regress/test-exec.sh

   1 #       $OpenBSD: test-exec.sh,v 1.27 2005/02/27 11:33:30 dtucker Exp $
   2 #       Placed in the Public Domain.
   3
   4 #SUDO=sudo
   5
   6 # Unbreak GNU head(1)
   7 _POSIX2_VERSION=199209
   8 export _POSIX2_VERSION
   9
  10 if [ ! -z "$TEST_SSH_PORT" ]; then
  11         PORT="$TEST_SSH_PORT"
  12 else
  13         PORT=4242
  14 fi
  15
  16 if [ -x /usr/ucb/whoami ]; then
  17         USER=`/usr/ucb/whoami`
  18 elif whoami >/dev/null 2>&1; then
  19         USER=`whoami`
  20 else
  21         USER=`id -un`
  22 fi
  23
  24 OBJ=$1
  25 if [ "x$OBJ" = "x" ]; then
  26         echo '$OBJ not defined'
  27         exit 2
  28 fi
  29 if [ ! -d $OBJ ]; then
  30         echo "not a directory: $OBJ"
  31         exit 2
  32 fi
  33 SCRIPT=$2
  34 if [ "x$SCRIPT" = "x" ]; then
  35         echo '$SCRIPT not defined'
  36         exit 2
  37 fi
  38 if [ ! -f $SCRIPT ]; then
  39         echo "not a file: $SCRIPT"
  40         exit 2
  41 fi
  42 if $TEST_SHELL -n $SCRIPT; then
  43         true
  44 else
  45         echo "syntax error in $SCRIPT"
  46         exit 2
  47 fi
  48 unset SSH_AUTH_SOCK
  49
  50 SRC=`dirname ${SCRIPT}`
  51
  52 # defaults
  53 SSH=ssh
  54 SSHD=sshd
  55 SSHAGENT=ssh-agent
  56 SSHADD=ssh-add
  57 SSHKEYGEN=ssh-keygen
  58 SSHKEYSCAN=ssh-keyscan
  59 SFTP=sftp
  60 SFTPSERVER=/usr/libexec/openssh/sftp-server
  61 SCP=scp
  62
  63 if [ "x$TEST_SSH_SSH" != "x" ]; then
  64         SSH="${TEST_SSH_SSH}"
  65 fi
  66 if [ "x$TEST_SSH_SSHD" != "x" ]; then
  67         SSHD="${TEST_SSH_SSHD}"
  68 fi
  69 if [ "x$TEST_SSH_SSHAGENT" != "x" ]; then
  70         SSHAGENT="${TEST_SSH_SSHAGENT}"
  71 fi
  72 if [ "x$TEST_SSH_SSHADD" != "x" ]; then
  73         SSHADD="${TEST_SSH_SSHADD}"
  74 fi
  75 if [ "x$TEST_SSH_SSHKEYGEN" != "x" ]; then
  76         SSHKEYGEN="${TEST_SSH_SSHKEYGEN}"
  77 fi
  78 if [ "x$TEST_SSH_SSHKEYSCAN" != "x" ]; then
  79         SSHKEYSCAN="${TEST_SSH_SSHKEYSCAN}"
  80 fi
  81 if [ "x$TEST_SSH_SFTP" != "x" ]; then
  82         SFTP="${TEST_SSH_SFTP}"
  83 fi
  84 if [ "x$TEST_SSH_SFTPSERVER" != "x" ]; then
  85         SFTPSERVER="${TEST_SSH_SFTPSERVER}"
  86 fi
  87 if [ "x$TEST_SSH_SCP" != "x" ]; then
  88         SCP="${TEST_SSH_SCP}"
  89 fi
  90
  91 # Path to sshd must be absolute for rexec
  92 if [ ! -x /$SSHD ]; then
  93         SSHD=`which sshd`
  94 fi
  95
  96 if [ "x$TEST_SSH_LOGFILE" = "x" ]; then
  97         TEST_SSH_LOGFILE=/dev/null
  98 fi
  99
 100 # these should be used in tests
 101 export SSH SSHD SSHAGENT SSHADD SSHKEYGEN SSHKEYSCAN SFTP SFTPSERVER SCP
 102 #echo $SSH $SSHD $SSHAGENT $SSHADD $SSHKEYGEN $SSHKEYSCAN $SFTP $SFTPSERVER $SCP
 103
 104 # helper
 105 echon()
 106 {
 107        if [ "x`echo -n`" = "x" ]; then
 108                echo -n "$@"
 109        elif [ "x`echo '\c'`" = "x" ]; then
 110                echo "$@\c"
 111        else
 112                fatal "Don't know how to echo without newline."
