d/freebsd-skq
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Remove a bunch of files we don't need to build OpenSSH. They are still

Browse Source 
available in base/vendor-crypto/openssh/dist/.
This commit is contained in:
Dag-Erling Smørgrav 2008-07-23 17:02:25 +00:00
parent b39cb07cbc
commit a9337121a7
80 changed files with 0 additions and 11367 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

438
crypto/openssh/Makefile.in
View File

@ -1,438 +0,0 @@
# $Id: Makefile.in,v 1.283 2006/10/23 21:44:47 tim Exp $
# uncomment if you run a non bourne compatable shell. Ie. csh
#SHELL = @SH@
AUTORECONF=autoreconf
prefix=@prefix@
exec_prefix=@exec_prefix@
bindir=@bindir@
sbindir=@sbindir@
libexecdir=@libexecdir@
datadir=@datadir@
datarootdir=@datarootdir@
mandir=@mandir@
mansubdir=@mansubdir@
sysconfdir=@sysconfdir@
piddir=@piddir@
srcdir=@srcdir@
top_srcdir=@top_srcdir@
DESTDIR=
VPATH=@srcdir@
SSH_PROGRAM=@bindir@/ssh
ASKPASS_PROGRAM=$(libexecdir)/ssh-askpass
SFTP_SERVER=$(libexecdir)/sftp-server
SSH_KEYSIGN=$(libexecdir)/ssh-keysign
RAND_HELPER=$(libexecdir)/ssh-rand-helper
PRIVSEP_PATH=@PRIVSEP_PATH@
SSH_PRIVSEP_USER=@SSH_PRIVSEP_USER@
STRIP_OPT=@STRIP_OPT@
PATHS= -DSSHDIR=\"$(sysconfdir)\" \
-D_PATH_SSH_PROGRAM=\"$(SSH_PROGRAM)\" \
-D_PATH_SSH_ASKPASS_DEFAULT=\"$(ASKPASS_PROGRAM)\" \
-D_PATH_SFTP_SERVER=\"$(SFTP_SERVER)\" \
-D_PATH_SSH_KEY_SIGN=\"$(SSH_KEYSIGN)\" \
-D_PATH_SSH_PIDDIR=\"$(piddir)\" \
-D_PATH_PRIVSEP_CHROOT_DIR=\"$(PRIVSEP_PATH)\" \
-DSSH_RAND_HELPER=\"$(RAND_HELPER)\"
CC=@CC@
LD=@LD@
CFLAGS=@CFLAGS@
CPPFLAGS=-I. -I$(srcdir) @CPPFLAGS@ $(PATHS) @DEFS@
LIBS=@LIBS@
LIBSELINUX=@LIBSELINUX@
SSHDLIBS=@SSHDLIBS@
LIBEDIT=@LIBEDIT@
LIBPAM=@LIBPAM@
LIBWRAP=@LIBWRAP@
AR=@AR@
AWK=@AWK@
RANLIB=@RANLIB@
INSTALL=@INSTALL@
PERL=@PERL@
SED=@SED@
ENT=@ENT@
XAUTH_PATH=@XAUTH_PATH@
LDFLAGS=-L. -Lopenbsd-compat/ @LDFLAGS@
EXEEXT=@EXEEXT@
INSTALL_SSH_PRNG_CMDS=@INSTALL_SSH_PRNG_CMDS@
INSTALL_SSH_RAND_HELPER=@INSTALL_SSH_RAND_HELPER@
TARGETS=ssh$(EXEEXT) sshd$(EXEEXT) ssh-add$(EXEEXT) ssh-keygen$(EXEEXT) ssh-keyscan${EXEEXT} ssh-keysign${EXEEXT} ssh-agent$(EXEEXT) scp$(EXEEXT) ssh-rand-helper${EXEEXT} sftp-server$(EXEEXT) sftp$(EXEEXT)
LIBSSH_OBJS=acss.o authfd.o authfile.o bufaux.o bufbn.o buffer.o \
canohost.o channels.o cipher.o cipher-acss.o cipher-aes.o \
cipher-bf1.o cipher-ctr.o cipher-3des1.o cleanup.o \
compat.o compress.o crc32.o deattack.o fatal.o hostfile.o \
log.o match.o md-sha256.o moduli.o nchan.o packet.o \
readpass.o rsa.o ttymodes.o xmalloc.o \
atomicio.o key.o dispatch.o kex.o mac.o uidswap.o uuencode.o misc.o \
monitor_fdpass.o rijndael.o ssh-dss.o ssh-rsa.o dh.o kexdh.o \
kexgex.o kexdhc.o kexgexc.o scard.o msg.o progressmeter.o dns.o \
entropy.o scard-opensc.o gss-genr.o
SSHOBJS= ssh.o readconf.o clientloop.o sshtty.o \
sshconnect.o sshconnect1.o sshconnect2.o
SSHDOBJS=sshd.o auth-rhosts.o auth-passwd.o auth-rsa.o auth-rh-rsa.o \
sshpty.o sshlogin.o servconf.o serverloop.o \
auth.o auth1.o auth2.o auth-options.o session.o \
auth-chall.o auth2-chall.o groupaccess.o \
auth-skey.o auth-bsdauth.o auth2-hostbased.o auth2-kbdint.o \
auth2-none.o auth2-passwd.o auth2-pubkey.o \
monitor_mm.o monitor.o monitor_wrap.o kexdhs.o kexgexs.o \
auth-krb5.o \
auth2-gss.o gss-serv.o gss-serv-krb5.o \
loginrec.o auth-pam.o auth-shadow.o auth-sia.o md5crypt.o \
audit.o audit-bsm.o platform.o
MANPAGES = scp.1.out ssh-add.1.out ssh-agent.1.out ssh-keygen.1.out ssh-keyscan.1.out ssh.1.out sshd.8.out sftp-server.8.out sftp.1.out ssh-rand-helper.8.out ssh-keysign.8.out sshd_config.5.out ssh_config.5.out
MANPAGES_IN = scp.1 ssh-add.1 ssh-agent.1 ssh-keygen.1 ssh-keyscan.1 ssh.1 sshd.8 sftp-server.8 sftp.1 ssh-rand-helper.8 ssh-keysign.8 sshd_config.5 ssh_config.5
MANTYPE = @MANTYPE@
CONFIGFILES=sshd_config.out ssh_config.out moduli.out
CONFIGFILES_IN=sshd_config ssh_config moduli
PATHSUBS = \
-e 's|/etc/ssh/ssh_prng_cmds|$(sysconfdir)/ssh_prng_cmds|g' \
-e 's|/etc/ssh/ssh_config|$(sysconfdir)/ssh_config|g' \
-e 's|/etc/ssh/ssh_known_hosts|$(sysconfdir)/ssh_known_hosts|g' \
-e 's|/etc/ssh/sshd_config|$(sysconfdir)/sshd_config|g' \
-e 's|/usr/libexec|$(libexecdir)|g' \
-e 's|/etc/shosts.equiv|$(sysconfdir)/shosts.equiv|g' \
-e 's|/etc/ssh/ssh_host_key|$(sysconfdir)/ssh_host_key|g' \
-e 's|/etc/ssh/ssh_host_dsa_key|$(sysconfdir)/ssh_host_dsa_key|g' \
-e 's|/etc/ssh/ssh_host_rsa_key|$(sysconfdir)/ssh_host_rsa_key|g' \
-e 's|/var/run/sshd.pid|$(piddir)/sshd.pid|g' \
-e 's|/etc/ssh/moduli|$(sysconfdir)/moduli|g' \
-e 's|/etc/ssh/sshrc|$(sysconfdir)/sshrc|g' \
-e 's|/usr/X11R6/bin/xauth|$(XAUTH_PATH)|g' \
-e 's|/var/empty|$(PRIVSEP_PATH)|g' \
-e 's|/usr/bin:/bin:/usr/sbin:/sbin|@user_path@|g'
FIXPATHSCMD = $(SED) $(PATHSUBS)
all: $(CONFIGFILES) ssh_prng_cmds.out $(MANPAGES) $(TARGETS)
$(LIBSSH_OBJS): Makefile.in config.h
$(SSHOBJS): Makefile.in config.h
$(SSHDOBJS): Makefile.in config.h
.c.o:
$(CC) $(CFLAGS) $(CPPFLAGS) -c $<
LIBCOMPAT=openbsd-compat/libopenbsd-compat.a
$(LIBCOMPAT): always
(cd openbsd-compat && $(MAKE))
always:
libssh.a: $(LIBSSH_OBJS)
$(AR) rv $@ $(LIBSSH_OBJS)
$(RANLIB) $@
ssh$(EXEEXT): $(LIBCOMPAT) libssh.a $(SSHOBJS)
$(LD) -o $@ $(SSHOBJS) $(LDFLAGS) -lssh -lopenbsd-compat $(LIBS)
sshd$(EXEEXT): libssh.a $(LIBCOMPAT) $(SSHDOBJS)
$(LD) -o $@ $(SSHDOBJS) $(LDFLAGS) -lssh -lopenbsd-compat $(LIBWRAP) $(LIBPAM) $(LIBSELINUX) $(SSHDLIBS) $(LIBS)
scp$(EXEEXT): $(LIBCOMPAT) libssh.a scp.o progressmeter.o
$(LD) -o $@ scp.o progressmeter.o bufaux.o $(LDFLAGS) -lssh -lopenbsd-compat $(LIBS)
ssh-add$(EXEEXT): $(LIBCOMPAT) libssh.a ssh-add.o
$(LD) -o $@ ssh-add.o $(LDFLAGS) -lssh -lopenbsd-compat $(LIBS)
ssh-agent$(EXEEXT): $(LIBCOMPAT) libssh.a ssh-agent.o
