regress/test-exec.sh

   1 #       $OpenBSD: test-exec.sh,v 1.25 2004/12/06 10:49:56 dtucker Exp $
   2 #       Placed in the Public Domain.
   3
   4 #SUDO=sudo
   5
   6 if [ ! -z "$TEST_SSH_PORT" ]; then
   7         PORT="$TEST_SSH_PORT"
   8 else
   9         PORT=4242
  10 fi
  11
  12 if [ -x /usr/ucb/whoami ]; then
  13         USER=`/usr/ucb/whoami`
  14 elif whoami >/dev/null 2>&1; then
  15         USER=`whoami`
  16 else
  17         USER=`id -un`
  18 fi
  19
  20 OBJ=$1
  21 if [ "x$OBJ" = "x" ]; then
  22         echo '$OBJ not defined'
  23         exit 2
  24 fi
  25 if [ ! -d $OBJ ]; then
  26         echo "not a directory: $OBJ"
  27         exit 2
  28 fi
  29 SCRIPT=$2
  30 if [ "x$SCRIPT" = "x" ]; then
  31         echo '$SCRIPT not defined'
  32         exit 2
  33 fi
  34 if [ ! -f $SCRIPT ]; then
  35         echo "not a file: $SCRIPT"
  36         exit 2
  37 fi
  38 if $TEST_SHELL -n $SCRIPT; then
  39         true
  40 else
  41         echo "syntax error in $SCRIPT"
  42         exit 2
  43 fi
  44 unset SSH_AUTH_SOCK
  45
  46 # defaults
  47 SSH=ssh
  48 SSHD=sshd
  49 SSHAGENT=ssh-agent
  50 SSHADD=ssh-add
  51 SSHKEYGEN=ssh-keygen
  52 SSHKEYSCAN=ssh-keyscan
  53 SFTP=sftp
  54 SFTPSERVER=/usr/libexec/openssh/sftp-server
  55 SCP=scp
  56
  57 if [ "x$TEST_SSH_SSH" != "x" ]; then
  58         SSH="${TEST_SSH_SSH}"
  59 fi
  60 if [ "x$TEST_SSH_SSHD" != "x" ]; then
  61         SSHD="${TEST_SSH_SSHD}"
  62 fi
  63 if [ "x$TEST_SSH_SSHAGENT" != "x" ]; then
  64         SSHAGENT="${TEST_SSH_SSHAGENT}"
  65 fi
  66 if [ "x$TEST_SSH_SSHADD" != "x" ]; then
  67         SSHADD="${TEST_SSH_SSHADD}"
  68 fi
  69 if [ "x$TEST_SSH_SSHKEYGEN" != "x" ]; then
  70         SSHKEYGEN="${TEST_SSH_SSHKEYGEN}"
  71 fi
  72 if [ "x$TEST_SSH_SSHKEYSCAN" != "x" ]; then
  73         SSHKEYSCAN="${TEST_SSH_SSHKEYSCAN}"
  74 fi
  75 if [ "x$TEST_SSH_SFTP" != "x" ]; then
  76         SFTP="${TEST_SSH_SFTP}"
  77 fi
  78 if [ "x$TEST_SSH_SFTPSERVER" != "x" ]; then
  79         SFTPSERVER="${TEST_SSH_SFTPSERVER}"
  80 fi
  81 if [ "x$TEST_SSH_SCP" != "x" ]; then
  82         SCP="${TEST_SSH_SCP}"
  83 fi
  84
  85 # Path to sshd must be absolute for rexec
  86 if [ ! -x /$SSHD ]; then
  87         SSHD=`which sshd`
  88 fi
  89
  90 # these should be used in tests
  91 export SSH SSHD SSHAGENT SSHADD SSHKEYGEN SSHKEYSCAN SFTP SFTPSERVER SCP
  92 #echo $SSH $SSHD $SSHAGENT $SSHADD $SSHKEYGEN $SSHKEYSCAN $SFTP $SFTPSERVER $SCP
  93
  94 # helper
  95 echon()
  96 {
  97        if [ "x`echo -n`" = "x" ]; then
  98                echo -n "$@"
  99        elif [ "x`echo '\c'`" = "x" ]; then
 100                echo "$@\c"
 101        else
 102                fatal "Don't know how to echo without newline."