 113        fi
 114 }
 115
 116 have_prog()
 117 {
 118         saved_IFS="$IFS"
 119         IFS=":"
 120         for i in $PATH
 121         do
 122                 if [ -x $i/$1 ]; then
 123                         IFS="$saved_IFS"
 124                         return 0
 125                 fi
 126         done
 127         IFS="$saved_IFS"
 128         return 1
 129 }
 130
 131 cleanup ()
 132 {
 133         if [ -f $PIDFILE ]; then
 134                 pid=`cat $PIDFILE`
 135                 if [ "X$pid" = "X" ]; then
 136                         echo no sshd running
 137                 else
 138                         if [ $pid -lt 2 ]; then
 139                                 echo bad pid for ssd: $pid
 140                         else
 141                                 $SUDO kill $pid
 142                         fi
 143                 fi
 144         fi
 145 }
 146
 147 trace ()
 148 {
 149         echo "trace: $@" >>$TEST_SSH_LOGFILE
 150         if [ "X$TEST_SSH_TRACE" = "Xyes" ]; then
 151                 echo "$@"
 152         fi
 153 }
 154
 155 verbose ()
 156 {
 157         echo "verbose: $@" >>$TEST_SSH_LOGFILE
 158         if [ "X$TEST_SSH_QUIET" != "Xyes" ]; then
 159                 echo "$@"
 160         fi
 161 }
 162
 163
 164 fail ()
 165 {
 166         echo "FAIL: $@" >>$TEST_SSH_LOGFILE
 167         RESULT=1
 168         echo "$@"
 169 }
 170
 171 fatal ()
 172 {
 173         echo "FATAL: $@" >>$TEST_SSH_LOGFILE
 174         echon "FATAL: "
 175         fail "$@"
 176         cleanup
 177         exit $RESULT
 178 }
 179
 180 RESULT=0
 181 PIDFILE=$OBJ/pidfile
 182
 183 trap fatal 3 2
 184
 185 # create server config
 186 cat << EOF > $OBJ/sshd_config
 187         StrictModes             no
 188         Port                    $PORT
 189         ListenAddress           127.0.0.1
 190         #ListenAddress          ::1
 191         PidFile                 $PIDFILE
 192         AuthorizedKeysFile      $OBJ/authorized_keys_%u
 193         LogLevel                DEBUG
 194         AcceptEnv               _XXX_TEST_*
 195         AcceptEnv               _XXX_TEST
 196         Subsystem       sftp    $SFTPSERVER
 197 EOF
 198
 199 if [ ! -z "$TEST_SSH_SSHD_CONFOPTS" ]; then
 200         trace "adding sshd_config option $TEST_SSH_SSHD_CONFOPTS"
 201         echo "$TEST_SSH_SSHD_CONFOPTS" >> $OBJ/sshd_config
 202 fi
 203
 204 # server config for proxy connects
 205 cp $OBJ/sshd_config $OBJ/sshd_proxy
 206
 207 # allow group-writable directories in proxy-mode
 208 echo 'StrictModes no' >> $OBJ/sshd_proxy
 209
 210 # create client config
 211 cat << EOF > $OBJ/ssh_config
 212 Host *
 213         Hostname                127.0.0.1
 214         HostKeyAlias            localhost-with-alias
 215         Port                    $PORT
 216         User                    $USER
 217         GlobalKnownHostsFile    $OBJ/known_hosts
 218         UserKnownHostsFile      $OBJ/known_hosts
 219         RSAAuthentication       yes
 220         PubkeyAuthentication    yes
 221         ChallengeResponseAuthentication no
 222         HostbasedAuthentication no
 223         PasswordAuthentication  no
 224         BatchMode               yes
 225         StrictHostKeyChecking   yes
 226 EOF
 227
 228 if [ ! -z "$TEST_SSH_SSH_CONFOPTS" ]; then
 229         trace "adding ssh_config option $TEST_SSH_SSHD_CONFOPTS"
 230         echo "$TEST_SSH_SSH_CONFOPTS" >> $OBJ/ssh_config
 231 fi
 232
 233 rm -f $OBJ/known_hosts $OBJ/authorized_keys_$USER
 234
 235 trace "generate keys"
 236 for t in rsa rsa1; do
 237         # generate user key
 238         rm -f $OBJ/$t
 239         ${SSHKEYGEN} -q -N '' -t $t  -f $OBJ/$t ||\
 240                 fail "ssh-keygen for $t failed"
 241
 242         # known hosts file for client
 243         (
 244                 echon 'localhost-with-alias,127.0.0.1,::1 '
 245                 cat $OBJ/$t.pub
 246         ) >> $OBJ/known_hosts
 247
 248         # setup authorized keys
 249         cat $OBJ/$t.pub >> $OBJ/authorized_keys_$USER
 250         echo IdentityFile $OBJ/$t >> $OBJ/ssh_config
 251
 252         # use key as host key, too
 253         $SUDO cp $OBJ/$t $OBJ/host.$t
 254         echo HostKey $OBJ/host.$t >> $OBJ/sshd_config
 255
 256         # don't use SUDO for proxy connect
 257         echo HostKey $OBJ/$t >> $OBJ/sshd_proxy
 258 done
 259 chmod 644 $OBJ/authorized_keys_$USER
 260
 261 # create a proxy version of the client config
 262 (
 263         cat $OBJ/ssh_config
 264         echo proxycommand ${SUDO} sh ${SRC}/sshd-log-wrapper.sh ${SSHD} ${TEST_SSH_LOGFILE} -i -f $OBJ/sshd_proxy
 265 ) > $OBJ/ssh_proxy
 266
 267 # check proxy config
 268 ${SSHD} -t -f $OBJ/sshd_proxy   || fatal "sshd_proxy broken"
 269
 270 start_sshd ()
 271 {
 272         # start sshd
 273         $SUDO ${SSHD} -f $OBJ/sshd_config -t    || fatal "sshd_config broken"
 274         $SUDO ${SSHD} -f $OBJ/sshd_config -e >>$TEST_SSH_LOGFILE 2>&1
 275
 276         trace "wait for sshd"
 277         i=0;
 278         while [ ! -f $PIDFILE -a $i -lt 10 ]; do
 279                 i=`expr $i + 1`
 280                 sleep $i
 281         done
 282
 283         test -f $PIDFILE || fatal "no sshd running on port $PORT"
 284 }
 285
 286 # source test body
 287 . $SCRIPT
 288
 289 # kill sshd
 290 cleanup
 291 if [ $RESULT -eq 0 ]; then
 292         verbose ok $tid
 293 else
 294         echo failed $tid
 295 fi
 296 exit $RESULT