]>
Commit | Line | Data |
---|---|---|
f0528444 | 1 | # $OpenBSD: test-exec.sh,v 1.32 2008/06/09 18:06:32 dtucker Exp $ |
836d58d7 | 2 | # Placed in the Public Domain. |
3 | ||
836d58d7 | 4 | #SUDO=sudo |
5 | ||
9c70ca37 | 6 | # Unbreak GNU head(1) |
7 | _POSIX2_VERSION=199209 | |
8 | export _POSIX2_VERSION | |
9 | ||
13863e85 | 10 | case `uname -s 2>/dev/null` in |
11 | OSF1*) | |
12 | BIN_SH=xpg4 | |
13 | export BIN_SH | |
14 | ;; | |
15 | esac | |
16 | ||
08f8b491 | 17 | if [ ! -z "$TEST_SSH_PORT" ]; then |
18 | PORT="$TEST_SSH_PORT" | |
19 | else | |
20 | PORT=4242 | |
21 | fi | |
22 | ||
4638d96a | 23 | if [ -x /usr/ucb/whoami ]; then |
24 | USER=`/usr/ucb/whoami` | |
c1b10a96 | 25 | elif whoami >/dev/null 2>&1; then |
4638d96a | 26 | USER=`whoami` |
0ceedd4e | 27 | elif logname >/dev/null 2>&1; then |
28 | USER=`logname` | |
4638d96a | 29 | else |
30 | USER=`id -un` | |
31 | fi | |
32 | ||
836d58d7 | 33 | OBJ=$1 |
34 | if [ "x$OBJ" = "x" ]; then | |
35 | echo '$OBJ not defined' | |
36 | exit 2 | |
37 | fi | |
38 | if [ ! -d $OBJ ]; then | |
39 | echo "not a directory: $OBJ" | |
40 | exit 2 | |
41 | fi | |
42 | SCRIPT=$2 | |
43 | if [ "x$SCRIPT" = "x" ]; then | |
44 | echo '$SCRIPT not defined' | |
45 | exit 2 | |
46 | fi | |
47 | if [ ! -f $SCRIPT ]; then | |
48 | echo "not a file: $SCRIPT" | |
49 | exit 2 | |
50 | fi | |
006cb311 | 51 | if $TEST_SHELL -n $SCRIPT; then |
836d58d7 | 52 | true |
53 | else | |
54 | echo "syntax error in $SCRIPT" | |
55 | exit 2 | |
56 | fi | |
57 | unset SSH_AUTH_SOCK | |
58 | ||
83154755 | 59 | SRC=`dirname ${SCRIPT}` |
60 | ||
836d58d7 | 61 | # defaults |
62 | SSH=ssh | |
63 | SSHD=sshd | |
64 | SSHAGENT=ssh-agent | |
65 | SSHADD=ssh-add | |
66 | SSHKEYGEN=ssh-keygen | |
67 | SSHKEYSCAN=ssh-keyscan | |
68 | SFTP=sftp | |
69 | SFTPSERVER=/usr/libexec/openssh/sftp-server | |
53e2a65c | 70 | SCP=scp |
836d58d7 | 71 | |
f3dad773 | 72 | # Interop testing |
73 | PLINK=/usr/local/bin/plink | |
74 | PUTTYGEN=/usr/local/bin/puttygen | |
75 | ||
836d58d7 | 76 | if [ "x$TEST_SSH_SSH" != "x" ]; then |
dd75dc6d | 77 | SSH="${TEST_SSH_SSH}" |
836d58d7 | 78 | fi |
79 | if [ "x$TEST_SSH_SSHD" != "x" ]; then | |
dd75dc6d | 80 | SSHD="${TEST_SSH_SSHD}" |
836d58d7 | 81 | fi |
82 | if [ "x$TEST_SSH_SSHAGENT" != "x" ]; then | |
dd75dc6d | 83 | SSHAGENT="${TEST_SSH_SSHAGENT}" |
836d58d7 | 84 | fi |
85 | if [ "x$TEST_SSH_SSHADD" != "x" ]; then | |
dd75dc6d | 86 | SSHADD="${TEST_SSH_SSHADD}" |
836d58d7 | 87 | fi |
88 | if [ "x$TEST_SSH_SSHKEYGEN" != "x" ]; then | |
dd75dc6d | 89 | SSHKEYGEN="${TEST_SSH_SSHKEYGEN}" |
836d58d7 | 90 | fi |
91 | if [ "x$TEST_SSH_SSHKEYSCAN" != "x" ]; then | |
dd75dc6d | 92 | SSHKEYSCAN="${TEST_SSH_SSHKEYSCAN}" |
836d58d7 | 93 | fi |
94 | if [ "x$TEST_SSH_SFTP" != "x" ]; then | |
dd75dc6d | 95 | SFTP="${TEST_SSH_SFTP}" |
836d58d7 | 96 | fi |
