regress/test-exec.sh

   1 #       $OpenBSD: test-exec.sh,v 1.28 2005/05/20 23:14:15 djm Exp $
   2 #       Placed in the Public Domain.
   3
   4 #SUDO=sudo
   5
   6 # Unbreak GNU head(1)
   7 _POSIX2_VERSION=199209
   8 export _POSIX2_VERSION
   9
  10 case `uname -s 2>/dev/null` in
  11 OSF1*)
  12         BIN_SH=xpg4
  13         export BIN_SH
  14         ;;
  15 esac
  16
  17 if [ ! -z "$TEST_SSH_PORT" ]; then
  18         PORT="$TEST_SSH_PORT"
  19 else
  20         PORT=4242
  21 fi
  22
  23 if [ -x /usr/ucb/whoami ]; then
  24         USER=`/usr/ucb/whoami`
  25 elif whoami >/dev/null 2>&1; then
  26         USER=`whoami`
  27 elif logname >/dev/null 2>&1; then
  28         USER=`logname`
  29 else
  30         USER=`id -un`
  31 fi
  32
  33 # XXX platforms that don't support -E may need a replacement
  34 ECHOE="echo -E"
  35
  36 OBJ=$1
  37 if [ "x$OBJ" = "x" ]; then
  38         echo '$OBJ not defined'
  39         exit 2
  40 fi
  41 if [ ! -d $OBJ ]; then
  42         echo "not a directory: $OBJ"
  43         exit 2
  44 fi
  45 SCRIPT=$2
  46 if [ "x$SCRIPT" = "x" ]; then
  47         echo '$SCRIPT not defined'
  48         exit 2
  49 fi
  50 if [ ! -f $SCRIPT ]; then
  51         echo "not a file: $SCRIPT"
  52         exit 2
  53 fi
  54 if $TEST_SHELL -n $SCRIPT; then
  55         true
  56 else
  57         echo "syntax error in $SCRIPT"
  58         exit 2
  59 fi
  60 unset SSH_AUTH_SOCK
  61
  62 SRC=`dirname ${SCRIPT}`
  63
  64 # defaults
  65 SSH=ssh
  66 SSHD=sshd
  67 SSHAGENT=ssh-agent
  68 SSHADD=ssh-add
  69 SSHKEYGEN=ssh-keygen
  70 SSHKEYSCAN=ssh-keyscan
  71 SFTP=sftp
  72 SFTPSERVER=/usr/libexec/openssh/sftp-server
  73 SCP=scp
  74
  75 if [ "x$TEST_SSH_SSH" != "x" ]; then
  76         SSH="${TEST_SSH_SSH}"
  77 fi
  78 if [ "x$TEST_SSH_SSHD" != "x" ]; then
  79         SSHD="${TEST_SSH_SSHD}"
  80 fi
  81 if [ "x$TEST_SSH_SSHAGENT" != "x" ]; then
  82         SSHAGENT="${TEST_SSH_SSHAGENT}"
  83 fi
  84 if [ "x$TEST_SSH_SSHADD" != "x" ]; then
  85         SSHADD="${TEST_SSH_SSHADD}"
  86 fi
  87 if [ "x$TEST_SSH_SSHKEYGEN" != "x" ]; then
  88         SSHKEYGEN="${TEST_SSH_SSHKEYGEN}"
  89 fi
  90 if [ "x$TEST_SSH_SSHKEYSCAN" != "x" ]; then
  91         SSHKEYSCAN="${TEST_SSH_SSHKEYSCAN}"
  92 fi
  93 if [ "x$TEST_SSH_SFTP" != "x" ]; then
  94         SFTP="${TEST_SSH_SFTP}"
  95 fi
  96 if [ "x$TEST_SSH_SFTPSERVER" != "x" ]; then
  97         SFTPSERVER="${TEST_SSH_SFTPSERVER}"
  98 fi
  99 if [ "x$TEST_SSH_SCP" != "x" ]; then
 100         SCP="${TEST_SSH_SCP}"
 101 fi
 102
 103 # Path to sshd must be absolute for rexec
 104 case "$SSHD" in
 105 /*) ;;
 106 *) SSHD=`which sshd` ;;
 107 esac
 108
 109 if [ "x$TEST_SSH_LOGFILE" = "x" ]; then
 110         TEST_SSH_LOGFILE=/dev/null
 111 fi
 112
 113 # these should be used in tests
 114 export SSH SSHD SSHAGENT SSHADD SSHKEYGEN SSHKEYSCAN SFTP SFTPSERVER SCP
 115 #echo $SSH $SSHD $SSHAGENT $SSHADD $SSHKEYGEN $SSHKEYSCAN $SFTP $SFTPSERVER $SCP
 116
 117 # helper
 118 echon()
 119 {
 120        if [ "x`echo -n`" = "x" ]; then
 121                echo -n "$@"
 122        elif [ "x`echo '\c'`" = "x" ]; then
 123                echo "$@\c"
 124        else
 125                fatal "Don't know how to echo without newline."