$(LD) -o $@ ssh-agent.o $(LDFLAGS) -lssh -lopenbsd-compat $(LIBS)
ssh-keygen$(EXEEXT): $(LIBCOMPAT) libssh.a ssh-keygen.o
$(LD) -o $@ ssh-keygen.o $(LDFLAGS) -lssh -lopenbsd-compat $(LIBS)
ssh-keysign$(EXEEXT): $(LIBCOMPAT) libssh.a ssh-keysign.o
$(LD) -o $@ ssh-keysign.o readconf.o $(LDFLAGS) -lssh -lopenbsd-compat $(LIBS)
ssh-keyscan$(EXEEXT): $(LIBCOMPAT) libssh.a ssh-keyscan.o
$(LD) -o $@ ssh-keyscan.o $(LDFLAGS) -lssh -lopenbsd-compat -lssh $(LIBS)
sftp-server$(EXEEXT): $(LIBCOMPAT) libssh.a sftp.o sftp-common.o sftp-server.o
$(LD) -o $@ sftp-server.o sftp-common.o $(LDFLAGS) -lssh -lopenbsd-compat $(LIBS)
sftp$(EXEEXT): $(LIBCOMPAT) libssh.a sftp.o sftp-client.o sftp-common.o sftp-glob.o progressmeter.o
$(LD) -o $@ progressmeter.o sftp.o sftp-client.o sftp-common.o sftp-glob.o $(LDFLAGS) -lssh -lopenbsd-compat $(LIBS) $(LIBEDIT)
ssh-rand-helper${EXEEXT}: $(LIBCOMPAT) libssh.a ssh-rand-helper.o
$(LD) -o $@ ssh-rand-helper.o $(LDFLAGS) -lssh -lopenbsd-compat $(LIBS)
# test driver for the loginrec code - not built by default
logintest: logintest.o $(LIBCOMPAT) libssh.a loginrec.o
$(LD) -o $@ logintest.o $(LDFLAGS) loginrec.o -lopenbsd-compat -lssh $(LIBS)
$(MANPAGES): $(MANPAGES_IN)
if test "$(MANTYPE)" = "cat"; then \
manpage=$(srcdir)/`echo $@ | sed 's/\.[1-9]\.out$$/\.0/'`; \
else \
manpage=$(srcdir)/`echo $@ | sed 's/\.out$$//'`; \
fi; \
if test "$(MANTYPE)" = "man"; then \
$(FIXPATHSCMD) $${manpage} | $(AWK) -f $(srcdir)/mdoc2man.awk > $@; \
else \
$(FIXPATHSCMD) $${manpage} > $@; \
fi
$(CONFIGFILES): $(CONFIGFILES_IN)
conffile=`echo $@ | sed 's/.out$$//'`; \
$(FIXPATHSCMD) $(srcdir)/$${conffile} > $@
ssh_prng_cmds.out: ssh_prng_cmds
if test ! -z "$(INSTALL_SSH_PRNG_CMDS)"; then \
$(PERL) $(srcdir)/fixprogs ssh_prng_cmds $(ENT); \
fi
# fake rule to stop make trying to compile moduli.o into a binary "moduli.o"
moduli:
echo
clean: regressclean
rm -f *.o *.a $(TARGETS) logintest config.cache config.log
rm -f *.out core survey
(cd openbsd-compat && $(MAKE) clean)
distclean: regressclean
rm -f *.o *.a $(TARGETS) logintest config.cache config.log
rm -f *.out core opensshd.init openssh.xml
rm -f Makefile buildpkg.sh config.h config.status ssh_prng_cmds
rm -f survey.sh openbsd-compat/regress/Makefile *~
rm -rf autom4te.cache
(cd openbsd-compat && $(MAKE) distclean)
(cd scard && $(MAKE) distclean)
if test -d pkg ; then \
rm -fr pkg ; \
fi
veryclean: distclean
rm -f configure config.h.in *.0
mrproper: veryclean
realclean: veryclean
catman-do:
@for f in $(MANPAGES_IN) ; do \
base=`echo $$f | sed 's/\..*$$//'` ; \
echo "$$f -> $$base.0" ; \
nroff -mandoc $$f | cat -v | sed -e 's/.\^H//g' \
>$$base.0 ; \
done
distprep: catman-do
$(AUTORECONF)
-rm -rf autom4te.cache
(cd scard && $(MAKE) -f Makefile.in distprep)
install: $(CONFIGFILES) ssh_prng_cmds.out $(MANPAGES) $(TARGETS) install-files install-sysconf host-key check-config
install-nokeys: $(CONFIGFILES) ssh_prng_cmds.out $(MANPAGES) $(TARGETS) install-files install-sysconf
install-nosysconf: $(CONFIGFILES) ssh_prng_cmds.out $(MANPAGES) $(TARGETS) install-files
check-config:
-$(DESTDIR)$(sbindir)/sshd -t -f $(DESTDIR)$(sysconfdir)/sshd_config
scard-install:
(cd scard && $(MAKE) DESTDIR=$(DESTDIR) install)
install-files: scard-install
$(srcdir)/mkinstalldirs $(DESTDIR)$(bindir)
$(srcdir)/mkinstalldirs $(DESTDIR)$(sbindir)
$(srcdir)/mkinstalldirs $(DESTDIR)$(mandir)
$(srcdir)/mkinstalldirs $(DESTDIR)$(datadir)
$(srcdir)/mkinstalldirs $(DESTDIR)$(mandir)/$(mansubdir)1
$(srcdir)/mkinstalldirs $(DESTDIR)$(mandir)/$(mansubdir)5
$(srcdir)/mkinstalldirs $(DESTDIR)$(mandir)/$(mansubdir)8
$(srcdir)/mkinstalldirs $(DESTDIR)$(libexecdir)
(umask 022 ; $(srcdir)/mkinstalldirs $(DESTDIR)$(PRIVSEP_PATH))
$(INSTALL) -m 0755 $(STRIP_OPT) ssh $(DESTDIR)$(bindir)/ssh
$(INSTALL) -m 0755 $(STRIP_OPT) scp $(DESTDIR)$(bindir)/scp
$(INSTALL) -m 0755 $(STRIP_OPT) ssh-add $(DESTDIR)$(bindir)/ssh-add
$(INSTALL) -m 0755 $(STRIP_OPT) ssh-agent $(DESTDIR)$(bindir)/ssh-agent
$(INSTALL) -m 0755 $(STRIP_OPT) ssh-keygen $(DESTDIR)$(bindir)/ssh-keygen
$(INSTALL) -m 0755 $(STRIP_OPT) ssh-keyscan $(DESTDIR)$(bindir)/ssh-keyscan
$(INSTALL) -m 0755 $(STRIP_OPT) sshd $(DESTDIR)$(sbindir)/sshd
if test ! -z "$(INSTALL_SSH_RAND_HELPER)" ; then \
$(INSTALL) -m 0755 $(STRIP_OPT) ssh-rand-helper $(DESTDIR)$(libexecdir)/ssh-rand-helper ; \
fi
$(INSTALL) -m 4711 $(STRIP_OPT) ssh-keysign $(DESTDIR)$(SSH_KEYSIGN)
$(INSTALL) -m 0755 $(STRIP_OPT) sftp $(DESTDIR)$(bindir)/sftp
$(INSTALL) -m 0755 $(STRIP_OPT) sftp-server $(DESTDIR)$(SFTP_SERVER)
$(INSTALL) -m 644 ssh.1.out $(DESTDIR)$(mandir)/$(mansubdir)1/ssh.1
$(INSTALL) -m 644 scp.1.out $(DESTDIR)$(mandir)/$(mansubdir)1/scp.1
$(INSTALL) -m 644 ssh-add.1.out $(DESTDIR)$(mandir)/$(mansubdir)1/ssh-add.1
$(INSTALL) -m 644 ssh-agent.1.out $(DESTDIR)$(mandir)/$(mansubdir)1/ssh-agent.1
$(INSTALL) -m 644 ssh-keygen.1.out $(DESTDIR)$(mandir)/$(mansubdir)1/ssh-keygen.1
$(INSTALL) -m 644 ssh-keyscan.1.out $(DESTDIR)$(mandir)/$(mansubdir)1/ssh-keyscan.1
$(INSTALL) -m 644 sshd_config.5.out $(DESTDIR)$(mandir)/$(mansubdir)5/sshd_config.5
$(INSTALL) -m 644 ssh_config.5.out $(DESTDIR)$(mandir)/$(mansubdir)5/ssh_config.5
$(INSTALL) -m 644 sshd.8.out $(DESTDIR)$(mandir)/$(mansubdir)8/sshd.8
if [ ! -z "$(INSTALL_SSH_RAND_HELPER)" ]; then \
$(INSTALL) -m 644 ssh-rand-helper.8.out $(DESTDIR)$(mandir)/$(mansubdir)8/ssh-rand-helper.8 ; \
fi
$(INSTALL) -m 644 sftp.1.out $(DESTDIR)$(mandir)/$(mansubdir)1/sftp.1
$(INSTALL) -m 644 sftp-server.8.out $(DESTDIR)$(mandir)/$(mansubdir)8/sftp-server.8
$(INSTALL) -m 644 ssh-keysign.8.out $(DESTDIR)$(mandir)/$(mansubdir)8/ssh-keysign.8
-rm -f $(DESTDIR)$(bindir)/slogin
ln -s ./ssh$(EXEEXT) $(DESTDIR)$(bindir)/slogin