97 | if [ "x$TEST_SSH_SFTPSERVER" != "x" ]; then | |
dd75dc6d | 98 | SFTPSERVER="${TEST_SSH_SFTPSERVER}" |
836d58d7 | 99 | fi |
53e2a65c | 100 | if [ "x$TEST_SSH_SCP" != "x" ]; then |
101 | SCP="${TEST_SSH_SCP}" | |
102 | fi | |
f3dad773 | 103 | if [ "x$TEST_SSH_PLINK" != "x" ]; then |
32f129d1 | 104 | # Find real binary, if it exists |
105 | case "${TEST_SSH_PLINK}" in | |
106 | /*) PLINK="${TEST_SSH_PLINK}" ;; | |
3e782ad1 | 107 | *) PLINK=`which ${TEST_SSH_PLINK} 2>/dev/null` ;; |
32f129d1 | 108 | esac |
f3dad773 | 109 | fi |
110 | if [ "x$TEST_SSH_PUTTYGEN" != "x" ]; then | |
32f129d1 | 111 | # Find real binary, if it exists |
112 | case "${TEST_SSH_PUTTYGEN}" in | |
113 | /*) PUTTYGEN="${TEST_SSH_PUTTYGEN}" ;; | |
3e782ad1 | 114 | *) PUTTYGEN=`which ${TEST_SSH_PUTTYGEN} 2>/dev/null` ;; |
32f129d1 | 115 | esac |
f3dad773 | 116 | fi |
836d58d7 | 117 | |
403447b4 | 118 | # Path to sshd must be absolute for rexec |
6177fa47 | 119 | case "$SSHD" in |
120 | /*) ;; | |
121 | *) SSHD=`which sshd` ;; | |
122 | esac | |
403447b4 | 123 | |
83154755 | 124 | if [ "x$TEST_SSH_LOGFILE" = "x" ]; then |
125 | TEST_SSH_LOGFILE=/dev/null | |
126 | fi | |
127 | ||
836d58d7 | 128 | # these should be used in tests |
53e2a65c | 129 | export SSH SSHD SSHAGENT SSHADD SSHKEYGEN SSHKEYSCAN SFTP SFTPSERVER SCP |
130 | #echo $SSH $SSHD $SSHAGENT $SSHADD $SSHKEYGEN $SSHKEYSCAN $SFTP $SFTPSERVER $SCP | |
836d58d7 | 131 | |
132 | # helper | |
c7751424 | 133 | echon() |
134 | { | |
135 | if [ "x`echo -n`" = "x" ]; then | |
136 | echo -n "$@" | |
137 | elif [ "x`echo '\c'`" = "x" ]; then | |
138 | echo "$@\c" | |
139 | else | |
140 | fatal "Don't know how to echo without newline." | |
141 | fi | |
142 | } | |
143 | ||
c1b10a96 | 144 | have_prog() |
145 | { | |
146 | saved_IFS="$IFS" | |
147 | IFS=":" | |
148 | for i in $PATH | |
149 | do | |
150 | if [ -x $i/$1 ]; then | |
151 | IFS="$saved_IFS" | |
152 | return 0 | |
153 | fi | |
154 | done | |
155 | IFS="$saved_IFS" | |
156 | return 1 | |
157 | } | |
158 | ||
836d58d7 | 159 | cleanup () |
160 | { | |
161 | if [ -f $PIDFILE ]; then | |
162 | pid=`cat $PIDFILE` | |
163 | if [ "X$pid" = "X" ]; then | |
164 | echo no sshd running | |
165 | else | |
166 | if [ $pid -lt 2 ]; then | |
167 | echo bad pid for ssd: $pid | |
168 | else | |
169 | $SUDO kill $pid | |
170 | fi | |
171 | fi | |
172 | fi | |
173 | } | |
174 | ||
175 | trace () | |
176 | { | |
2432048a | 177 | echo "trace: $@" >>$TEST_SSH_LOGFILE |
836d58d7 | 178 | if [ "X$TEST_SSH_TRACE" = "Xyes" ]; then |
2432048a | 179 | echo "$@" |
836d58d7 | 180 | fi |
181 | } | |
182 | ||
183 | verbose () | |
184 | { | |
2432048a | 185 | echo "verbose: $@" >>$TEST_SSH_LOGFILE |
836d58d7 | 186 | if [ "X$TEST_SSH_QUIET" != "Xyes" ]; then |
2432048a | 187 | echo "$@" |
836d58d7 | 188 | fi |
189 | } | |
190 | ||
191 | ||
192 | fail () | |
193 | { | |
