304 lines
5.6 KiB
Bash
Raw Normal View History

2005-06-05 15:40:50 +00:00
# $OpenBSD: test-exec.sh,v 1.27 2005/02/27 11:33:30 dtucker Exp $
2002-06-27 22:31:32 +00:00
# Placed in the Public Domain.
#SUDO=sudo
2005-06-05 15:40:50 +00:00
# Unbreak GNU head(1)
_POSIX2_VERSION=199209
export _POSIX2_VERSION
case `uname -s 2>/dev/null` in
OSF1*)
BIN_SH=xpg4
export BIN_SH
;;
esac
2004-10-28 16:03:53 +00:00
if [ ! -z "$TEST_SSH_PORT" ]; then
PORT="$TEST_SSH_PORT"
else
PORT=4242
fi
2004-01-07 11:10:17 +00:00
if [ -x /usr/ucb/whoami ]; then
USER=`/usr/ucb/whoami`
elif whoami >/dev/null 2>&1; then
USER=`whoami`
else
USER=`id -un`
fi
2002-06-27 22:31:32 +00:00
OBJ=$1
if [ "x$OBJ" = "x" ]; then
echo '$OBJ not defined'
exit 2
fi
if [ ! -d $OBJ ]; then
echo "not a directory: $OBJ"
exit 2
fi
SCRIPT=$2
if [ "x$SCRIPT" = "x" ]; then
echo '$SCRIPT not defined'
exit 2
fi
if [ ! -f $SCRIPT ]; then
echo "not a file: $SCRIPT"
exit 2
fi
2004-02-26 10:38:49 +00:00
if $TEST_SHELL -n $SCRIPT; then
2002-06-27 22:31:32 +00:00
true
else
echo "syntax error in $SCRIPT"
exit 2
fi
unset SSH_AUTH_SOCK
2005-06-05 15:40:50 +00:00
SRC=`dirname ${SCRIPT}`
2002-06-27 22:31:32 +00:00
# defaults
SSH=ssh
SSHD=sshd
SSHAGENT=ssh-agent
SSHADD=ssh-add
SSHKEYGEN=ssh-keygen
SSHKEYSCAN=ssh-keyscan
SFTP=sftp
SFTPSERVER=/usr/libexec/openssh/sftp-server
2004-10-28 16:03:53 +00:00
SCP=scp
2002-06-27 22:31:32 +00:00
if [ "x$TEST_SSH_SSH" != "x" ]; then
2004-04-20 09:35:04 +00:00
SSH="${TEST_SSH_SSH}"
2002-06-27 22:31:32 +00:00
fi
if [ "x$TEST_SSH_SSHD" != "x" ]; then
2004-04-20 09:35:04 +00:00
SSHD="${TEST_SSH_SSHD}"
2002-06-27 22:31:32 +00:00
fi
if [ "x$TEST_SSH_SSHAGENT" != "x" ]; then
2004-04-20 09:35:04 +00:00
SSHAGENT="${TEST_SSH_SSHAGENT}"
2002-06-27 22:31:32 +00:00
fi
if [ "x$TEST_SSH_SSHADD" != "x" ]; then
2004-04-20 09:35:04 +00:00
SSHADD="${TEST_SSH_SSHADD}"
2002-06-27 22:31:32 +00:00
fi
if [ "x$TEST_SSH_SSHKEYGEN" != "x" ]; then
2004-04-20 09:35:04 +00:00
SSHKEYGEN="${TEST_SSH_SSHKEYGEN}"
2002-06-27 22:31:32 +00:00
fi
if [ "x$TEST_SSH_SSHKEYSCAN" != "x" ]; then
2004-04-20 09:35:04 +00:00
SSHKEYSCAN="${TEST_SSH_SSHKEYSCAN}"
2002-06-27 22:31:32 +00:00
fi
if [ "x$TEST_SSH_SFTP" != "x" ]; then
2004-04-20 09:35:04 +00:00
SFTP="${TEST_SSH_SFTP}"
2002-06-27 22:31:32 +00:00
fi
if [ "x$TEST_SSH_SFTPSERVER" != "x" ]; then
2004-04-20 09:35:04 +00:00
SFTPSERVER="${TEST_SSH_SFTPSERVER}"
