freebsd-nq/crypto/openssh/regress/integrity.sh

77 lines
2.3 KiB
Bash
Raw Normal View History

2018-05-06 12:24:45 +00:00
# $OpenBSD: integrity.sh,v 1.23 2017/04/30 23:34:55 djm Exp $
2013-03-22 11:19:48 +00:00
# Placed in the Public Domain.
tid="integrity"
2015-01-05 16:09:55 +00:00
cp $OBJ/sshd_proxy $OBJ/sshd_proxy_bak
2013-03-22 11:19:48 +00:00
# start at byte 2900 (i.e. after kex) and corrupt at different offsets
tries=10
startoffset=2900
2014-01-30 10:56:49 +00:00
macs=`${SSH} -Q mac`
2013-03-22 11:19:48 +00:00
# The following are not MACs, but ciphers with integrated integrity. They are
# handled specially below.
2014-01-30 10:56:49 +00:00
macs="$macs `${SSH} -Q cipher-auth`"
2013-03-22 11:19:48 +00:00
2013-09-18 17:27:38 +00:00
# avoid DH group exchange as the extra traffic makes it harder to get the
# offset into the stream right.
echo "KexAlgorithms diffie-hellman-group14-sha1,diffie-hellman-group1-sha1" \
>> $OBJ/ssh_proxy
2013-03-22 11:19:48 +00:00
2013-09-18 17:27:38 +00:00
# sshd-command for proxy (see test-exec.sh)
2015-07-02 13:15:34 +00:00
cmd="$SUDO sh ${SRC}/sshd-log-wrapper.sh ${TEST_SSHD_LOGFILE} ${SSHD} -i -f $OBJ/sshd_proxy"
2013-03-22 11:19:48 +00:00
for m in $macs; do
trace "test $tid: mac $m"
elen=0
epad=0
emac=0
2017-08-03 10:10:20 +00:00
etmo=0
2013-03-22 11:19:48 +00:00
ecnt=0
skip=0
for off in `jot $tries $startoffset`; do
skip=`expr $skip - 1`
if [ $skip -gt 0 ]; then
# avoid modifying the high bytes of the length
continue
fi
2015-01-05 16:09:55 +00:00
cp $OBJ/sshd_proxy_bak $OBJ/sshd_proxy
2013-03-22 11:19:48 +00:00
# modify output from sshd at offset $off
pxy="proxycommand=$cmd | $OBJ/modpipe -wm xor:$off:1"
2015-07-02 13:18:50 +00:00
if ${SSH} -Q cipher-auth | grep "^${m}\$" >/dev/null 2>&1 ; then
2015-01-05 16:09:55 +00:00
echo "Ciphers=$m" >> $OBJ/sshd_proxy
2014-01-30 10:56:49 +00:00
macopt="-c $m"
else
2015-01-05 16:09:55 +00:00
echo "Ciphers=aes128-ctr" >> $OBJ/sshd_proxy
echo "MACs=$m" >> $OBJ/sshd_proxy
2014-01-30 10:56:49 +00:00
macopt="-m $m -c aes128-ctr"
fi
2013-09-18 17:27:38 +00:00
verbose "test $tid: $m @$off"
2018-05-06 12:24:45 +00:00
${SSH} $macopt -F $OBJ/ssh_proxy -o "$pxy" \
2014-01-30 10:56:49 +00:00
-oServerAliveInterval=1 -oServerAliveCountMax=30 \
2013-09-18 17:27:38 +00:00
999.999.999.999 'printf "%4096s" " "' >/dev/null
2013-03-22 11:19:48 +00:00
if [ $? -eq 0 ]; then
fail "ssh -m $m succeeds with bit-flip at $off"
fi
ecnt=`expr $ecnt + 1`
2017-01-31 12:29:48 +00:00
out=$(egrep -v "^debug" $TEST_SSH_LOGFILE | tail -2 | \
2013-09-18 17:27:38 +00:00
tr -s '\r\n' '.')
2015-01-05 16:09:55 +00:00
case "$out" in
2013-03-22 11:19:48 +00:00
Bad?packet*) elen=`expr $elen + 1`; skip=3;;
2015-07-02 13:15:34 +00:00
Corrupted?MAC* | *message?authentication?code?incorrect*)
2013-03-22 11:19:48 +00:00
emac=`expr $emac + 1`; skip=0;;
padding*) epad=`expr $epad + 1`; skip=0;;
2018-05-06 12:24:45 +00:00
*Timeout,?server*)
etmo=`expr $etmo + 1`; skip=0;;
2015-01-05 16:09:55 +00:00
*) fail "unexpected error mac $m at $off: $out";;
2013-03-22 11:19:48 +00:00
esac
done
2018-05-06 12:24:45 +00:00
verbose "test $tid: $ecnt errors: mac $emac padding $epad length $elen timeout $etmo"
2013-03-22 11:19:48 +00:00
if [ $emac -eq 0 ]; then
fail "$m: no mac errors"
fi
2018-05-06 12:24:45 +00:00
expect=`expr $ecnt - $epad - $elen - $etmo`
2013-03-22 11:19:48 +00:00
if [ $emac -ne $expect ]; then
fail "$m: expected $expect mac errors, got $emac"
fi
done