regress/test-exec.sh

   1 #       $OpenBSD: test-exec.sh,v 1.23 2004/06/25 01:25:12 djm Exp $
   2 #       Placed in the Public Domain.
   3
   4 #SUDO=sudo
   5
   6 if [ ! -z "$TEST_SSH_PORT" ]; then
   7         PORT="$TEST_SSH_PORT"
   8 else
   9         PORT=4242
  10 fi
  11
  12 if [ -x /usr/ucb/whoami ]; then
  13         USER=`/usr/ucb/whoami`
  14 elif whoami >/dev/null 2>&1; then
  15         USER=`whoami`
  16 else
  17         USER=`id -un`
  18 fi
  19
  20 OBJ=$1
  21 if [ "x$OBJ" = "x" ]; then
  22         echo '$OBJ not defined'
  23         exit 2
  24 fi
  25 if [ ! -d $OBJ ]; then
  26         echo "not a directory: $OBJ"
  27         exit 2
  28 fi
  29 SCRIPT=$2
  30 if [ "x$SCRIPT" = "x" ]; then
  31         echo '$SCRIPT not defined'
  32         exit 2
  33 fi
  34 if [ ! -f $SCRIPT ]; then
  35         echo "not a file: $SCRIPT"
  36         exit 2
  37 fi
  38 if $TEST_SHELL -n $SCRIPT; then
  39         true
  40 else
  41         echo "syntax error in $SCRIPT"
  42         exit 2
  43 fi
  44 unset SSH_AUTH_SOCK
  45
  46 # defaults
  47 SSH=ssh
  48 SSHD=sshd
  49 SSHAGENT=ssh-agent
  50 SSHADD=ssh-add
  51 SSHKEYGEN=ssh-keygen
  52 SSHKEYSCAN=ssh-keyscan
  53 SFTP=sftp
  54 SFTPSERVER=/usr/libexec/openssh/sftp-server
  55 SCP=scp
  56
  57 if [ "x$TEST_SSH_SSH" != "x" ]; then
  58         SSH="${TEST_SSH_SSH}"
  59 fi
  60 if [ "x$TEST_SSH_SSHD" != "x" ]; then
  61         SSHD="${TEST_SSH_SSHD}"
  62 fi
  63 if [ "x$TEST_SSH_SSHAGENT" != "x" ]; then
  64         SSHAGENT="${TEST_SSH_SSHAGENT}"
  65 fi
  66 if [ "x$TEST_SSH_SSHADD" != "x" ]; then
  67         SSHADD="${TEST_SSH_SSHADD}"
  68 fi
  69 if [ "x$TEST_SSH_SSHKEYGEN" != "x" ]; then
  70         SSHKEYGEN="${TEST_SSH_SSHKEYGEN}"
  71 fi
  72 if [ "x$TEST_SSH_SSHKEYSCAN" != "x" ]; then
  73         SSHKEYSCAN="${TEST_SSH_SSHKEYSCAN}"
  74 fi
  75 if [ "x$TEST_SSH_SFTP" != "x" ]; then
  76         SFTP="${TEST_SSH_SFTP}"
  77 fi
  78 if [ "x$TEST_SSH_SFTPSERVER" != "x" ]; then
  79         SFTPSERVER="${TEST_SSH_SFTPSERVER}"
  80 fi
  81 if [ "x$TEST_SSH_SCP" != "x" ]; then
  82         SCP="${TEST_SSH_SCP}"
  83 fi
  84
  85 # Path to sshd must be absolute for rexec
  86 SSHD=`which sshd`
  87
  88 # these should be used in tests
  89 export SSH SSHD SSHAGENT SSHADD SSHKEYGEN SSHKEYSCAN SFTP SFTPSERVER SCP
  90 #echo $SSH $SSHD $SSHAGENT $SSHADD $SSHKEYGEN $SSHKEYSCAN $SFTP $SFTPSERVER $SCP
  91
  92 # helper
  93 echon()
  94 {
  95        if [ "x`echo -n`" = "x" ]; then
  96                echo -n "$@"
  97        elif [ "x`echo '\c'`" = "x" ]; then
  98                echo "$@\c"
  99        else
 100                fatal "Don't know how to echo without newline."