-rm -f $(DESTDIR)$(mandir)/$(mansubdir)1/slogin.1
ln -s ./ssh.1 $(DESTDIR)$(mandir)/$(mansubdir)1/slogin.1
install-sysconf:
if [ ! -d $(DESTDIR)$(sysconfdir) ]; then \
$(srcdir)/mkinstalldirs $(DESTDIR)$(sysconfdir); \
fi
@if [ ! -f $(DESTDIR)$(sysconfdir)/ssh_config ]; then \
$(INSTALL) -m 644 ssh_config.out $(DESTDIR)$(sysconfdir)/ssh_config; \
else \
echo "$(DESTDIR)$(sysconfdir)/ssh_config already exists, install will not overwrite"; \
fi
@if [ ! -f $(DESTDIR)$(sysconfdir)/sshd_config ]; then \
$(INSTALL) -m 644 sshd_config.out $(DESTDIR)$(sysconfdir)/sshd_config; \
else \
echo "$(DESTDIR)$(sysconfdir)/sshd_config already exists, install will not overwrite"; \
fi
@if [ -f ssh_prng_cmds ] && [ ! -z "$(INSTALL_SSH_PRNG_CMDS)" ]; then \
if [ ! -f $(DESTDIR)$(sysconfdir)/ssh_prng_cmds ] ; then \
$(INSTALL) -m 644 ssh_prng_cmds.out $(DESTDIR)$(sysconfdir)/ssh_prng_cmds; \
else \
echo "$(DESTDIR)$(sysconfdir)/ssh_prng_cmds already exists, install will not overwrite"; \
fi ; \
fi
@if [ ! -f $(DESTDIR)$(sysconfdir)/moduli ]; then \
if [ -f $(DESTDIR)$(sysconfdir)/primes ]; then \
echo "moving $(DESTDIR)$(sysconfdir)/primes to $(DESTDIR)$(sysconfdir)/moduli"; \
mv "$(DESTDIR)$(sysconfdir)/primes" "$(DESTDIR)$(sysconfdir)/moduli"; \
else \
$(INSTALL) -m 644 moduli.out $(DESTDIR)$(sysconfdir)/moduli; \
fi ; \
else \
echo "$(DESTDIR)$(sysconfdir)/moduli already exists, install will not overwrite"; \
fi
host-key: ssh-keygen$(EXEEXT)
@if [ -z "$(DESTDIR)" ] ; then \
if [ -f "$(DESTDIR)$(sysconfdir)/ssh_host_key" ] ; then \
echo "$(DESTDIR)$(sysconfdir)/ssh_host_key already exists, skipping." ; \
else \
./ssh-keygen -t rsa1 -f $(DESTDIR)$(sysconfdir)/ssh_host_key -N "" ; \
fi ; \
if [ -f $(DESTDIR)$(sysconfdir)/ssh_host_dsa_key ] ; then \
echo "$(DESTDIR)$(sysconfdir)/ssh_host_dsa_key already exists, skipping." ; \
else \
./ssh-keygen -t dsa -f $(DESTDIR)$(sysconfdir)/ssh_host_dsa_key -N "" ; \
fi ; \
if [ -f $(DESTDIR)$(sysconfdir)/ssh_host_rsa_key ] ; then \
echo "$(DESTDIR)$(sysconfdir)/ssh_host_rsa_key already exists, skipping." ; \
else \
./ssh-keygen -t rsa -f $(DESTDIR)$(sysconfdir)/ssh_host_rsa_key -N "" ; \
fi ; \
fi ;
host-key-force: ssh-keygen$(EXEEXT)
./ssh-keygen -t rsa1 -f $(DESTDIR)$(sysconfdir)/ssh_host_key -N ""
./ssh-keygen -t dsa -f $(DESTDIR)$(sysconfdir)/ssh_host_dsa_key -N ""
./ssh-keygen -t rsa -f $(DESTDIR)$(sysconfdir)/ssh_host_rsa_key -N ""
uninstallall: uninstall
-rm -f $(DESTDIR)$(sysconfdir)/ssh_config
-rm -f $(DESTDIR)$(sysconfdir)/sshd_config
-rm -f $(DESTDIR)$(sysconfdir)/ssh_prng_cmds
-rmdir $(DESTDIR)$(sysconfdir)
-rmdir $(DESTDIR)$(bindir)
-rmdir $(DESTDIR)$(sbindir)
-rmdir $(DESTDIR)$(mandir)/$(mansubdir)1
-rmdir $(DESTDIR)$(mandir)/$(mansubdir)8
-rmdir $(DESTDIR)$(mandir)
-rmdir $(DESTDIR)$(libexecdir)
uninstall:
-rm -f $(DESTDIR)$(bindir)/slogin
-rm -f $(DESTDIR)$(bindir)/ssh$(EXEEXT)
-rm -f $(DESTDIR)$(bindir)/scp$(EXEEXT)
-rm -f $(DESTDIR)$(bindir)/ssh-add$(EXEEXT)
-rm -f $(DESTDIR)$(bindir)/ssh-agent$(EXEEXT)
-rm -f $(DESTDIR)$(bindir)/ssh-keygen$(EXEEXT)
-rm -f $(DESTDIR)$(bindir)/ssh-keyscan$(EXEEXT)
-rm -f $(DESTDIR)$(bindir)/sftp$(EXEEXT)
-rm -f $(DESTDIR)$(sbindir)/sshd$(EXEEXT)
-rm -r $(DESTDIR)$(SFTP_SERVER)$(EXEEXT)
-rm -f $(DESTDIR)$(SSH_KEYSIGN)$(EXEEXT)
-rm -f $(DESTDIR)$(RAND_HELPER)$(EXEEXT)
-rm -f $(DESTDIR)$(mandir)/$(mansubdir)1/ssh.1
-rm -f $(DESTDIR)$(mandir)/$(mansubdir)1/scp.1
-rm -f $(DESTDIR)$(mandir)/$(mansubdir)1/ssh-add.1
-rm -f $(DESTDIR)$(mandir)/$(mansubdir)1/ssh-agent.1
-rm -f $(DESTDIR)$(mandir)/$(mansubdir)1/ssh-keygen.1
-rm -f $(DESTDIR)$(mandir)/$(mansubdir)1/sftp.1
-rm -f $(DESTDIR)$(mandir)/$(mansubdir)1/ssh-keyscan.1
-rm -f $(DESTDIR)$(mandir)/$(mansubdir)8/sshd.8
-rm -f $(DESTDIR)$(mandir)/$(mansubdir)8/ssh-rand-helper.8
-rm -f $(DESTDIR)$(mandir)/$(mansubdir)8/sftp-server.8
-rm -f $(DESTDIR)$(mandir)/$(mansubdir)8/ssh-keysign.8
-rm -f $(DESTDIR)$(mandir)/$(mansubdir)1/slogin.1
tests: $(TARGETS)
BUILDDIR=`pwd`; \
[ -d `pwd`/regress ] || mkdir -p `pwd`/regress; \
[ -f `pwd`/regress/Makefile ] || \
ln -s `cd $(srcdir) && pwd`/regress/Makefile `pwd`/regress/Makefile ; \
TEST_SHELL="@TEST_SHELL@"; \
TEST_SSH_SSH="$${BUILDDIR}/ssh"; \
TEST_SSH_SSHD="$${BUILDDIR}/sshd"; \
TEST_SSH_SSHAGENT="$${BUILDDIR}/ssh-agent"; \
TEST_SSH_SSHADD="$${BUILDDIR}/ssh-add"; \
TEST_SSH_SSHKEYGEN="$${BUILDDIR}/ssh-keygen"; \
TEST_SSH_SSHKEYSCAN="$${BUILDDIR}/ssh-keyscan"; \
TEST_SSH_SFTP="$${BUILDDIR}/sftp"; \
TEST_SSH_SFTPSERVER="$${BUILDDIR}/sftp-server"; \
cd $(srcdir)/regress || exit $$?; \
$(MAKE) \
.OBJDIR="$${BUILDDIR}/regress" \
.CURDIR="`pwd`" \
BUILDDIR="$${BUILDDIR}" \
OBJ="$${BUILDDIR}/regress/" \
PATH="$${BUILDDIR}:$${PATH}" \
TEST_SHELL="$${TEST_SHELL}" \
TEST_SSH_SSH="$${TEST_SSH_SSH}" \
TEST_SSH_SSHD="$${TEST_SSH_SSHD}" \
TEST_SSH_SSHAGENT="$${TEST_SSH_SSHAGENT}" \
TEST_SSH_SSHADD="$${TEST_SSH_SSHADD}" \
TEST_SSH_SSHKEYGEN="$${TEST_SSH_SSHKEYGEN}" \
TEST_SSH_SSHKEYSCAN="$${TEST_SSH_SSHKEYSCAN}" \
TEST_SSH_SFTP="$${TEST_SSH_SFTP}" \
TEST_SSH_SFTPSERVER="$${TEST_SSH_SFTPSERVER}" \
EXEEXT="$(EXEEXT)" \
$@
compat-tests: $(LIBCOMPAT)
(cd openbsd-compat/regress && $(MAKE))
regressclean:
if [ -f regress/Makefile ] && [ -r regress/Makefile ]; then \
(cd regress && $(MAKE) clean) \
fi
survey: survey.sh ssh
@$(SHELL) ./survey.sh > survey
@echo 'The survey results have been placed in the file "survey" in the'
@echo 'current directory. Please review the file then send with'
@echo '"make send-survey".'
send-survey: survey
mail portable-survey@mindrot.org <survey
package: $(CONFIGFILES) ssh_prng_cmds.out $(MANPAGES) $(TARGETS)
if [ "@MAKE_PACKAGE_SUPPORTED@" = yes ]; then \
sh buildpkg.sh; \
fi

