| | 1 | # $OpenBSD: test-exec.sh,v 1.20 2004/06/22 22:45:52 dtucker Exp $ |
| | 2 | # Placed in the Public Domain. |
| | 3 | |
| | 4 | PORT=4242 |
| | 5 | #SUDO=sudo |
| | 6 | |
| | 7 | if [ -x /usr/ucb/whoami ]; then |
| | 8 | USER=`/usr/ucb/whoami` |
| | 9 | elif whoami >/dev/null 2>&1; then |
| | 10 | USER=`whoami` |
| | 11 | else |
| | 12 | USER=`id -un` |
| | 13 | fi |
| | 14 | |
| | 15 | OBJ=$1 |
| | 16 | if [ "x$OBJ" = "x" ]; then |
| | 17 | echo '$OBJ not defined' |
| | 18 | exit 2 |
| | 19 | fi |
| | 20 | if [ ! -d $OBJ ]; then |
| | 21 | echo "not a directory: $OBJ" |
| | 22 | exit 2 |
| | 23 | fi |
| | 24 | SCRIPT=$2 |
| | 25 | if [ "x$SCRIPT" = "x" ]; then |
| | 26 | echo '$SCRIPT not defined' |
| | 27 | exit 2 |
| | 28 | fi |
| | 29 | if [ ! -f $SCRIPT ]; then |
| | 30 | echo "not a file: $SCRIPT" |
| | 31 | exit 2 |
| | 32 | fi |
| | 33 | if $TEST_SHELL -n $SCRIPT; then |
| | 34 | true |
| | 35 | else |
| | 36 | echo "syntax error in $SCRIPT" |
| | 37 | exit 2 |
| | 38 | fi |
| | 39 | unset SSH_AUTH_SOCK |
| | 40 | |
| | 41 | # defaults |
| | 42 | SSH=ssh |
| | 43 | SSHD=sshd |
| | 44 | SSHAGENT=ssh-agent |
| | 45 | SSHADD=ssh-add |
| | 46 | SSHKEYGEN=ssh-keygen |
| | 47 | SSHKEYSCAN=ssh-keyscan |
| | 48 | SFTP=sftp |
| | 49 | SFTPSERVER=/usr/libexec/openssh/sftp-server |
| | 50 | SCP=scp |
| | 51 | |
| | 52 | if [ "x$TEST_SSH_SSH" != "x" ]; then |
| | 53 | SSH="${TEST_SSH_SSH}" |
| | 54 | fi |
| | 55 | if [ "x$TEST_SSH_SSHD" != "x" ]; then |
| | 56 | SSHD="${TEST_SSH_SSHD}" |
| | 57 | fi |
| | 58 | if [ "x$TEST_SSH_SSHAGENT" != "x" ]; then |
| | 59 | SSHAGENT="${TEST_SSH_SSHAGENT}" |
| | 60 | fi |
| | 61 | if [ "x$TEST_SSH_SSHADD" != "x" ]; then |
| | 62 | SSHADD="${TEST_SSH_SSHADD}" |
| | 63 | fi |
| | 64 | if [ "x$TEST_SSH_SSHKEYGEN" != "x" ]; then |
| | 65 | SSHKEYGEN="${TEST_SSH_SSHKEYGEN}" |
| | 66 | fi |
| | 67 | if [ "x$TEST_SSH_SSHKEYSCAN" != "x" ]; then |
| | 68 | SSHKEYSCAN="${TEST_SSH_SSHKEYSCAN}" |
| | 69 | fi |
| | 70 | if [ "x$TEST_SSH_SFTP" != "x" ]; then |
| | 71 | SFTP="${TEST_SSH_SFTP}" |
| | 72 | fi |
| | 73 | if [ "x$TEST_SSH_SFTPSERVER" != "x" ]; then |
| | 74 | SFTPSERVER="${TEST_SSH_SFTPSERVER}" |
| | 75 | fi |
| | 76 | if [ "x$TEST_SSH_SCP" != "x" ]; then |
| | 77 | SCP="${TEST_SSH_SCP}" |
| | 78 | fi |
| | 79 | |
| | 80 | # these should be used in tests |
| | 81 | export SSH SSHD SSHAGENT SSHADD SSHKEYGEN SSHKEYSCAN SFTP SFTPSERVER SCP |
| | 82 | #echo $SSH $SSHD $SSHAGENT $SSHADD $SSHKEYGEN $SSHKEYSCAN $SFTP $SFTPSERVER $SCP |
| | 83 | |
| | 84 | # helper |
| | 85 | echon() |
| | 86 | { |
| | 87 | if [ "x`echo -n`" = "x" ]; then |
| | 88 | echo -n "$@" |
| | 89 | elif [ "x`echo '\c'`" = "x" ]; then |
