regress/test-exec.sh

   1 #       $OpenBSD: test-exec.sh,v 1.25 2004/12/06 10:49:56 dtucker Exp $
   2 #       Placed in the Public Domain.
   3
   4 #SUDO=sudo
   5
   6 # Unbreak GNU head(1)
   7 _POSIX2_VERSION=199209
   8 export _POSIX2_VERSION
   9
  10 if [ ! -z "$TEST_SSH_PORT" ]; then
  11         PORT="$TEST_SSH_PORT"
  12 else
  13         PORT=4242
  14 fi
  15
  16 if [ -x /usr/ucb/whoami ]; then
  17         USER=`/usr/ucb/whoami`
  18 elif whoami >/dev/null 2>&1; then
  19         USER=`whoami`
  20 else
  21         USER=`id -un`
  22 fi
  23
  24 OBJ=$1
  25 if [ "x$OBJ" = "x" ]; then
  26         echo '$OBJ not defined'
  27         exit 2
  28 fi
  29 if [ ! -d $OBJ ]; then
  30         echo "not a directory: $OBJ"
  31         exit 2
  32 fi
  33 SCRIPT=$2
  34 if [ "x$SCRIPT" = "x" ]; then
  35         echo '$SCRIPT not defined'
  36         exit 2
  37 fi
  38 if [ ! -f $SCRIPT ]; then
  39         echo "not a file: $SCRIPT"
  40         exit 2
  41 fi
  42 if $TEST_SHELL -n $SCRIPT; then
  43         true
  44 else
  45         echo "syntax error in $SCRIPT"
  46         exit 2
  47 fi
  48 unset SSH_AUTH_SOCK
  49
  50 # defaults
  51 SSH=ssh
  52 SSHD=sshd
  53 SSHAGENT=ssh-agent
  54 SSHADD=ssh-add
  55 SSHKEYGEN=ssh-keygen
  56 SSHKEYSCAN=ssh-keyscan
  57 SFTP=sftp
  58 SFTPSERVER=/usr/libexec/openssh/sftp-server
  59 SCP=scp
  60
  61 if [ "x$TEST_SSH_SSH" != "x" ]; then
  62         SSH="${TEST_SSH_SSH}"
  63 fi
  64 if [ "x$TEST_SSH_SSHD" != "x" ]; then
  65         SSHD="${TEST_SSH_SSHD}"
  66 fi
  67 if [ "x$TEST_SSH_SSHAGENT" != "x" ]; then
  68         SSHAGENT="${TEST_SSH_SSHAGENT}"
  69 fi
  70 if [ "x$TEST_SSH_SSHADD" != "x" ]; then
  71         SSHADD="${TEST_SSH_SSHADD}"
  72 fi
  73 if [ "x$TEST_SSH_SSHKEYGEN" != "x" ]; then
  74         SSHKEYGEN="${TEST_SSH_SSHKEYGEN}"
  75 fi
  76 if [ "x$TEST_SSH_SSHKEYSCAN" != "x" ]; then
  77         SSHKEYSCAN="${TEST_SSH_SSHKEYSCAN}"
  78 fi
  79 if [ "x$TEST_SSH_SFTP" != "x" ]; then
  80         SFTP="${TEST_SSH_SFTP}"
  81 fi
  82 if [ "x$TEST_SSH_SFTPSERVER" != "x" ]; then
  83         SFTPSERVER="${TEST_SSH_SFTPSERVER}"
  84 fi
  85 if [ "x$TEST_SSH_SCP" != "x" ]; then
  86         SCP="${TEST_SSH_SCP}"
  87 fi
  88
  89 # Path to sshd must be absolute for rexec
  90 if [ ! -x /$SSHD ]; then
  91         SSHD=`which sshd`
  92 fi
  93
  94 # these should be used in tests
  95 export SSH SSHD SSHAGENT SSHADD SSHKEYGEN SSHKEYSCAN SFTP SFTPSERVER SCP
  96 #echo $SSH $SSHD $SSHAGENT $SSHADD $SSHKEYGEN $SSHKEYSCAN $SFTP $SFTPSERVER $SCP
  97
  98 # helper
  99 echon()
 100 {
 101        if [ "x`echo -n`" = "x" ]; then
 102                echo -n "$@"
 103        elif [ "x`echo '\c'`" = "x" ]; then
 104                echo "$@\c"
 105        else
 106                fatal "Don't know how to echo without newline."