 103        fi
 104 }
 105
 106 have_prog()
 107 {
 108         saved_IFS="$IFS"
 109         IFS=":"
 110         for i in $PATH
 111         do
 112                 if [ -x $i/$1 ]; then
 113                         IFS="$saved_IFS"
 114                         return 0
 115                 fi
 116         done
 117         IFS="$saved_IFS"
 118         return 1
 119 }
 120
 121 cleanup ()
 122 {
 123         if [ -f $PIDFILE ]; then
 124                 pid=`cat $PIDFILE`
 125                 if [ "X$pid" = "X" ]; then
 126                         echo no sshd running
 127                 else
 128                         if [ $pid -lt 2 ]; then
 129                                 echo bad pid for ssd: $pid
 130                         else
 131                                 $SUDO kill $pid
 132                         fi
 133                 fi
 134         fi
 135 }
 136
 137 trace ()
 138 {
 139         if [ "X$TEST_SSH_TRACE" = "Xyes" ]; then
 140                 echo "$@"
 141         fi
 142 }
 143
 144 verbose ()
 145 {
 146         if [ "X$TEST_SSH_QUIET" != "Xyes" ]; then
 147                 echo "$@"
 148         fi
 149 }
 150
 151
 152 fail ()
 153 {
 154         RESULT=1
 155         echo "$@"
 156 }
 157
 158 fatal ()
 159 {
 160         echon "FATAL: "
 161         fail "$@"
 162         cleanup
 163         exit $RESULT
 164 }
 165
 166 RESULT=0
 167 PIDFILE=$OBJ/pidfile
 168
 169 trap fatal 3 2
 170
 171 # create server config
 172 cat << EOF > $OBJ/sshd_config
 173         StrictModes             no
 174         Port                    $PORT
 175         ListenAddress           127.0.0.1
 176         #ListenAddress          ::1
 177         PidFile                 $PIDFILE
 178         AuthorizedKeysFile      $OBJ/authorized_keys_%u
 179         LogLevel                QUIET
 180         AcceptEnv               _XXX_TEST_*
 181         AcceptEnv               _XXX_TEST
 182         Subsystem       sftp    $SFTPSERVER
 183 EOF
 184
 185 if [ ! -z "$TEST_SSH_SSHD_CONFOPTS" ]; then
 186         trace "adding sshd_config option $TEST_SSH_SSHD_CONFOPTS"
 187         echo "$TEST_SSH_SSHD_CONFOPTS" >> $OBJ/sshd_config
 188 fi
 189
 190 # server config for proxy connects
 191 cp $OBJ/sshd_config $OBJ/sshd_proxy
 192
 193 # allow group-writable directories in proxy-mode
 194 echo 'StrictModes no' >> $OBJ/sshd_proxy
 195
 196 # create client config
 197 cat << EOF > $OBJ/ssh_config
 198 Host *
 199         Hostname                127.0.0.1
 200         HostKeyAlias            localhost-with-alias
 201         Port                    $PORT
 202         User                    $USER
 203         GlobalKnownHostsFile    $OBJ/known_hosts
 204         UserKnownHostsFile      $OBJ/known_hosts
 205         RSAAuthentication       yes
 206         PubkeyAuthentication    yes
 207         ChallengeResponseAuthentication no
 208         HostbasedAuthentication no
 209         PasswordAuthentication  no
 210         BatchMode               yes
 211         StrictHostKeyChecking   yes
 212 EOF
 213
 214 if [ ! -z "$TEST_SSH_SSH_CONFOPTS" ]; then
 215         trace "adding ssh_config option $TEST_SSH_SSHD_CONFOPTS"
 216         echo "$TEST_SSH_SSH_CONFOPTS" >> $OBJ/ssh_config
 217 fi
 218
 219 rm -f $OBJ/known_hosts $OBJ/authorized_keys_$USER
 220
 221 trace "generate keys"
 222 for t in rsa rsa1; do
 223         # generate user key
 224         rm -f $OBJ/$t
 225         ${SSHKEYGEN} -q -N '' -t $t  -f $OBJ/$t ||\
 226                 fail "ssh-keygen for $t failed"
 227
 228         # known hosts file for client
 229         (
 230                 echon 'localhost-with-alias,127.0.0.1,::1 '
 231                 cat $OBJ/$t.pub
 232         ) >> $OBJ/known_hosts
 233
 234         # setup authorized keys
 235         cat $OBJ/$t.pub >> $OBJ/authorized_keys_$USER
 236         echo IdentityFile $OBJ/$t >> $OBJ/ssh_config
 237
 238         # use key as host key, too
 239         $SUDO cp $OBJ/$t $OBJ/host.$t
 240         echo HostKey $OBJ/host.$t >> $OBJ/sshd_config
 241
 242         # don't use SUDO for proxy connect
 243         echo HostKey $OBJ/$t >> $OBJ/sshd_proxy
 244 done
 245 chmod 644 $OBJ/authorized_keys_$USER
 246
 247 # create a proxy version of the client config
 248 (
 249         cat $OBJ/ssh_config
 250         echo proxycommand ${SUDO} ${SSHD} -i -f $OBJ/sshd_proxy
 251 ) > $OBJ/ssh_proxy
 252
 253 # check proxy config
 254 ${SSHD} -t -f $OBJ/sshd_proxy   || fatal "sshd_proxy broken"
 255
 256 start_sshd ()
 257 {
 258         # start sshd
 259         $SUDO ${SSHD} -f $OBJ/sshd_config -t    || fatal "sshd_config broken"
 260         $SUDO ${SSHD} -f $OBJ/sshd_config
 261
 262         trace "wait for sshd"
 263         i=0;
 264         while [ ! -f $PIDFILE -a $i -lt 10 ]; do
 265                 i=`expr $i + 1`
 266                 sleep $i
 267         done
 268
 269         test -f $PIDFILE || fatal "no sshd running on port $PORT"
 270 }
 271
 272 # source test body
 273 . $SCRIPT
 274
 275 # kill sshd
 276 cleanup
 277 if [ $RESULT -eq 0 ]; then
 278         verbose ok $tid
 279 else
 280         echo failed $tid
 281 fi
 282 exit $RESULT