2432048a | 194 | echo "FAIL: $@" >>$TEST_SSH_LOGFILE |
836d58d7 | 195 | RESULT=1 |
2432048a | 196 | echo "$@" |
836d58d7 | 197 | } |
198 | ||
199 | fatal () | |
200 | { | |
2432048a | 201 | echo "FATAL: $@" >>$TEST_SSH_LOGFILE |
c7751424 | 202 | echon "FATAL: " |
836d58d7 | 203 | fail "$@" |
204 | cleanup | |
205 | exit $RESULT | |
206 | } | |
207 | ||
208 | RESULT=0 | |
209 | PIDFILE=$OBJ/pidfile | |
210 | ||
211 | trap fatal 3 2 | |
212 | ||
213 | # create server config | |
214 | cat << EOF > $OBJ/sshd_config | |
828d4b6f | 215 | StrictModes no |
836d58d7 | 216 | Port $PORT |
9b347e5f | 217 | AddressFamily inet |
836d58d7 | 218 | ListenAddress 127.0.0.1 |
219 | #ListenAddress ::1 | |
220 | PidFile $PIDFILE | |
221 | AuthorizedKeysFile $OBJ/authorized_keys_%u | |
433f6c0f | 222 | LogLevel VERBOSE |
1b0a92c0 | 223 | AcceptEnv _XXX_TEST_* |
224 | AcceptEnv _XXX_TEST | |
00995aa0 | 225 | Subsystem sftp $SFTPSERVER |
836d58d7 | 226 | EOF |
227 | ||
677dd470 | 228 | if [ ! -z "$TEST_SSH_SSHD_CONFOPTS" ]; then |
229 | trace "adding sshd_config option $TEST_SSH_SSHD_CONFOPTS" | |
230 | echo "$TEST_SSH_SSHD_CONFOPTS" >> $OBJ/sshd_config | |
231 | fi | |
232 | ||
836d58d7 | 233 | # server config for proxy connects |
234 | cp $OBJ/sshd_config $OBJ/sshd_proxy | |
235 | ||
236 | # allow group-writable directories in proxy-mode | |
237 | echo 'StrictModes no' >> $OBJ/sshd_proxy | |
238 | ||
239 | # create client config | |
240 | cat << EOF > $OBJ/ssh_config | |
241 | Host * | |
242 | Hostname 127.0.0.1 | |
243 | HostKeyAlias localhost-with-alias | |
244 | Port $PORT | |
245 | User $USER | |
246 | GlobalKnownHostsFile $OBJ/known_hosts | |
247 | UserKnownHostsFile $OBJ/known_hosts | |
248 | RSAAuthentication yes | |
249 | PubkeyAuthentication yes | |
250 | ChallengeResponseAuthentication no | |
251 | HostbasedAuthentication no | |
252 | PasswordAuthentication no | |
836d58d7 | 253 | BatchMode yes |
254 | StrictHostKeyChecking yes | |
255 | EOF | |
256 | ||
677dd470 | 257 | if [ ! -z "$TEST_SSH_SSH_CONFOPTS" ]; then |
258 | trace "adding ssh_config option $TEST_SSH_SSHD_CONFOPTS" | |
259 | echo "$TEST_SSH_SSH_CONFOPTS" >> $OBJ/ssh_config | |
260 | fi | |
261 | ||
836d58d7 | 262 | rm -f $OBJ/known_hosts $OBJ/authorized_keys_$USER |
263 | ||
264 | trace "generate keys" | |
265 | for t in rsa rsa1; do | |
266 | # generate user key | |
267 | rm -f $OBJ/$t | |
d77c7dff | 268 | ${SSHKEYGEN} -b 1024 -q -N '' -t $t -f $OBJ/$t ||\ |
836d58d7 | 269 | fail "ssh-keygen for $t failed" |
270 | ||
271 | # known hosts file for client | |
272 | ( | |
c7751424 | 273 | echon 'localhost-with-alias,127.0.0.1,::1 ' |
836d58d7 | 274 | cat $OBJ/$t.pub |
275 | ) >> $OBJ/known_hosts | |
276 | ||
277 | # setup authorized keys | |
278 | cat $OBJ/$t.pub >> $OBJ/authorized_keys_$USER | |
279 | echo IdentityFile $OBJ/$t >> $OBJ/ssh_config | |