26
crypto/openssh/Makefile.inc
View File

@ -1,26 +0,0 @@
# $OpenBSD: Makefile.inc,v 1.23 2002/03/06 00:23:27 markus Exp $
CFLAGS+= -I${.CURDIR}/..
CDIAGFLAGS= -Wall
#CDIAGFLAGS+= -Werror
CDIAGFLAGS+= -Wpointer-arith
CDIAGFLAGS+= -Wno-uninitialized
#CDIAGFLAGS+= -Wstrict-prototypes
CDIAGFLAGS+= -Wmissing-prototypes
CDIAGFLAGS+= -Wunused
#DEBUG=-g
#CFLAGS+= -DSMARTCARD
#LDADD+= -lsectok
.include <bsd.obj.mk>
.if exists(${.CURDIR}/../lib/${__objdir})
LDADD+= -L${.CURDIR}/../lib/${__objdir} -lssh
DPADD+= ${.CURDIR}/../lib/${__objdir}/libssh.a
.else
LDADD+= -L${.CURDIR}/../lib -lssh
DPADD+= ${.CURDIR}/../lib/libssh.a
.endif

682
crypto/openssh/buildpkg.sh.in
View File

@ -1,682 +0,0 @@
#!/bin/sh
#
# Fake Root Solaris/SVR4/SVR5 Build System - Prototype
#
# The following code has been provide under Public Domain License. I really
# don't care what you use it for. Just as long as you don't complain to me
# nor my employer if you break it. - Ben Lindstrom (mouring@eviladmin.org)
#
umask 022
#
# Options for building the package
# You can create a openssh-config.local with your customized options
#
REMOVE_FAKE_ROOT_WHEN_DONE=yes
#
# uncommenting TEST_DIR and using
# configure --prefix=/var/tmp --with-privsep-path=/var/tmp/empty
# and
# PKGNAME=tOpenSSH should allow testing a package without interfering
# with a real OpenSSH package on a system. This is not needed on systems
# that support the -R option to pkgadd.
#TEST_DIR=/var/tmp # leave commented out for production build
PKGNAME=OpenSSH
# revisions within the same version (REV=a)
#REV=
SYSVINIT_NAME=opensshd
AWK=${AWK:="nawk"}
MAKE=${MAKE:="make"}
SSHDUID=67 # Default privsep uid
SSHDGID=67 # Default privsep gid
# uncomment these next three as needed
#PERMIT_ROOT_LOGIN=no
#X11_FORWARDING=yes
#USR_LOCAL_IS_SYMLINK=yes
# System V init run levels
SYSVINITSTART=S98
SYSVINITSTOPT=K30
# We will source these if they exist
POST_MAKE_INSTALL_FIXES=./pkg-post-make-install-fixes.sh
POST_PROTOTYPE_EDITS=./pkg-post-prototype-edit.sh
# We'll be one level deeper looking for these
PKG_PREINSTALL_LOCAL=../pkg-preinstall.local
PKG_POSTINSTALL_LOCAL=../pkg-postinstall.local
PKG_PREREMOVE_LOCAL=../pkg-preremove.local
PKG_POSTREMOVE_LOCAL=../pkg-postremove.local
PKG_REQUEST_LOCAL=../pkg-request.local
# end of sourced files
#
OPENSSHD=opensshd.init
OPENSSH_MANIFEST=openssh.xml
OPENSSH_FMRI=svc:/site/openssh:default
PATH_GROUPADD_PROG=@PATH_GROUPADD_PROG@
PATH_USERADD_PROG=@PATH_USERADD_PROG@
PATH_PASSWD_PROG=@PATH_PASSWD_PROG@
#
# list of system directories we do NOT want to change owner/group/perms
# when installing our package
SYSTEM_DIR="/etc \
/etc/init.d \
/etc/rcS.d \
/etc/rc0.d \
/etc/rc1.d \
/etc/rc2.d \
/etc/opt \
/lib \
/lib/svc \
/lib/svc/method \
/lib/svc/method/site \
/opt \
/opt/bin \
/usr \
/usr/bin \
/usr/lib \
/usr/sbin \
/usr/share \
/usr/share/man \
/usr/share/man/man1 \
/usr/share/man/man8 \
/usr/local \
/usr/local/bin \
/usr/local/etc \
/usr/local/libexec \
/usr/local/man \
/usr/local/man/man1 \
/usr/local/man/man8 \
/usr/local/sbin \
/usr/local/share \
/var \
/var/opt \
/var/run \
/var/svc \
/var/svc/manifest \
/var/svc/manifest/site \
/var/tmp \
/tmp"
# We may need to build as root so we make sure PATH is set up
# only set the path if it's not set already
[ -d /opt/bin ] && {
echo $PATH | grep ":/opt/bin" > /dev/null 2>&1
[ $? -ne 0 ] && PATH=$PATH:/opt/bin
}
[ -d /usr/local/bin ] && {
echo $PATH | grep ":/usr/local/bin" > /dev/null 2>&1
[ $? -ne 0 ] && PATH=$PATH:/usr/local/bin
}
[ -d /usr/ccs/bin ] && {
echo $PATH | grep ":/usr/ccs/bin" > /dev/null 2>&1
[ $? -ne 0 ] && PATH=$PATH:/usr/ccs/bin
}
export PATH
#
[ -f Makefile ] || {
echo "Please run this script from your build directory"
exit 1
}
# we will look for openssh-config.local to override the above options
[ -s ./openssh-config.local ] && . ./openssh-config.local
START=`pwd`
FAKE_ROOT=$START/pkg
## Fill in some details, like prefix and sysconfdir
for confvar in prefix exec_prefix bindir sbindir libexecdir datadir mandir sysconfdir piddir srcdir
do
eval $confvar=`grep "^$confvar=" Makefile | cut -d = -f 2`
done
## Are we using Solaris' SMF?
DO_SMF=0
if egrep "^#define USE_SOLARIS_PROCESS_CONTRACTS" config.h > /dev/null 2>&1
then
DO_SMF=1
fi
## Collect value of privsep user
for confvar in SSH_PRIVSEP_USER
do
eval $confvar=`awk '/#define[ \t]'$confvar'/{print $3}' config.h`
done
## Set privsep defaults if not defined
if [ -z "$SSH_PRIVSEP_USER" ]
then
SSH_PRIVSEP_USER=sshd
fi
## Extract common info requires for the 'info' part of the package.
VERSION=`./ssh -V 2>&1 | sed -e 's/,.*//'`
ARCH=`uname -m`
DEF_MSG="\n"
OS_VER=`uname -v`
SCRIPT_SHELL=/sbin/sh
UNAME_R=`uname -r`
UNAME_S=`uname -s`
case ${UNAME_S} in
SunOS) UNAME_S=Solaris
OS_VER=${UNAME_R}
ARCH=`uname -p`
RCS_D=yes
DEF_MSG="(default: n)"
;;
SCO_SV) case ${UNAME_R} in
3.2) UNAME_S=OpenServer5
OS_VER=`uname -X | grep Release | sed -e 's/^Rel.*3.2v//'`
;;
5) UNAME_S=OpenServer6
;;
esac
SCRIPT_SHELL=/bin/sh
RC1_D=no
DEF_MSG="(default: n)"
;;
esac
case `basename $0` in
buildpkg.sh)
## Start by faking root install
echo "Faking root install..."
[ -d $FAKE_ROOT ] && rm -fr $FAKE_ROOT
mkdir $FAKE_ROOT
${MAKE} install-nokeys DESTDIR=$FAKE_ROOT
if [ $? -gt 0 ]
then
echo "Fake root install failed, stopping."
exit 1
fi
## Setup our run level stuff while we are at it.
if [ $DO_SMF -eq 1 ]
then
# For Solaris' SMF, /lib/svc/method/site is the preferred place
# for start/stop scripts that aren't supplied with the OS, and
# similarly /var/svc/manifest/site for manifests.
mkdir -p $FAKE_ROOT${TEST_DIR}/lib/svc/method/site
mkdir -p $FAKE_ROOT${TEST_DIR}/var/svc/manifest/site
cp ${OPENSSHD} $FAKE_ROOT${TEST_DIR}/lib/svc/method/site/${SYSVINIT_NAME}
chmod 744 $FAKE_ROOT${TEST_DIR}/lib/svc/method/site/${SYSVINIT_NAME}
cp ${OPENSSH_MANIFEST} $FAKE_ROOT${TEST_DIR}/var/svc/manifest/site
chmod 644 $FAKE_ROOT${TEST_DIR}/var/svc/manifest/site/${OPENSSH_MANIFEST}
else
mkdir -p $FAKE_ROOT${TEST_DIR}/etc/init.d
cp ${OPENSSHD} $FAKE_ROOT${TEST_DIR}/etc/init.d/${SYSVINIT_NAME}
chmod 744 $FAKE_ROOT${TEST_DIR}/etc/init.d/${SYSVINIT_NAME}
fi
[ "${PERMIT_ROOT_LOGIN}" = no ] && \
perl -p -i -e "s/#PermitRootLogin yes/PermitRootLogin no/" \
$FAKE_ROOT/${sysconfdir}/sshd_config
[ "${X11_FORWARDING}" = yes ] && \
perl -p -i -e "s/#X11Forwarding no/X11Forwarding yes/" \
$FAKE_ROOT/${sysconfdir}/sshd_config
# fix PrintMotd
perl -p -i -e "s/#PrintMotd yes/PrintMotd no/" \
$FAKE_ROOT/${sysconfdir}/sshd_config
# We don't want to overwrite config files on multiple installs
mv $FAKE_ROOT/${sysconfdir}/ssh_config $FAKE_ROOT/${sysconfdir}/ssh_config.default
mv $FAKE_ROOT/${sysconfdir}/sshd_config $FAKE_ROOT/${sysconfdir}/sshd_config.default
[ -f $FAKE_ROOT/${sysconfdir}/ssh_prng_cmds ] && \
mv $FAKE_ROOT/${sysconfdir}/ssh_prng_cmds $FAKE_ROOT/${sysconfdir}/ssh_prng_cmds.default
# local tweeks here
[ -s "${POST_MAKE_INSTALL_FIXES}" ] && . ${POST_MAKE_INSTALL_FIXES}
cd $FAKE_ROOT
## Ok, this is outright wrong, but it will work. I'm tired of pkgmk
## whining.
for i in *; do
PROTO_ARGS="$PROTO_ARGS $i=/$i";
done
## Build info file
echo "Building pkginfo file..."
cat > pkginfo << _EOF
PKG=$PKGNAME
NAME="OpenSSH Portable for ${UNAME_S}"
DESC="Secure Shell remote access utility; replaces telnet and rlogin/rsh."
VENDOR="OpenSSH Portable Team - http://www.openssh.com/portable.html"
ARCH=$ARCH
VERSION=$VERSION$REV
CATEGORY="Security,application"
BASEDIR=/
CLASSES="none"
PSTAMP="${UNAME_S} ${OS_VER} ${ARCH} `date '+%d%b%Y %H:%M'`"
_EOF
## Build empty depend file that may get updated by $POST_PROTOTYPE_EDITS
echo "Building depend file..."
touch depend
## Build space file
echo "Building space file..."
if [ $DO_SMF -eq 1 ]
then
# XXX Is this necessary? If not, remove space line from mk-proto.awk.
touch space
else
cat > space << _EOF
# extra space required by start/stop links added by installf
# in postinstall
$TEST_DIR/etc/rc0.d/${SYSVINITSTOPT}${SYSVINIT_NAME} 0 1
$TEST_DIR/etc/rc2.d/${SYSVINITSTART}${SYSVINIT_NAME} 0 1
_EOF
[ "$RC1_D" = no ] || \
echo "$TEST_DIR/etc/rc1.d/${SYSVINITSTOPT}${SYSVINIT_NAME} 0 1" >> space
[ "$RCS_D" = yes ] && \
echo "$TEST_DIR/etc/rcS.d/${SYSVINITSTOPT}${SYSVINIT_NAME} 0 1" >> space
fi
## Build preinstall file
echo "Building preinstall file..."
cat > preinstall << _EOF
#! ${SCRIPT_SHELL}
#
_EOF
# local preinstall changes here
[ -s "${PKG_PREINSTALL_LOCAL}" ] && . ${PKG_PREINSTALL_LOCAL}
cat >> preinstall << _EOF
#
if [ "\${PRE_INS_STOP}" = "yes" ]
then
if [ $DO_SMF -eq 1 ]
then
svcadm disable $OPENSSH_FMRI
else
${TEST_DIR}/etc/init.d/${SYSVINIT_NAME} stop
fi
fi
exit 0
_EOF
## Build postinstall file
echo "Building postinstall file..."
cat > postinstall << _EOF
#! ${SCRIPT_SHELL}
#
[ -f \${PKG_INSTALL_ROOT}${sysconfdir}/ssh_config ] || \\
cp -p \${PKG_INSTALL_ROOT}${sysconfdir}/ssh_config.default \\
\${PKG_INSTALL_ROOT}${sysconfdir}/ssh_config
[ -f \${PKG_INSTALL_ROOT}${sysconfdir}/sshd_config ] || \\
cp -p \${PKG_INSTALL_ROOT}${sysconfdir}/sshd_config.default \\
\${PKG_INSTALL_ROOT}${sysconfdir}/sshd_config
[ -f \${PKG_INSTALL_ROOT}${sysconfdir}/ssh_prng_cmds.default ] && {
[ -f \${PKG_INSTALL_ROOT}${sysconfdir}/ssh_prng_cmds ] || \\
cp -p \${PKG_INSTALL_ROOT}${sysconfdir}/ssh_prng_cmds.default \\
\${PKG_INSTALL_ROOT}${sysconfdir}/ssh_prng_cmds