 126        fi
 127 }
 128
 129 have_prog()
 130 {
 131         saved_IFS="$IFS"
 132         IFS=":"
 133         for i in $PATH
 134         do
 135                 if [ -x $i/$1 ]; then
 136                         IFS="$saved_IFS"
 137                         return 0
 138                 fi
 139         done
 140         IFS="$saved_IFS"
 141         return 1
 142 }
 143
 144 cleanup ()
 145 {
 146         if [ -f $PIDFILE ]; then
 147                 pid=`cat $PIDFILE`
 148                 if [ "X$pid" = "X" ]; then
 149                         echo no sshd running
 150                 else
 151                         if [ $pid -lt 2 ]; then
 152                                 echo bad pid for ssd: $pid
 153                         else
 154                                 $SUDO kill $pid
 155                         fi
 156                 fi
 157         fi
 158 }
 159
 160 trace ()
 161 {
 162         $ECHOE "trace: $@" >>$TEST_SSH_LOGFILE
 163         if [ "X$TEST_SSH_TRACE" = "Xyes" ]; then
 164                 $ECHOE "$@"
 165         fi
 166 }
 167
 168 verbose ()
 169 {
 170         $ECHOE "verbose: $@" >>$TEST_SSH_LOGFILE
 171         if [ "X$TEST_SSH_QUIET" != "Xyes" ]; then
 172                 $ECHOE "$@"
 173         fi
 174 }
 175
 176
 177 fail ()
 178 {
 179         $ECHOE "FAIL: $@" >>$TEST_SSH_LOGFILE
 180         RESULT=1
 181         $ECHOE "$@"
 182 }
 183
 184 fatal ()
 185 {
 186         $ECHOE "FATAL: $@" >>$TEST_SSH_LOGFILE
 187         echon "FATAL: "
 188         fail "$@"
 189         cleanup
 190         exit $RESULT
 191 }
 192
 193 RESULT=0
 194 PIDFILE=$OBJ/pidfile
 195
 196 trap fatal 3 2
 197
 198 # create server config
 199 cat << EOF > $OBJ/sshd_config
 200         StrictModes             no
 201         Port                    $PORT
 202         AddressFamily           inet
 203         ListenAddress           127.0.0.1
 204         #ListenAddress          ::1
 205         PidFile                 $PIDFILE
 206         AuthorizedKeysFile      $OBJ/authorized_keys_%u
 207         LogLevel                VERBOSE
 208         AcceptEnv               _XXX_TEST_*
 209         AcceptEnv               _XXX_TEST
 210         Subsystem       sftp    $SFTPSERVER
 211 EOF
 212
 213 if [ ! -z "$TEST_SSH_SSHD_CONFOPTS" ]; then
 214         trace "adding sshd_config option $TEST_SSH_SSHD_CONFOPTS"
 215         echo "$TEST_SSH_SSHD_CONFOPTS" >> $OBJ/sshd_config
 216 fi
 217
 218 # server config for proxy connects
 219 cp $OBJ/sshd_config $OBJ/sshd_proxy
 220
 221 # allow group-writable directories in proxy-mode
 222 echo 'StrictModes no' >> $OBJ/sshd_proxy
 223
 224 # create client config
 225 cat << EOF > $OBJ/ssh_config
 226 Host *
 227         Hostname                127.0.0.1