280 | ||
281 | # use key as host key, too | |
282 | $SUDO cp $OBJ/$t $OBJ/host.$t | |
283 | echo HostKey $OBJ/host.$t >> $OBJ/sshd_config | |
284 | ||
285 | # don't use SUDO for proxy connect | |
286 | echo HostKey $OBJ/$t >> $OBJ/sshd_proxy | |
287 | done | |
288 | chmod 644 $OBJ/authorized_keys_$USER | |
289 | ||
f0528444 | 290 | # If PuTTY is present and we are running a PuTTY test, prepare keys and |
291 | # configuration | |
f3dad773 | 292 | REGRESS_INTEROP_PUTTY=no |
f0528444 | 293 | if test -x $PUTTYGEN -a -x $PLINK && [[ $SCRIPT = *putty* ]] ; then |
f3dad773 | 294 | mkdir -p ${OBJ}/.putty |
295 | ||
296 | # Add a PuTTY key to authorized_keys | |
297 | rm -f ${OBJ}/putty.rsa2 | |
298 | puttygen -t rsa -o ${OBJ}/putty.rsa2 < /dev/null > /dev/null | |
299 | puttygen -O public-openssh ${OBJ}/putty.rsa2 \ | |
300 | >> $OBJ/authorized_keys_$USER | |
301 | ||
302 | # Convert rsa2 host key to PuTTY format | |
303 | ${SRC}/ssh2putty.sh 127.0.0.1 $PORT $OBJ/rsa > \ | |
304 | ${OBJ}/.putty/sshhostkeys | |
305 | ${SRC}/ssh2putty.sh 127.0.0.1 22 $OBJ/rsa >> \ | |
306 | ${OBJ}/.putty/sshhostkeys | |
307 | ||
308 | # Setup proxied session | |
309 | mkdir -p ${OBJ}/.putty/sessions | |
310 | rm -f ${OBJ}/.putty/sessions/localhost_proxy | |
311 | echo "Hostname=127.0.0.1" >> ${OBJ}/.putty/sessions/localhost_proxy | |
312 | echo "PortNumber=$PORT" >> ${OBJ}/.putty/sessions/localhost_proxy | |
313 | echo "ProxyMethod=5" >> ${OBJ}/.putty/sessions/localhost_proxy | |
314 | echo "ProxyTelnetCommand=sh ${SRC}/sshd-log-wrapper.sh ${SSHD} ${TEST_SSH_LOGFILE} -i -f $OBJ/sshd_proxy" >> ${OBJ}/.putty/sessions/localhost_proxy | |
315 | ||
316 | REGRESS_INTEROP_PUTTY=yes | |
317 | fi | |
318 | ||
836d58d7 | 319 | # create a proxy version of the client config |
320 | ( | |
321 | cat $OBJ/ssh_config | |
1501be86 | 322 | echo proxycommand ${SUDO} sh ${SRC}/sshd-log-wrapper.sh ${SSHD} ${TEST_SSH_LOGFILE} -i -f $OBJ/sshd_proxy |
836d58d7 | 323 | ) > $OBJ/ssh_proxy |
324 | ||
325 | # check proxy config | |
326 | ${SSHD} -t -f $OBJ/sshd_proxy || fatal "sshd_proxy broken" | |
327 | ||
328 | start_sshd () | |
329 | { | |
330 | # start sshd | |
f3dad773 | 331 | $SUDO ${SSHD} -f $OBJ/sshd_config "$@" -t || fatal "sshd_config broken" |
332 | $SUDO ${SSHD} -f $OBJ/sshd_config -e "$@" >>$TEST_SSH_LOGFILE 2>&1 | |
836d58d7 | 333 | |
334 | trace "wait for sshd" | |
335 | i=0; | |
4638d96a | 336 | while [ ! -f $PIDFILE -a $i -lt 10 ]; do |
836d58d7 | 337 | i=`expr $i + 1` |
338 | sleep $i | |
339 | done | |
340 | ||
341 | test -f $PIDFILE || fatal "no sshd running on port $PORT" | |
342 | } | |
343 | ||
344 | # source test body | |
345 | . $SCRIPT | |
346 | ||
347 | # kill sshd | |
348 | cleanup | |
349 | if [ $RESULT -eq 0 ]; then | |
350 | verbose ok $tid | |
351 | else | |
352 | echo failed $tid | |
353 | fi | |
354 | exit $RESULT |