}
# make rc?.d dirs only if we are doing a test install
[ -n "${TEST_DIR}" ] && [ $DO_SMF -ne 1 ] && {
[ "$RCS_D" = yes ] && mkdir -p ${TEST_DIR}/etc/rcS.d
mkdir -p ${TEST_DIR}/etc/rc0.d
[ "$RC1_D" = no ] || mkdir -p ${TEST_DIR}/etc/rc1.d
mkdir -p ${TEST_DIR}/etc/rc2.d
}
if [ $DO_SMF -eq 1 ]
then
# Delete the existing service, if it exists, then import the
# new one.
if svcs $OPENSSH_FMRI > /dev/null 2>&1
then
svccfg delete -f $OPENSSH_FMRI
fi
# NOTE, if manifest enables sshd by default, this will actually
# start the daemon, which may not be what the user wants.
svccfg import ${TEST_DIR}/var/svc/manifest/site/$OPENSSH_MANIFEST
else
if [ "\${USE_SYM_LINKS}" = yes ]
then
[ "$RCS_D" = yes ] && \
installf ${PKGNAME} \${PKG_INSTALL_ROOT}$TEST_DIR/etc/rcS.d/${SYSVINITSTOPT}${SYSVINIT_NAME}=../init.d/${SYSVINIT_NAME} s
installf ${PKGNAME} \${PKG_INSTALL_ROOT}$TEST_DIR/etc/rc0.d/${SYSVINITSTOPT}${SYSVINIT_NAME}=../init.d/${SYSVINIT_NAME} s
[ "$RC1_D" = no ] || \
installf ${PKGNAME} \${PKG_INSTALL_ROOT}$TEST_DIR/etc/rc1.d/${SYSVINITSTOPT}${SYSVINIT_NAME}=../init.d/${SYSVINIT_NAME} s
installf ${PKGNAME} \${PKG_INSTALL_ROOT}$TEST_DIR/etc/rc2.d/${SYSVINITSTART}${SYSVINIT_NAME}=../init.d/${SYSVINIT_NAME} s
else
[ "$RCS_D" = yes ] && \
installf ${PKGNAME} \${PKG_INSTALL_ROOT}$TEST_DIR/etc/rcS.d/${SYSVINITSTOPT}${SYSVINIT_NAME}=\${PKG_INSTALL_ROOT}$TEST_DIR/etc/init.d/${SYSVINIT_NAME} l
installf ${PKGNAME} \${PKG_INSTALL_ROOT}$TEST_DIR/etc/rc0.d/${SYSVINITSTOPT}${SYSVINIT_NAME}=\${PKG_INSTALL_ROOT}$TEST_DIR/etc/init.d/${SYSVINIT_NAME} l
[ "$RC1_D" = no ] || \
installf ${PKGNAME} \${PKG_INSTALL_ROOT}$TEST_DIR/etc/rc1.d/${SYSVINITSTOPT}${SYSVINIT_NAME}=\${PKG_INSTALL_ROOT}$TEST_DIR/etc/init.d/${SYSVINIT_NAME} l
installf ${PKGNAME} \${PKG_INSTALL_ROOT}$TEST_DIR/etc/rc2.d/${SYSVINITSTART}${SYSVINIT_NAME}=\${PKG_INSTALL_ROOT}$TEST_DIR/etc/init.d/${SYSVINIT_NAME} l
fi
fi
# If piddir doesn't exist we add it. (Ie. --with-pid-dir=/var/opt/ssh)
[ -d $piddir ] || installf ${PKGNAME} \${PKG_INSTALL_ROOT}$TEST_DIR$piddir d 0755 root sys
_EOF
# local postinstall changes here
[ -s "${PKG_POSTINSTALL_LOCAL}" ] && . ${PKG_POSTINSTALL_LOCAL}
cat >> postinstall << _EOF
installf -f ${PKGNAME}
# Use chroot to handle PKG_INSTALL_ROOT
if [ ! -z "\${PKG_INSTALL_ROOT}" ]
then
chroot="chroot \${PKG_INSTALL_ROOT}"
fi
# If this is a test build, we will skip the groupadd/useradd/passwd commands
if [ ! -z "${TEST_DIR}" ]
then
chroot=echo
fi
echo "PrivilegeSeparation user always required."
if cut -f1 -d: \${PKG_INSTALL_ROOT}/etc/passwd | egrep '^'$SSH_PRIVSEP_USER'\$' >/dev/null
then
echo "PrivSep user $SSH_PRIVSEP_USER already exists."
SSH_PRIVSEP_GROUP=\`grep "^$SSH_PRIVSEP_USER:" \${PKG_INSTALL_ROOT}/etc/passwd | awk -F: '{print \$4}'\`
SSH_PRIVSEP_GROUP=\`grep ":\$SSH_PRIVSEP_GROUP:" \${PKG_INSTALL_ROOT}/etc/group | awk -F: '{print \$1}'\`
else
DO_PASSWD=yes
fi
[ -z "\$SSH_PRIVSEP_GROUP" ] && SSH_PRIVSEP_GROUP=$SSH_PRIVSEP_USER
# group required?
if cut -f1 -d: \${PKG_INSTALL_ROOT}/etc/group | egrep '^'\$SSH_PRIVSEP_GROUP'\$' >/dev/null
then
echo "PrivSep group \$SSH_PRIVSEP_GROUP already exists."
else
DO_GROUP=yes
fi
# create group if required
[ "\$DO_GROUP" = yes ] && {
# Use gid of 67 if possible
if cut -f3 -d: \${PKG_INSTALL_ROOT}/etc/group | egrep '^'$SSHDGID'\$' >/dev/null
then
:
else
sshdgid="-g $SSHDGID"
fi
echo "Creating PrivSep group \$SSH_PRIVSEP_GROUP."
\$chroot ${PATH_GROUPADD_PROG} \$sshdgid \$SSH_PRIVSEP_GROUP
}
# Create user if required
[ "\$DO_PASSWD" = yes ] && {
# Use uid of 67 if possible
if cut -f3 -d: \${PKG_INSTALL_ROOT}/etc/passwd | egrep '^'$SSHDUID'\$' >/dev/null
then
:
else
sshduid="-u $SSHDUID"
fi
echo "Creating PrivSep user $SSH_PRIVSEP_USER."
\$chroot ${PATH_USERADD_PROG} -c 'SSHD PrivSep User' -s /bin/false -g $SSH_PRIVSEP_USER \$sshduid $SSH_PRIVSEP_USER
\$chroot ${PATH_PASSWD_PROG} -l $SSH_PRIVSEP_USER
}
if [ "\${POST_INS_START}" = "yes" ]
then
if [ $DO_SMF -eq 1 ]
then
# See svccfg import note above. The service may already
# be started.
svcadm enable $OPENSSH_FMRI
else
${TEST_DIR}/etc/init.d/${SYSVINIT_NAME} start
fi
fi
exit 0
_EOF
## Build preremove file
echo "Building preremove file..."
cat > preremove << _EOF
#! ${SCRIPT_SHELL}
#
if [ $DO_SMF -eq 1 ]
then
svcadm disable $OPENSSH_FMRI
else
${TEST_DIR}/etc/init.d/${SYSVINIT_NAME} stop
fi
_EOF
# local preremove changes here
[ -s "${PKG_PREREMOVE_LOCAL}" ] && . ${PKG_PREREMOVE_LOCAL}
cat >> preremove << _EOF
exit 0
_EOF
## Build postremove file
echo "Building postremove file..."
cat > postremove << _EOF
#! ${SCRIPT_SHELL}
#
if [ $DO_SMF -eq 1 ]
then
if svcs $OPENSSH_FMRI > /dev/null 2>&1
then
svccfg delete -f $OPENSSH_FMRI
fi
fi
_EOF
# local postremove changes here
[ -s "${PKG_POSTREMOVE_LOCAL}" ] && . ${PKG_POSTREMOVE_LOCAL}
cat >> postremove << _EOF
exit 0
_EOF
## Build request file
echo "Building request file..."
cat > request << _EOF
trap 'exit 3' 15
_EOF
[ -x /usr/bin/ckyorn ] || cat >> request << _EOF
ckyorn() {
# for some strange reason OpenServer5 has no ckyorn
# We build a striped down version here
DEFAULT=n
PROMPT="Yes or No [yes,no,?,quit]"
HELP_PROMPT=" Enter y or yes if your answer is yes; n or no if your answer is no."
USAGE="usage: ckyorn [options]
where options may include:
-d default
-h help
-p prompt
"
if [ \$# != 0 ]
then
while getopts d:p:h: c
do
case \$c in
h) HELP_PROMPT="\$OPTARG" ;;
d) DEFAULT=\$OPTARG ;;
p) PROMPT=\$OPTARG ;;
\\?) echo "\$USAGE" 1>&2
exit 1 ;;
esac
done
shift \`expr \$OPTIND - 1\`
fi
while true
do
echo "\${PROMPT}\\c " 1>&2
read key
[ -z "\$key" ] && key=\$DEFAULT
case \$key in
[n,N]|[n,N][o,O]|[y,Y]|[y,Y][e,E][s,S]) echo "\${key}\\c"
exit 0 ;;
\\?) echo \$HELP_PROMPT 1>&2 ;;
q|quit) echo "q\\c" 1>&2
exit 3 ;;
esac
done
}
_EOF
if [ $DO_SMF -eq 1 ]
then
# This could get hairy, as the running sshd may not be under SMF.
# We'll assume an earlier version of OpenSSH started via SMF.
cat >> request << _EOF
PRE_INS_STOP=no
POST_INS_START=no
# determine if should restart the daemon
if [ -s ${piddir}/sshd.pid ] && \
/usr/bin/svcs $OPENSSH_FMRI 2>&1 | egrep "^online" > /dev/null 2>&1
then
ans=\`ckyorn -d n \
-p "Should the running sshd daemon be restarted? ${DEF_MSG}"\` || exit \$?
case \$ans in
[y,Y]*) PRE_INS_STOP=yes
POST_INS_START=yes
;;
esac
else
# determine if we should start sshd
ans=\`ckyorn -d n \
-p "Start the sshd daemon after installing this package? ${DEF_MSG}"\` || exit \$?
case \$ans in
[y,Y]*) POST_INS_START=yes ;;
esac
fi
# make parameters available to installation service,
# and so to any other packaging scripts
cat >\$1 <<!
PRE_INS_STOP='\$PRE_INS_STOP'
POST_INS_START='\$POST_INS_START'
!
_EOF
else
cat >> request << _EOF
USE_SYM_LINKS=no
PRE_INS_STOP=no
POST_INS_START=no
# Use symbolic links?
ans=\`ckyorn -d n \
-p "Do you want symbolic links for the start/stop scripts? ${DEF_MSG}"\` || exit \$?
case \$ans in
[y,Y]*) USE_SYM_LINKS=yes ;;
esac
# determine if should restart the daemon
if [ -s ${piddir}/sshd.pid -a -f ${TEST_DIR}/etc/init.d/${SYSVINIT_NAME} ]
then
ans=\`ckyorn -d n \
-p "Should the running sshd daemon be restarted? ${DEF_MSG}"\` || exit \$?
case \$ans in
[y,Y]*) PRE_INS_STOP=yes
POST_INS_START=yes
;;
esac
else
# determine if we should start sshd
ans=\`ckyorn -d n \
-p "Start the sshd daemon after installing this package? ${DEF_MSG}"\` || exit \$?
case \$ans in
[y,Y]*) POST_INS_START=yes ;;
esac
fi
# make parameters available to installation service,
# and so to any other packaging scripts
cat >\$1 <<!
USE_SYM_LINKS='\$USE_SYM_LINKS'
PRE_INS_STOP='\$PRE_INS_STOP'
POST_INS_START='\$POST_INS_START'
!
_EOF
fi
# local request changes here
[ -s "${PKG_REQUEST_LOCAL}" ] && . ${PKG_REQUEST_LOCAL}
cat >> request << _EOF
exit 0
_EOF
## Next Build our prototype
echo "Building prototype file..."
cat >mk-proto.awk << _EOF
BEGIN { print "i pkginfo"; print "i depend"; \\
print "i preinstall"; print "i postinstall"; \\
print "i preremove"; print "i postremove"; \\
print "i request"; print "i space"; \\
split("$SYSTEM_DIR",sys_files); }
{
for (dir in sys_files) { if ( \$3 != sys_files[dir] )
{ if ( \$1 == "s" )
{ \$5=""; \$6=""; }
else
{ \$5="root"; \$6="sys"; }
}
else
{ \$4="?"; \$5="?"; \$6="?"; break;}
} }
{ print; }
_EOF
find . | egrep -v "prototype|pkginfo|mk-proto.awk" | sort | \
pkgproto $PROTO_ARGS | ${AWK} -f mk-proto.awk > prototype
# /usr/local is a symlink on some systems
[ "${USR_LOCAL_IS_SYMLINK}" = yes ] && {
grep -v "^d none /usr/local ? ? ?$" prototype > prototype.new
mv prototype.new prototype
}
## Step back a directory and now build the package.
cd ..
# local prototype tweeks here
[ -s "${POST_PROTOTYPE_EDITS}" ] && . ${POST_PROTOTYPE_EDITS}
echo "Building package.."
pkgmk -d ${FAKE_ROOT} -f $FAKE_ROOT/prototype -o
echo | pkgtrans -os ${FAKE_ROOT} ${START}/$PKGNAME-$VERSION$REV-$UNAME_S-$ARCH.pkg
;;
justpkg.sh)
rm -fr ${FAKE_ROOT}/${PKGNAME}
grep -v "^PSTAMP=" $FAKE_ROOT/pkginfo > $$tmp
mv $$tmp $FAKE_ROOT/pkginfo
cat >> $FAKE_ROOT/pkginfo << _EOF
PSTAMP="${UNAME_S} ${OS_VER} ${ARCH} `date '+%d%b%Y %H:%M'`"
_EOF
pkgmk -d ${FAKE_ROOT} -f $FAKE_ROOT/prototype -o
echo | pkgtrans -os ${FAKE_ROOT} ${START}/$PKGNAME-$VERSION$REV-$UNAME_S-$ARCH.pkg
;;
esac
[ "${REMOVE_FAKE_ROOT_WHEN_DONE}" = yes ] && rm -rf $FAKE_ROOT
exit 0