| | 90 | echo "$@\c" |
| | 91 | else |
| | 92 | fatal "Don't know how to echo without newline." |
| | 93 | fi |
| | 94 | } |
| | 95 | |
| | 96 | have_prog() |
| | 97 | { |
| | 98 | saved_IFS="$IFS" |
| | 99 | IFS=":" |
| | 100 | for i in $PATH |
| | 101 | do |
| | 102 | if [ -x $i/$1 ]; then |
| | 103 | IFS="$saved_IFS" |
| | 104 | return 0 |
| | 105 | fi |
| | 106 | done |
| | 107 | IFS="$saved_IFS" |
| | 108 | return 1 |
| | 109 | } |
| | 110 | |
| | 111 | cleanup () |
| | 112 | { |
| | 113 | if [ -f $PIDFILE ]; then |
| | 114 | pid=`cat $PIDFILE` |
| | 115 | if [ "X$pid" = "X" ]; then |
| | 116 | echo no sshd running |
| | 117 | else |
| | 118 | if [ $pid -lt 2 ]; then |
| | 119 | echo bad pid for ssd: $pid |
| | 120 | else |
| | 121 | $SUDO kill $pid |
| | 122 | fi |
| | 123 | fi |
| | 124 | fi |
| | 125 | } |
| | 126 | |
| | 127 | trace () |
| | 128 | { |
| | 129 | if [ "X$TEST_SSH_TRACE" = "Xyes" ]; then |
| | 130 | echo "$@" |
| | 131 | fi |
| | 132 | } |
| | 133 | |
| | 134 | verbose () |
| | 135 | { |
| | 136 | if [ "X$TEST_SSH_QUIET" != "Xyes" ]; then |
| | 137 | echo "$@" |
| | 138 | fi |
| | 139 | } |
| | 140 | |
| | 141 | |
| | 142 | fail () |
| | 143 | { |
| | 144 | RESULT=1 |
| | 145 | echo "$@" |
| | 146 | } |
| | 147 | |
| | 148 | fatal () |
| | 149 | { |
| | 150 | echon "FATAL: " |
| | 151 | fail "$@" |
| | 152 | cleanup |
| | 153 | exit $RESULT |
| | 154 | } |
| | 155 | |
| | 156 | RESULT=0 |
| | 157 | PIDFILE=$OBJ/pidfile |
| | 158 | |
| | 159 | trap fatal 3 2 |
| | 160 | |
| | 161 | # create server config |
| | 162 | cat << EOF > $OBJ/sshd_config |
| | 163 | StrictModes no |
| | 164 | Port $PORT |
| | 165 | ListenAddress 127.0.0.1 |
| | 166 | #ListenAddress ::1 |
| | 167 | PidFile $PIDFILE |
| | 168 | AuthorizedKeysFile $OBJ/authorized_keys_%u |
| | 169 | LogLevel QUIET |
| | 170 | AcceptEnv _XXX_TEST_* |
| | 171 | AcceptEnv _XXX_TEST |
| | 172 | Subsystem sftp $SFTPSERVER |
| | 173 | EOF |
| | 174 | |
| | 175 | if [ ! -z "$TEST_SSH_SSHD_CONFOPTS" ]; then |
| | 176 | trace "adding sshd_config option $TEST_SSH_SSHD_CONFOPTS" |
| | 177 | echo "$TEST_SSH_SSHD_CONFOPTS" >> $OBJ/sshd_config |
| | 178 | fi |
| | 179 | |
| | 180 | # server config for proxy connects |
| | 181 | cp $OBJ/sshd_config $OBJ/sshd_proxy |
| | 182 | |
| | 183 | # allow group-writable directories in proxy-mode |
| | 184 | echo 'StrictModes no' >> $OBJ/sshd_proxy |
| | 185 | |
| | 186 | # create client config |
| | 187 | cat << EOF > $OBJ/ssh_config |
| | 188 | Host * |
| | 189 | Hostname 127.0.0.1 |
| | 190 | HostKeyAlias localhost-with-alias |
| | 191 | Port $PORT |
| | 192 | User $USER |
| | 193 | GlobalKnownHostsFile $OBJ/known_hosts |
