known hosts file for client
	251	(
c7751424	252	echon 'localhost-with-alias,127.0.0.1,::1 '
836d58d7	253	cat $OBJ/$t.pub
	254	) >> $OBJ/known_hosts
	255
	256	# setup authorized keys
	257	cat $OBJ/$t.pub >> $OBJ/authorized_keys_$USER
	258	echo IdentityFile $OBJ/$t >> $OBJ/ssh_config
	259
	260	# use key as host key, too
	261	$SUDO cp $OBJ/$t $OBJ/host.$t
	262	echo HostKey $OBJ/host.$t >> $OBJ/sshd_config
	263
	264	# don't use SUDO for proxy connect
	265	echo HostKey $OBJ/$t >> $OBJ/sshd_proxy
	266	done
	267	chmod 644 $OBJ/authorized_keys_$USER
	268
	269	# create a proxy version of the client config
	270	(
	271	cat $OBJ/ssh_config
1501be86	272	echo proxycommand ${SUDO} sh ${SRC}/sshd-log-wrapper.sh ${SSHD} ${TEST_SSH_LOGFILE} -i -f $OBJ/sshd_proxy
836d58d7	273	) > $OBJ/ssh_proxy
	274
	275	# check proxy config
	276	${SSHD} -t -f $OBJ/sshd_proxy \|\| fatal "sshd_proxy broken"
	277
	278	start_sshd ()
	279	{
	280	# start sshd
	281	$SUDO ${SSHD} -f $OBJ/sshd_config -t \|\| fatal "sshd_config broken"
83154755	282	$SUDO ${SSHD} -f $OBJ/sshd_config -e >>$TEST_SSH_LOGFILE 2>&1
836d58d7	283
	284	trace "wait for sshd"
	285	i=0;
4638d96a	286	while [ ! -f $PIDFILE -a $i -lt 10 ]; do
836d58d7	287	i=`expr $i + 1`
	288	sleep $i
	289	done
	290
	291	test -f $PIDFILE \|\| fatal "no sshd running on port $PORT"
	292	}
	293
	294	# source test body
	295	. $SCRIPT
	296
	297	# kill sshd
	298	cleanup
	299	if [ $RESULT -eq 0 ]; then
	300	verbose ok $tid
	301	else
	302	echo failed $tid
	303	fi
	304	exit $RESULT