1570
crypto/openssh/config.sub vendored
View File

File diff suppressed because it is too large Load Diff

4068
crypto/openssh/configure.ac
View File

File diff suppressed because it is too large Load Diff

251
crypto/openssh/install-sh
View File

@ -1,251 +0,0 @@
#!/bin/sh
#
# install - install a program, script, or datafile
# This comes from X11R5 (mit/util/scripts/install.sh).
#
# Copyright 1991 by the Massachusetts Institute of Technology
#
# Permission to use, copy, modify, distribute, and sell this software and its
# documentation for any purpose is hereby granted without fee, provided that
# the above copyright notice appear in all copies and that both that
# copyright notice and this permission notice appear in supporting
# documentation, and that the name of M.I.T. not be used in advertising or
# publicity pertaining to distribution of the software without specific,
# written prior permission. M.I.T. makes no representations about the
# suitability of this software for any purpose. It is provided "as is"
# without express or implied warranty.
#
# Calling this script install-sh is preferred over install.sh, to prevent
# `make' implicit rules from creating a file called install from it
# when there is no Makefile.
#
# This script is compatible with the BSD install script, but was written
# from scratch. It can only install one file at a time, a restriction
# shared with many OS's install programs.
# set DOITPROG to echo to test this script
# Don't use :- since 4.3BSD and earlier shells don't like it.
doit="${DOITPROG-}"
# put in absolute paths if you don't have them in your path; or use env. vars.
mvprog="${MVPROG-mv}"
cpprog="${CPPROG-cp}"
chmodprog="${CHMODPROG-chmod}"
chownprog="${CHOWNPROG-chown}"
chgrpprog="${CHGRPPROG-chgrp}"
stripprog="${STRIPPROG-strip}"
rmprog="${RMPROG-rm}"
mkdirprog="${MKDIRPROG-mkdir}"
transformbasename=""
transform_arg=""
instcmd="$mvprog"
chmodcmd="$chmodprog 0755"
chowncmd=""
chgrpcmd=""
stripcmd=""
rmcmd="$rmprog -f"
mvcmd="$mvprog"
src=""
dst=""
dir_arg=""
while [ x"$1" != x ]; do
case $1 in
-c) instcmd="$cpprog"
shift
continue;;
-d) dir_arg=true
shift
continue;;
-m) chmodcmd="$chmodprog $2"
shift
shift
continue;;
-o) chowncmd="$chownprog $2"
shift
shift
continue;;
-g) chgrpcmd="$chgrpprog $2"
shift
shift
continue;;
-s) stripcmd="$stripprog"
shift
continue;;
-t=*) transformarg=`echo $1 | sed 's/-t=//'`
shift
continue;;
-b=*) transformbasename=`echo $1 | sed 's/-b=//'`
shift
continue;;
*) if [ x"$src" = x ]
then
src=$1
else
# this colon is to work around a 386BSD /bin/sh bug
:
dst=$1
fi
shift
continue;;
esac
done
if [ x"$src" = x ]
then
echo "install: no input file specified"
exit 1
else
true
fi
if [ x"$dir_arg" != x ]; then
dst=$src
src=""
if [ -d $dst ]; then
instcmd=:
chmodcmd=""
else
instcmd=mkdir
fi
else
# Waiting for this to be detected by the "$instcmd $src $dsttmp" command
# might cause directories to be created, which would be especially bad
# if $src (and thus $dsttmp) contains '*'.
if [ -f $src -o -d $src ]
then
true
else
echo "install: $src does not exist"
exit 1
fi
if [ x"$dst" = x ]
then
echo "install: no destination specified"
exit 1
else
true
fi
# If destination is a directory, append the input filename; if your system
# does not like double slashes in filenames, you may need to add some logic
if [ -d $dst ]
then
dst="$dst"/`basename $src`
else
true
fi
fi
## this sed command emulates the dirname command
dstdir=`echo $dst | sed -e 's,[^/]*$,,;s,/$,,;s,^$,.,'`
# Make sure that the destination directory exists.
# this part is taken from Noah Friedman's mkinstalldirs script
# Skip lots of stat calls in the usual case.
if [ ! -d "$dstdir" ]; then
defaultIFS='
'
IFS="${IFS-${defaultIFS}}"
oIFS="${IFS}"
# Some sh's can't handle IFS=/ for some reason.
IFS='%'
set - `echo ${dstdir} | sed -e 's@/@%@g' -e 's@^%@/@'`
IFS="${oIFS}"
pathcomp=''
while [ $# -ne 0 ] ; do
pathcomp="${pathcomp}${1}"
shift
if [ ! -d "${pathcomp}" ] ;
then
$mkdirprog "${pathcomp}"
else
true
fi
pathcomp="${pathcomp}/"
done
fi
if [ x"$dir_arg" != x ]
then
$doit $instcmd $dst &&
if [ x"$chowncmd" != x ]; then $doit $chowncmd $dst; else true ; fi &&
if [ x"$chgrpcmd" != x ]; then $doit $chgrpcmd $dst; else true ; fi &&
if [ x"$stripcmd" != x ]; then $doit $stripcmd $dst; else true ; fi &&
if [ x"$chmodcmd" != x ]; then $doit $chmodcmd $dst; else true ; fi
else
# If we're going to rename the final executable, determine the name now.
if [ x"$transformarg" = x ]
then
dstfile=`basename $dst`
else
dstfile=`basename $dst $transformbasename |
sed $transformarg`$transformbasename
fi
# don't allow the sed command to completely eliminate the filename
if [ x"$dstfile" = x ]
then
dstfile=`basename $dst`
else
true
fi
# Make a temp file name in the proper directory.
dsttmp=$dstdir/#inst.$$#
# Move or copy the file name to the temp name
$doit $instcmd $src $dsttmp &&
trap "rm -f ${dsttmp}" 0 &&
# and set any options; do chmod last to preserve setuid bits
# If any of these fail, we abort the whole thing. If we want to
# ignore errors from any of these, just make sure not to ignore
# errors from the above "$doit $instcmd $src $dsttmp" command.
if [ x"$chowncmd" != x ]; then $doit $chowncmd $dsttmp; else true;fi &&
if [ x"$chgrpcmd" != x ]; then $doit $chgrpcmd $dsttmp; else true;fi &&
if [ x"$stripcmd" != x ]; then $doit $stripcmd $dsttmp; else true;fi &&
if [ x"$chmodcmd" != x ]; then $doit $chmodcmd $dsttmp; else true;fi &&
# Now rename the file to the real destination.
$doit $rmcmd -f $dstdir/$dstfile &&
$doit $mvcmd $dsttmp $dstdir/$dstfile
fi &&
exit 0