| | 194 | UserKnownHostsFile $OBJ/known_hosts |
| | 195 | RSAAuthentication yes |
| | 196 | PubkeyAuthentication yes |
| | 197 | ChallengeResponseAuthentication no |
| | 198 | HostbasedAuthentication no |
| | 199 | PasswordAuthentication no |
| | 200 | RhostsRSAAuthentication no |
| | 201 | BatchMode yes |
| | 202 | StrictHostKeyChecking yes |
| | 203 | EOF |
| | 204 | |
| | 205 | if [ ! -z "$TEST_SSH_SSH_CONFOPTS" ]; then |
| | 206 | trace "adding ssh_config option $TEST_SSH_SSHD_CONFOPTS" |
| | 207 | echo "$TEST_SSH_SSH_CONFOPTS" >> $OBJ/ssh_config |
| | 208 | fi |
| | 209 | |
| | 210 | rm -f $OBJ/known_hosts $OBJ/authorized_keys_$USER |
| | 211 | |
| | 212 | trace "generate keys" |
| | 213 | for t in rsa rsa1; do |
| | 214 | # generate user key |
| | 215 | rm -f $OBJ/$t |
| | 216 | ${SSHKEYGEN} -q -N '' -t $t -f $OBJ/$t ||\ |
| | 217 | fail "ssh-keygen for $t failed" |
| | 218 | |
| | 219 | # known hosts file for client |
| | 220 | ( |
| | 221 | echon 'localhost-with-alias,127.0.0.1,::1 ' |
| | 222 | cat $OBJ/$t.pub |
| | 223 | ) >> $OBJ/known_hosts |
| | 224 | |
| | 225 | # setup authorized keys |
| | 226 | cat $OBJ/$t.pub >> $OBJ/authorized_keys_$USER |
| | 227 | echo IdentityFile $OBJ/$t >> $OBJ/ssh_config |
| | 228 | |
| | 229 | # use key as host key, too |
| | 230 | $SUDO cp $OBJ/$t $OBJ/host.$t |
| | 231 | echo HostKey $OBJ/host.$t >> $OBJ/sshd_config |
| | 232 | |
| | 233 | # don't use SUDO for proxy connect |
| | 234 | echo HostKey $OBJ/$t >> $OBJ/sshd_proxy |
| | 235 | done |
| | 236 | chmod 644 $OBJ/authorized_keys_$USER |
| | 237 | |
| | 238 | # create a proxy version of the client config |
| | 239 | ( |
| | 240 | cat $OBJ/ssh_config |
| | 241 | echo proxycommand ${SUDO} ${SSHD} -i -f $OBJ/sshd_proxy |
| | 242 | ) > $OBJ/ssh_proxy |
| | 243 | |
| | 244 | # check proxy config |
| | 245 | ${SSHD} -t -f $OBJ/sshd_proxy || fatal "sshd_proxy broken" |
| | 246 | |
| | 247 | start_sshd () |
| | 248 | { |
| | 249 | # start sshd |
| | 250 | $SUDO ${SSHD} -f $OBJ/sshd_config -t || fatal "sshd_config broken" |
| | 251 | $SUDO ${SSHD} -f $OBJ/sshd_config |
| | 252 | |
| | 253 | trace "wait for sshd" |
| | 254 | i=0; |
| | 255 | while [ ! -f $PIDFILE -a $i -lt 10 ]; do |
| | 256 | i=`expr $i + 1` |
| | 257 | sleep $i |
| | 258 | done |
| | 259 | |
| | 260 | test -f $PIDFILE || fatal "no sshd running on port $PORT" |
| | 261 | } |
| | 262 | |
| | 263 | # source test body |
| | 264 | . $SCRIPT |
| | 265 | |
| | 266 | # kill sshd |
| | 267 | cleanup |
| | 268 | if [ $RESULT -eq 0 ]; then |
| | 269 | verbose ok $tid |
| | 270 | else |
| | 271 | echo failed $tid |
| | 272 | fi |
| | 273 | exit $RESULT |
andersk / openssh.git / blame_incremental