 101        fi
 102 }
 103
 104 have_prog()
 105 {
 106         saved_IFS="$IFS"
 107         IFS=":"
 108         for i in $PATH
 109         do
 110                 if [ -x $i/$1 ]; then
 111                         IFS="$saved_IFS"
 112                         return 0
 113                 fi
 114         done
 115         IFS="$saved_IFS"
 116         return 1
 117 }
 118
 119 cleanup ()
 120 {
 121         if [ -f $PIDFILE ]; then
 122                 pid=`cat $PIDFILE`
 123                 if [ "X$pid" = "X" ]; then
 124                         echo no sshd running
 125                 else
 126                         if [ $pid -lt 2 ]; then
 127                                 echo bad pid for ssd: $pid
 128                         else
 129                                 $SUDO kill $pid
 130                         fi
 131                 fi
 132         fi
 133 }
 134
 135 trace ()
 136 {
 137         if [ "X$TEST_SSH_TRACE" = "Xyes" ]; then
 138                 echo "$@"
 139         fi
 140 }
 141
 142 verbose ()
 143 {
 144         if [ "X$TEST_SSH_QUIET" != "Xyes" ]; then
 145                 echo "$@"
 146         fi
 147 }
 148
 149
 150 fail ()
 151 {
 152         RESULT=1
 153         echo "$@"
 154 }
 155
 156 fatal ()
 157 {
 158         echon "FATAL: "
 159         fail "$@"
 160         cleanup
 161         exit $RESULT
 162 }
 163
 164 RESULT=0
 165 PIDFILE=$OBJ/pidfile
 166
 167 trap fatal 3 2
 168
 169 # create server config
 170 cat << EOF > $OBJ/sshd_config
 171         StrictModes             no
 172         Port                    $PORT
 173         ListenAddress           127.0.0.1
 174         #ListenAddress          ::1
 175         PidFile                 $PIDFILE
 176         AuthorizedKeysFile      $OBJ/authorized_keys_%u
 177         LogLevel                QUIET
 178         AcceptEnv               _XXX_TEST_*
 179         AcceptEnv               _XXX_TEST
 180         Subsystem       sftp    $SFTPSERVER
 181 EOF
 182
 183 if [ ! -z "$TEST_SSH_SSHD_CONFOPTS" ]; then
 184         trace "adding sshd_config option $TEST_SSH_SSHD_CONFOPTS"
 185         echo "$TEST_SSH_SSHD_CONFOPTS" >> $OBJ/sshd_config
 186 fi
 187
 188 # server config for proxy connects
 189 cp $OBJ/sshd_config $OBJ/sshd_proxy
 190
 191 # allow group-writable directories in proxy-mode
 192 echo 'StrictModes no' >> $OBJ/sshd_proxy
 193
 194 # create client config
 195 cat << EOF > $OBJ/ssh_config
 196 Host *
 197         Hostname                127.0.0.1
 198         HostKeyAlias            localhost-with-alias
 199         Port                    $PORT
 200         User                    $USER
 201         GlobalKnownHostsFile    $OBJ/known_hosts
 202         UserKnownHostsFile      $OBJ/known_hosts
 203         RSAAuthentication       yes
 204         PubkeyAuthentication    yes
 205         ChallengeResponseAuthentication no
 206         HostbasedAuthentication no
 207         PasswordAuthentication  no
 208         RhostsRSAAuthentication no
 209         BatchMode               yes
 210         StrictHostKeyChecking   yes
 211 EOF
 212
 213 if [ ! -z "$TEST_SSH_SSH_CONFOPTS" ]; then
 214         trace "adding ssh_config option $TEST_SSH_SSHD_CONFOPTS"
 215         echo "$TEST_SSH_SSH_CONFOPTS" >> $OBJ/ssh_config
 216 fi
 217
 218 rm -f $OBJ/known_hosts $OBJ/authorized_keys_$USER
 219
 220 trace "generate keys"
 221 for t in rsa rsa1; do
 222         # generate user key
 223         rm -f $OBJ/$t
 224         ${SSHKEYGEN} -q -N '' -t $t  -f $OBJ/$t ||\
 225                 fail "ssh-keygen for $t failed"
 226
 227         # known hosts file for client
 228         (
 229                 echon 'localhost-with-alias,127.0.0.1,::1 '
 230                 cat $OBJ/$t.pub
 231         ) >> $OBJ/known_hosts
 232
 233         # setup authorized keys
 234         cat $OBJ/$t.pub >> $OBJ/authorized_keys_$USER
 235         echo IdentityFile $OBJ/$t >> $OBJ/ssh_config
 236
 237         # use key as host key, too
 238         $SUDO cp $OBJ/$t $OBJ/host.$t
 239         echo HostKey $OBJ/host.$t >> $OBJ/sshd_config
 240
 241         # don't use SUDO for proxy connect
 242         echo HostKey $OBJ/$t >> $OBJ/sshd_proxy
 243 done
 244 chmod 644 $OBJ/authorized_keys_$USER
 245
 246 # create a proxy version of the client config
 247 (
 248         cat $OBJ/ssh_config
 249         echo proxycommand ${SUDO} ${SSHD} -i -f $OBJ/sshd_proxy
 250 ) > $OBJ/ssh_proxy
 251
 252 # check proxy config
 253 ${SSHD} -t -f $OBJ/sshd_proxy   || fatal "sshd_proxy broken"
 254
 255 start_sshd ()
 256 {
 257         # start sshd
 258         $SUDO ${SSHD} -f $OBJ/sshd_config -t    || fatal "sshd_config broken"
 259         $SUDO ${SSHD} -f $OBJ/sshd_config
 260
 261         trace "wait for sshd"
 262         i=0;
 263         while [ ! -f $PIDFILE -a $i -lt 10 ]; do
 264                 i=`expr $i + 1`
 265                 sleep $i
 266         done
 267
 268         test -f $PIDFILE || fatal "no sshd running on port $PORT"
 269 }
 270
 271 # source test body
 272 . $SCRIPT
 273
 274 # kill sshd
 275 cleanup
 276 if [ $RESULT -eq 0 ]; then
 277         verbose ok $tid
 278 else
 279         echo failed $tid
 280 fi
 281 exit $RESULT