351
crypto/openssh/mdoc2man.awk
View File

@ -1,351 +0,0 @@
#!/usr/bin/awk
#
# Version history:
# v3, I put the program under a proper license
# Dan Nelson <dnelson@allantgroup.com> added .An, .Aq and fixed a typo
# v2, fixed to work on GNU awk --posix and MacOS X
# v1, first attempt, didn't work on MacOS X
#
# Copyright (c) 2003 Peter Stuge <stuge-mdoc2man@cdy.org>
#
# Permission to use, copy, modify, and distribute this software for any
# purpose with or without fee is hereby granted, provided that the above
# copyright notice and this permission notice appear in all copies.
#
# THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
# WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
# MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
# ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
# WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
# ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
# OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
BEGIN {
optlist=0
oldoptlist=0
nospace=0
synopsis=0
reference=0
block=0
ext=0
extopt=0
literal=0
prenl=0
breakw=0
line=""
}
function wtail() {
retval=""
while(w<nwords) {
if(length(retval))
retval=retval OFS
retval=retval words[++w]
}
return retval
}
function add(str) {
for(;prenl;prenl--)
line=line "\n"
line=line str
}
! /^\./ {
for(;prenl;prenl--)
print ""
print
if(literal)
print ".br"
next
}
/^\.\\"/ { next }
{
option=0
parens=0
angles=0
sub("^\\.","")
nwords=split($0,words)
for(w=1;w<=nwords;w++) {
skip=0
if(match(words[w],"^Li|Pf$")) {
skip=1
} else if(match(words[w],"^Xo$")) {
skip=1
ext=1
if(length(line)&&!(match(line," $")||prenl))
add(OFS)
} else if(match(words[w],"^Xc$")) {
skip=1
ext=0
if(!extopt)
prenl++
w=nwords
} else if(match(words[w],"^Bd$")) {
skip=1
if(match(words[w+1],"-literal")) {
literal=1
prenl++
w=nwords
}
} else if(match(words[w],"^Ed$")) {
skip=1
literal=0
} else if(match(words[w],"^Ns$")) {
skip=1
if(!nospace)
nospace=1
sub(" $","",line)
} else if(match(words[w],"^No$")) {
skip=1
sub(" $","",line)
add(words[++w])
} else if(match(words[w],"^Dq$")) {
skip=1
add("``")
add(words[++w])
while(w<nwords&&!match(words[w+1],"^[\\.,]"))
add(OFS words[++w])
add("''")
if(!nospace&&match(words[w+1],"^[\\.,]"))
nospace=1
} else if(match(words[w],"^Sq|Ql$")) {
skip=1
add("`" words[++w] "'")
if(!nospace&&match(words[w+1],"^[\\.,]"))
nospace=1
} else if(match(words[w],"^Oo$")) {
skip=1
extopt=1
if(!nospace)
nospace=1
add("[")
} else if(match(words[w],"^Oc$")) {
skip=1
extopt=0
add("]")
}
if(!skip) {
if(!nospace&&length(line)&&!(match(line," $")||prenl))
add(OFS)
if(nospace==1)
nospace=0
}
if(match(words[w],"^Dd$")) {
date=wtail()
next
} else if(match(words[w],"^Dt$")) {
id=wtail()
next
} else if(match(words[w],"^Ox$")) {
add("OpenBSD")
skip=1
} else if(match(words[w],"^Os$")) {
add(".TH " id " \"" date "\" \"" wtail() "\"")
} else if(match(words[w],"^Sh$")) {
add(".SH")
synopsis=match(words[w+1],"SYNOPSIS")
} else if(match(words[w],"^Xr$")) {
add("\\fB" words[++w] "\\fP(" words[++w] ")" words[++w])
} else if(match(words[w],"^Rs$")) {
split("",refauthors)
nrefauthors=0
reftitle=""
refissue=""
refdate=""
refopt=""
reference=1
next
} else if(match(words[w],"^Re$")) {
prenl++
for(i=nrefauthors-1;i>0;i--) {
add(refauthors[i])
if(i>1)
add(", ")
}
if(nrefauthors>1)
add(" and ")
add(refauthors[0] ", \\fI" reftitle "\\fP")
if(length(refissue))
add(", " refissue)
if(length(refdate))
add(", " refdate)
if(length(refopt))
add(", " refopt)
add(".")
reference=0
} else if(reference) {
if(match(words[w],"^%A$")) { refauthors[nrefauthors++]=wtail() }
if(match(words[w],"^%T$")) {
reftitle=wtail()
sub("^\"","",reftitle)
sub("\"$","",reftitle)
}
if(match(words[w],"^%N$")) { refissue=wtail() }
if(match(words[w],"^%D$")) { refdate=wtail() }
if(match(words[w],"^%O$")) { refopt=wtail() }
} else if(match(words[w],"^Nm$")) {
if(synopsis) {
add(".br")
prenl++
}
n=words[++w]
if(!length(name))
name=n
if(!length(n))
n=name
add("\\fB" n "\\fP")
if(!nospace&&match(words[w+1],"^[\\.,]"))
nospace=1
} else if(match(words[w],"^Nd$")) {
add("\\- " wtail())
} else if(match(words[w],"^Fl$")) {
add("\\fB\\-" words[++w] "\\fP")
if(!nospace&&match(words[w+1],"^[\\.,]"))
nospace=1
} else if(match(words[w],"^Ar$")) {
add("\\fI")
if(w==nwords)
add("file ...\\fP")
else {
add(words[++w] "\\fP")
while(match(words[w+1],"^\\|$"))
add(OFS words[++w] " \\fI" words[++w] "\\fP")
}
if(!nospace&&match(words[w+1],"^[\\.,]"))
nospace=1
} else if(match(words[w],"^Cm$")) {
add("\\fB" words[++w] "\\fP")
while(w<nwords&&match(words[w+1],"^[\\.,:;)]"))
add(words[++w])
} else if(match(words[w],"^Op$")) {
option=1
if(!nospace)
nospace=1
add("[")
} else if(match(words[w],"^Pp$")) {
prenl++
} else if(match(words[w],"^An$")) {
prenl++
} else if(match(words[w],"^Ss$")) {
add(".SS")
} else if(match(words[w],"^Pa$")&&!option) {
add("\\fI")
w++
if(match(words[w],"^\\."))
add("\\&")
add(words[w] "\\fP")
while(w<nwords&&match(words[w+1],"^[\\.,:;)]"))
add(words[++w])
} else if(match(words[w],"^Dv$")) {
add(".BR")
} else if(match(words[w],"^Em|Ev$")) {
add(".IR")
} else if(match(words[w],"^Pq$")) {
add("(")
nospace=1
parens=1
} else if(match(words[w],"^Aq$")) {
add("<")
nospace=1
angles=1
} else if(match(words[w],"^S[xy]$")) {
add(".B " wtail())
} else if(match(words[w],"^Ic$")) {
plain=1
add("\\fB")
while(w<nwords) {
w++
if(match(words[w],"^Op$")) {
w++
add("[")
words[nwords]=words[nwords] "]"
}
if(match(words[w],"^Ar$")) {
add("\\fI" words[++w] "\\fP")
} else if(match(words[w],"^[\\.,]")) {
sub(" $","",line)
if(plain) {
add("\\fP")
plain=0
}
add(words[w])
} else {
if(!plain) {
add("\\fB")
plain=1
}
add(words[w])
}
if(!nospace)
add(OFS)
}
sub(" $","",line)
if(plain)
add("\\fP")
} else if(match(words[w],"^Bl$")) {
oldoptlist=optlist
if(match(words[w+1],"-bullet"))
optlist=1
else if(match(words[w+1],"-enum")) {
optlist=2
enum=0
} else if(match(words[w+1],"-tag"))
optlist=3
else if(match(words[w+1],"-item"))
optlist=4
else if(match(words[w+1],"-bullet"))
optlist=1
w=nwords
} else if(match(words[w],"^El$")) {
optlist=oldoptlist
} else if(match(words[w],"^Bk$")) {
if(match(words[w+1],"-words")) {
w++
breakw=1
}
} else if(match(words[w],"^Ek$")) {
breakw=0
} else if(match(words[w],"^It$")&&optlist) {
if(optlist==1)
add(".IP \\(bu")
else if(optlist==2)
add(".IP " ++enum ".")
else if(optlist==3) {
add(".TP")
prenl++
if(match(words[w+1],"^Pa$|^Ev$")) {
add(".B")
w++
}
} else if(optlist==4)
add(".IP")
} else if(match(words[w],"^Sm$")) {
if(match(words[w+1],"off"))
nospace=2
else if(match(words[w+1],"on"))
nospace=0
w++
} else if(!skip) {
add(words[w])
}
}
if(match(line,"^\\.[^a-zA-Z]"))
sub("^\\.","",line)
if(parens)
add(")")
if(angles)
add(">")
if(option)
add("]")
if(ext&&!extopt&&!match(line," $"))
add(OFS)
if(!ext&&!extopt&&length(line)) {
print line
prenl=0
line=""
}
}