 107        fi
 108 }
 109
 110 have_prog()
 111 {
 112         saved_IFS="$IFS"
 113         IFS=":"
 114         for i in $PATH
 115         do
 116                 if [ -x $i/$1 ]; then
 117                         IFS="$saved_IFS"
 118                         return 0
 119                 fi
 120         done
 121         IFS="$saved_IFS"
 122         return 1
 123 }
 124
 125 cleanup ()
 126 {
 127         if [ -f $PIDFILE ]; then
 128                 pid=`cat $PIDFILE`
 129                 if [ "X$pid" = "X" ]; then
 130                         echo no sshd running
 131                 else
 132                         if [ $pid -lt 2 ]; then
 133                                 echo bad pid for ssd: $pid
 134                         else
 135                                 $SUDO kill $pid
 136                         fi
 137                 fi
 138         fi
 139 }
 140
 141 trace ()
 142 {
 143         if [ "X$TEST_SSH_TRACE" = "Xyes" ]; then
 144                 echo "$@"
 145         fi
 146 }
 147
 148 verbose ()
 149 {
 150         if [ "X$TEST_SSH_QUIET" != "Xyes" ]; then
 151                 echo "$@"
 152         fi
 153 }
 154
 155
 156 fail ()
 157 {
 158         RESULT=1
 159         echo "$@"
 160 }
 161
 162 fatal ()
 163 {
 164         echon "FATAL: "
 165         fail "$@"
 166         cleanup
 167         exit $RESULT
 168 }
 169
 170 RESULT=0
 171 PIDFILE=$OBJ/pidfile
 172
 173 trap fatal 3 2
 174
 175 # create server config
 176 cat << EOF > $OBJ/sshd_config
 177         StrictModes             no
 178         Port                    $PORT
 179         ListenAddress           127.0.0.1
 180         #ListenAddress          ::1
 181         PidFile                 $PIDFILE
 182         AuthorizedKeysFile      $OBJ/authorized_keys_%u
 183         LogLevel                QUIET
 184         AcceptEnv               _XXX_TEST_*
 185         AcceptEnv               _XXX_TEST
 186         Subsystem       sftp    $SFTPSERVER
 187 EOF
 188
 189 if [ ! -z "$TEST_SSH_SSHD_CONFOPTS" ]; then
 190         trace "adding sshd_config option $TEST_SSH_SSHD_CONFOPTS"
 191         echo "$TEST_SSH_SSHD_CONFOPTS" >> $OBJ/sshd_config
 192 fi
 193
 194 # server config for proxy connects
 195 cp $OBJ/sshd_config $OBJ/sshd_proxy
 196
 197 # allow group-writable directories in proxy-mode
 198 echo 'StrictModes no' >> $OBJ/sshd_proxy
 199
 200 # create client config
 201 cat << EOF > $OBJ/ssh_config
 202 Host *
 203         Hostname                127.0.0.1
 204         HostKeyAlias            localhost-with-alias
 205         Port                    $PORT
 206         User                    $USER
 207         GlobalKnownHostsFile    $OBJ/known_hosts
 208         UserKnownHostsFile      $OBJ/known_hosts
 209         RSAAuthentication       yes
 210         PubkeyAuthentication    yes
 211         ChallengeResponseAuthentication no
 212         HostbasedAuthentication no
 213         PasswordAuthentication  no
 214         BatchMode               yes
 215         StrictHostKeyChecking   yes
 216 EOF
 217
 218 if [ ! -z "$TEST_SSH_SSH_CONFOPTS" ]; then
 219         trace "adding ssh_config option $TEST_SSH_SSHD_CONFOPTS"
 220         echo "$TEST_SSH_SSH_CONFOPTS" >> $OBJ/ssh_config
 221 fi
 222
 223 rm -f $OBJ/known_hosts $OBJ/authorized_keys_$USER
 224
 225 trace "generate keys"
 226 for t in rsa rsa1; do
 227         # generate user key
 228         rm -f $OBJ/$t
 229         ${SSHKEYGEN} -q -N '' -t $t  -f $OBJ/$t ||\
 230                 fail "ssh-keygen for $t failed"
 231
 232         # known hosts file for client
 233         (
 234                 echon 'localhost-with-alias,127.0.0.1,::1 '
 235                 cat $OBJ/$t.pub
 236         ) >> $OBJ/known_hosts
 237
 238         # setup authorized keys
 239         cat $OBJ/$t.pub >> $OBJ/authorized_keys_$USER
 240         echo IdentityFile $OBJ/$t >> $OBJ/ssh_config
 241
 242         # use key as host key, too
 243         $SUDO cp $OBJ/$t $OBJ/host.$t
 244         echo HostKey $OBJ/host.$t >> $OBJ/sshd_config
 245
 246         # don't use SUDO for proxy connect
 247         echo HostKey $OBJ/$t >> $OBJ/sshd_proxy
 248 done
 249 chmod 644 $OBJ/authorized_keys_$USER
 250
 251 # create a proxy version of the client config
 252 (
 253         cat $OBJ/ssh_config
 254         echo proxycommand ${SUDO} ${SSHD} -i -f $OBJ/sshd_proxy
 255 ) > $OBJ/ssh_proxy
 256
 257 # check proxy config
 258 ${SSHD} -t -f $OBJ/sshd_proxy   || fatal "sshd_proxy broken"
 259
 260 start_sshd ()
 261 {
 262         # start sshd
 263         $SUDO ${SSHD} -f $OBJ/sshd_config -t    || fatal "sshd_config broken"
 264         $SUDO ${SSHD} -f $OBJ/sshd_config
 265
 266         trace "wait for sshd"
 267         i=0;
 268         while [ ! -f $PIDFILE -a $i -lt 10 ]; do
 269                 i=`expr $i + 1`
 270                 sleep $i
 271         done
 272
 273         test -f $PIDFILE || fatal "no sshd running on port $PORT"
 274 }
 275
 276 # source test body
 277 . $SCRIPT
 278
 279 # kill sshd
 280 cleanup
 281 if [ $RESULT -eq 0 ]; then
 282         verbose ok $tid
 283 else
 284         echo failed $tid
 285 fi
 286 exit $RESULT