2002-06-27 22:31:32 +00:00
fi
2004-10-28 16:03:53 +00:00
if [ "x$TEST_SSH_SCP" != "x" ]; then
SCP="${TEST_SSH_SCP}"
fi
# Path to sshd must be absolute for rexec
2005-06-05 15:40:50 +00:00
if [ ! -x /$SSHD ]; then
SSHD=`which sshd`
fi
if [ "x$TEST_SSH_LOGFILE" = "x" ]; then
TEST_SSH_LOGFILE=/dev/null
fi
2002-06-27 22:31:32 +00:00
# these should be used in tests
2004-10-28 16:03:53 +00:00
export SSH SSHD SSHAGENT SSHADD SSHKEYGEN SSHKEYSCAN SFTP SFTPSERVER SCP
#echo $SSH $SSHD $SSHAGENT $SSHADD $SSHKEYGEN $SSHKEYSCAN $SFTP $SFTPSERVER $SCP
2002-06-27 22:31:32 +00:00
# helper
2004-01-07 11:10:17 +00:00
echon()
{
if [ "x`echo -n`" = "x" ]; then
echo -n "$@"
elif [ "x`echo '\c'`" = "x" ]; then
echo "$@\c"
else
fatal "Don't know how to echo without newline."
fi
}
have_prog()
{
saved_IFS="$IFS"
IFS=":"
for i in $PATH
do
if [ -x $i/$1 ]; then
IFS="$saved_IFS"
return 0
fi
done
IFS="$saved_IFS"
return 1
}
2002-06-27 22:31:32 +00:00
cleanup ()
{
if [ -f $PIDFILE ]; then
pid=`cat $PIDFILE`
if [ "X$pid" = "X" ]; then
echo no sshd running
else
if [ $pid -lt 2 ]; then
echo bad pid for ssd: $pid
else
$SUDO kill $pid
fi
fi
fi
}
trace ()
{
2005-06-05 15:40:50 +00:00
echo "trace: $@" >>$TEST_SSH_LOGFILE
2002-06-27 22:31:32 +00:00
if [ "X$TEST_SSH_TRACE" = "Xyes" ]; then
echo "$@"
fi
}
verbose ()
{
2005-06-05 15:40:50 +00:00
echo "verbose: $@" >>$TEST_SSH_LOGFILE
2002-06-27 22:31:32 +00:00
if [ "X$TEST_SSH_QUIET" != "Xyes" ]; then
echo "$@"
fi
}
fail ()
{
2005-06-05 15:40:50 +00:00
echo "FAIL: $@" >>$TEST_SSH_LOGFILE
2002-06-27 22:31:32 +00:00
RESULT=1
echo "$@"
}
fatal ()
{
2005-06-05 15:40:50 +00:00
echo "FATAL: $@" >>$TEST_SSH_LOGFILE
2004-01-07 11:10:17 +00:00
echon "FATAL: "
2002-06-27 22:31:32 +00:00
fail "$@"
cleanup
exit $RESULT
}
RESULT=0
PIDFILE=$OBJ/pidfile
trap fatal 3 2
# create server config
cat << EOF > $OBJ/sshd_config
2004-10-28 16:03:53 +00:00
StrictModes no
2002-06-27 22:31:32 +00:00
Port $PORT
ListenAddress 127.0.0.1
#ListenAddress ::1
PidFile $PIDFILE
AuthorizedKeysFile $OBJ/authorized_keys_%u
2005-06-05 15:41:57 +00:00
LogLevel VERBOSE
2004-10-28 16:03:53 +00:00
AcceptEnv _XXX_TEST_*
AcceptEnv _XXX_TEST
Subsystem sftp $SFTPSERVER
2002-06-27 22:31:32 +00:00
EOF
2004-10-28 16:03:53 +00:00
if [ ! -z "$TEST_SSH_SSHD_CONFOPTS" ]; then
trace "adding sshd_config option $TEST_SSH_SSHD_CONFOPTS"
echo "$TEST_SSH_SSHD_CONFOPTS" >> $OBJ/sshd_config