 228         HostKeyAlias            localhost-with-alias
 229         Port                    $PORT
 230         User                    $USER
 231         GlobalKnownHostsFile    $OBJ/known_hosts
 232         UserKnownHostsFile      $OBJ/known_hosts
 233         RSAAuthentication       yes
 234         PubkeyAuthentication    yes
 235         ChallengeResponseAuthentication no
 236         HostbasedAuthentication no
 237         PasswordAuthentication  no
 238         BatchMode               yes
 239         StrictHostKeyChecking   yes
 240 EOF
 241
 242 if [ ! -z "$TEST_SSH_SSH_CONFOPTS" ]; then
 243         trace "adding ssh_config option $TEST_SSH_SSHD_CONFOPTS"
 244         echo "$TEST_SSH_SSH_CONFOPTS" >> $OBJ/ssh_config
 245 fi
 246
 247 rm -f $OBJ/known_hosts $OBJ/authorized_keys_$USER
 248
 249 trace "generate keys"
 250 for t in rsa rsa1; do
 251         # generate user key
 252         rm -f $OBJ/$t
 253         ${SSHKEYGEN} -b 1024 -q -N '' -t $t  -f $OBJ/$t ||\
 254                 fail "ssh-keygen for $t failed"
 255
 256         # known hosts file for client
 257         (
 258                 echon 'localhost-with-alias,127.0.0.1,::1 '
 259                 cat $OBJ/$t.pub
 260         ) >> $OBJ/known_hosts
 261
 262         # setup authorized keys
 263         cat $OBJ/$t.pub >> $OBJ/authorized_keys_$USER
 264         echo IdentityFile $OBJ/$t >> $OBJ/ssh_config
 265
 266         # use key as host key, too
 267         $SUDO cp $OBJ/$t $OBJ/host.$t
 268         echo HostKey $OBJ/host.$t >> $OBJ/sshd_config
 269
 270         # don't use SUDO for proxy connect
 271         echo HostKey $OBJ/$t >> $OBJ/sshd_proxy
 272 done
 273 chmod 644 $OBJ/authorized_keys_$USER
 274
 275 # create a proxy version of the client config
 276 (
 277         cat $OBJ/ssh_config
 278         echo proxycommand ${SUDO} sh ${SRC}/sshd-log-wrapper.sh ${SSHD} ${TEST_SSH_LOGFILE} -i -f $OBJ/sshd_proxy
 279 ) > $OBJ/ssh_proxy
 280
 281 # check proxy config
 282 ${SSHD} -t -f $OBJ/sshd_proxy   || fatal "sshd_proxy broken"
 283
 284 start_sshd ()
 285 {
 286         # start sshd
 287         $SUDO ${SSHD} -f $OBJ/sshd_config -t    || fatal "sshd_config broken"
 288         $SUDO ${SSHD} -f $OBJ/sshd_config -e >>$TEST_SSH_LOGFILE 2>&1
 289
 290         trace "wait for sshd"
 291         i=0;
 292         while [ ! -f $PIDFILE -a $i -lt 10 ]; do
 293                 i=`expr $i + 1`
 294                 sleep $i
 295         done
 296
 297         test -f $PIDFILE || fatal "no sshd running on port $PORT"
 298 }
 299
 300 # source test body
 301 . $SCRIPT
 302
 303 # kill sshd
 304 cleanup
 305 if [ $RESULT -eq 0 ]; then
 306         verbose ok $tid
 307 else
 308         echo failed $tid
 309 fi
 310 exit $RESULT