fi
2002-06-27 22:31:32 +00:00
# server config for proxy connects
cp $OBJ/sshd_config $OBJ/sshd_proxy
# allow group-writable directories in proxy-mode
echo 'StrictModes no' >> $OBJ/sshd_proxy
# create client config
cat << EOF > $OBJ/ssh_config
Host *
Hostname 127.0.0.1
HostKeyAlias localhost-with-alias
Port $PORT
User $USER
GlobalKnownHostsFile $OBJ/known_hosts
UserKnownHostsFile $OBJ/known_hosts
RSAAuthentication yes
PubkeyAuthentication yes
ChallengeResponseAuthentication no
HostbasedAuthentication no
PasswordAuthentication no
BatchMode yes
StrictHostKeyChecking yes
EOF
2004-10-28 16:03:53 +00:00
if [ ! -z "$TEST_SSH_SSH_CONFOPTS" ]; then
trace "adding ssh_config option $TEST_SSH_SSHD_CONFOPTS"
echo "$TEST_SSH_SSH_CONFOPTS" >> $OBJ/ssh_config
fi
2002-06-27 22:31:32 +00:00
rm -f $OBJ/known_hosts $OBJ/authorized_keys_$USER
trace "generate keys"
for t in rsa rsa1; do
# generate user key
rm -f $OBJ/$t
${SSHKEYGEN} -q -N '' -t $t -f $OBJ/$t ||\
fail "ssh-keygen for $t failed"
# known hosts file for client
(
2004-01-07 11:10:17 +00:00
echon 'localhost-with-alias,127.0.0.1,::1 '
2002-06-27 22:31:32 +00:00
cat $OBJ/$t.pub
) >> $OBJ/known_hosts
# setup authorized keys
cat $OBJ/$t.pub >> $OBJ/authorized_keys_$USER
echo IdentityFile $OBJ/$t >> $OBJ/ssh_config
# use key as host key, too
$SUDO cp $OBJ/$t $OBJ/host.$t
echo HostKey $OBJ/host.$t >> $OBJ/sshd_config
# don't use SUDO for proxy connect
echo HostKey $OBJ/$t >> $OBJ/sshd_proxy
done
chmod 644 $OBJ/authorized_keys_$USER
# create a proxy version of the client config
(
cat $OBJ/ssh_config
2005-06-05 15:40:50 +00:00
echo proxycommand ${SUDO} sh ${SRC}/sshd-log-wrapper.sh ${SSHD} ${TEST_SSH_LOGFILE} -i -f $OBJ/sshd_proxy
2002-06-27 22:31:32 +00:00
) > $OBJ/ssh_proxy
# check proxy config
${SSHD} -t -f $OBJ/sshd_proxy || fatal "sshd_proxy broken"
start_sshd ()
{
# start sshd
$SUDO ${SSHD} -f $OBJ/sshd_config -t || fatal "sshd_config broken"
2005-06-05 15:40:50 +00:00
$SUDO ${SSHD} -f $OBJ/sshd_config -e >>$TEST_SSH_LOGFILE 2>&1
2002-06-27 22:31:32 +00:00
trace "wait for sshd"
i=0;
2004-01-07 11:10:17 +00:00
while [ ! -f $PIDFILE -a $i -lt 10 ]; do
2002-06-27 22:31:32 +00:00
i=`expr $i + 1`
sleep $i
done
test -f $PIDFILE || fatal "no sshd running on port $PORT"
}
# source test body
. $SCRIPT
# kill sshd
cleanup
if [ $RESULT -eq 0 ]; then
verbose ok $tid
else
echo failed $tid
fi
exit $RESULT