99
crypto/openssh/nchan.ms
View File

@ -1,99 +0,0 @@
.\" $OpenBSD: nchan.ms,v 1.8 2003/11/21 11:57:03 djm Exp $
.\"
.\"
.\" Copyright (c) 1999 Markus Friedl. All rights reserved.
.\"
.\" Redistribution and use in source and binary forms, with or without
.\" modification, are permitted provided that the following conditions
.\" are met:
.\" 1. Redistributions of source code must retain the above copyright
.\" notice, this list of conditions and the following disclaimer.
.\" 2. Redistributions in binary form must reproduce the above copyright
.\" notice, this list of conditions and the following disclaimer in the
.\" documentation and/or other materials provided with the distribution.
.\"
.\" THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
.\" IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
.\" OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
.\" IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
.\" INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
.\" NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
.\" DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
.\" THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
.\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
.\"
.TL
OpenSSH Channel Close Protocol 1.5 Implementation
.SH
Channel Input State Diagram
.PS
reset
l=1
s=1.2
ellipsewid=s*ellipsewid
boxwid=s*boxwid
ellipseht=s*ellipseht
S1: ellipse "INPUT" "OPEN"
move right 2*l from last ellipse.e
S4: ellipse "INPUT" "CLOSED"
move down l from last ellipse.s
S3: ellipse "INPUT" "WAIT" "OCLOSED"
move down l from 1st ellipse.s
S2: ellipse "INPUT" "WAIT" "DRAIN"
arrow "" "rcvd OCLOSE/" "shutdown_read" "send IEOF" from S1.e to S4.w
arrow "ibuf_empty/" "send IEOF" from S2.e to S3.w
arrow from S1.s to S2.n
box invis "read_failed/" "shutdown_read" with .e at last arrow.c
arrow from S3.n to S4.s
box invis "rcvd OCLOSE/" "-" with .w at last arrow.c
ellipse wid .9*ellipsewid ht .9*ellipseht at S4
arrow "start" "" from S1.w+(-0.5,0) to S1.w
arrow from S2.ne to S4.sw
box invis "rcvd OCLOSE/ " with .e at last arrow.c
box invis " send IEOF" with .w at last arrow.c
.PE
.SH
Channel Output State Diagram
.PS
S1: ellipse "OUTPUT" "OPEN"
move right 2*l from last ellipse.e
S3: ellipse "OUTPUT" "WAIT" "IEOF"
move down l from last ellipse.s
S4: ellipse "OUTPUT" "CLOSED"
move down l from 1st ellipse.s
S2: ellipse "OUTPUT" "WAIT" "DRAIN"
arrow "" "write_failed/" "shutdown_write" "send OCLOSE" from S1.e to S3.w
arrow "obuf_empty ||" "write_failed/" "shutdown_write" "send OCLOSE" from S2.e to S4.w
arrow from S1.s to S2.n
box invis "rcvd IEOF/" "-" with .e at last arrow.c
arrow from S3.s to S4.n
box invis "rcvd IEOF/" "-" with .w at last arrow.c
ellipse wid .9*ellipsewid ht .9*ellipseht at S4
arrow "start" "" from S1.w+(-0.5,0) to S1.w
.PE
.SH
Notes
.PP
The input buffer is filled with data from the socket
(the socket represents the local consumer/producer of the
forwarded channel).
The data is then sent over the INPUT-end (transmit-end) of the channel to the
remote peer.
Data sent by the peer is received on the OUTPUT-end (receive-end),
saved in the output buffer and written to the socket.
.PP
If the local protocol instance has forwarded all data on the
INPUT-end of the channel, it sends an IEOF message to the peer.
If the peer receives the IEOF and has consumed all
data he replies with an OCLOSE.
When the local instance receives the OCLOSE
he considers the INPUT-half of the channel closed.
The peer has his OUTOUT-half closed.
.PP
A channel can be deallocated by a protocol instance
if both the INPUT- and the OUTOUT-half on his
side of the channel are closed.
Note that when an instance is unable to consume the
received data, he is permitted to send an OCLOSE
before the matching IEOF is received.

88
crypto/openssh/nchan2.ms
View File

@ -1,88 +0,0 @@
.\" $OpenBSD: nchan2.ms,v 1.3 2003/11/21 11:57:03 djm Exp $
.\"
.\" Copyright (c) 2000 Markus Friedl. All rights reserved.
.\"
.\" Redistribution and use in source and binary forms, with or without
.\" modification, are permitted provided that the following conditions
.\" are met:
.\" 1. Redistributions of source code must retain the above copyright
.\" notice, this list of conditions and the following disclaimer.
.\" 2. Redistributions in binary form must reproduce the above copyright
.\" notice, this list of conditions and the following disclaimer in the
.\" documentation and/or other materials provided with the distribution.
.\"
.\" THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
.\" IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
.\" OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
.\" IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
.\" INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
.\" NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
.\" DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
.\" THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
.\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
.\"
.TL
OpenSSH Channel Close Protocol 2.0 Implementation
.SH
Channel Input State Diagram
.PS
reset
l=1
s=1.2
ellipsewid=s*ellipsewid
boxwid=s*boxwid
ellipseht=s*ellipseht
S1: ellipse "INPUT" "OPEN"
move right 2*l from last ellipse.e
S3: ellipse invis
move down l from last ellipse.s
S4: ellipse "INPUT" "CLOSED"
move down l from 1st ellipse.s
S2: ellipse "INPUT" "WAIT" "DRAIN"
arrow from S1.e to S4.n
box invis "rcvd CLOSE/" "shutdown_read" with .sw at last arrow.c
arrow "ibuf_empty ||" "rcvd CLOSE/" "send EOF" "" from S2.e to S4.w
arrow from S1.s to S2.n
box invis "read_failed/" "shutdown_read" with .e at last arrow.c
ellipse wid .9*ellipsewid ht .9*ellipseht at S4
arrow "start" "" from S1.w+(-0.5,0) to S1.w
.PE
.SH
Channel Output State Diagram
.PS
S1: ellipse "OUTPUT" "OPEN"
move right 2*l from last ellipse.e
S3: ellipse invis
move down l from last ellipse.s
S4: ellipse "OUTPUT" "CLOSED"
move down l from 1st ellipse.s
S2: ellipse "OUTPUT" "WAIT" "DRAIN"
arrow from S1.e to S4.n
box invis "write_failed/" "shutdown_write" with .sw at last arrow.c
arrow "obuf_empty ||" "write_failed/" "shutdown_write" "" from S2.e to S4.w
arrow from S1.s to S2.n
box invis "rcvd EOF ||" "rcvd CLOSE/" "-" with .e at last arrow.c
ellipse wid .9*ellipsewid ht .9*ellipseht at S4
arrow "start" "" from S1.w+(-0.5,0) to S1.w
.PE
.SH
Notes
.PP
The input buffer is filled with data from the socket
(the socket represents the local consumer/producer of the
forwarded channel).
The data is then sent over the INPUT-end (transmit-end) of the channel to the
remote peer.
Data sent by the peer is received on the OUTPUT-end (receive-end),
saved in the output buffer and written to the socket.
.PP
If the local protocol instance has forwarded all data on the
INPUT-end of the channel, it sends an EOF message to the peer.
.PP
A CLOSE message is sent to the peer if
both the INPUT- and the OUTOUT-half of the local
end of the channel are closed.
.PP
The channel can be deallocated by a protocol instance
if a CLOSE message he been both sent and received.

42
crypto/openssh/openbsd-compat/Makefile.in
View File

@ -1,42 +0,0 @@
# $Id: Makefile.in,v 1.40 2006/08/30 17:24:41 djm Exp $
sysconfdir=@sysconfdir@
piddir=@piddir@
srcdir=@srcdir@
top_srcdir=@top_srcdir@
VPATH=@srcdir@
CC=@CC@
LD=@LD@
CFLAGS=@CFLAGS@
CPPFLAGS=-I. -I.. -I$(srcdir) -I$(srcdir)/.. @CPPFLAGS@ @DEFS@
LIBS=@LIBS@
AR=@AR@
RANLIB=@RANLIB@
INSTALL=@INSTALL@
LDFLAGS=-L. @LDFLAGS@
OPENBSD=base64.o basename.o bindresvport.o daemon.o dirname.o getcwd.o getgrouplist.o getopt.o getrrsetbyname.o glob.o inet_aton.o inet_ntoa.o inet_ntop.o mktemp.o readpassphrase.o realpath.o rresvport.o setenv.o setproctitle.o sha2.o sigact.o strlcat.o strlcpy.o strmode.o strsep.o strtonum.o strtoll.o strtoul.o vis.o
COMPAT=bsd-arc4random.o bsd-asprintf.o bsd-closefrom.o bsd-cray.o bsd-cygwin_util.o bsd-getpeereid.o bsd-misc.o bsd-nextstep.o bsd-openpty.o bsd-snprintf.o bsd-waitpid.o fake-rfc2553.o openssl-compat.o xmmap.o xcrypt.o
PORTS=port-aix.o port-irix.o port-linux.o port-solaris.o port-tun.o port-uw.o
.c.o:
$(CC) $(CFLAGS) $(CPPFLAGS) -c $<
all: libopenbsd-compat.a
$(COMPAT): ../config.h
$(OPENBSD): ../config.h
$(PORTS): ../config.h
libopenbsd-compat.a: $(COMPAT) $(OPENBSD) $(PORTS)
$(AR) rv $@ $(COMPAT) $(OPENBSD) $(PORTS)
$(RANLIB) $@
clean:
rm -f *.o *.a core
distclean: clean
rm -f Makefile *~

38
crypto/openssh/openbsd-compat/regress/Makefile.in
View File

@ -1,38 +0,0 @@
# $Id: Makefile.in,v 1.4 2006/08/19 09:12:14 dtucker Exp $
sysconfdir=@sysconfdir@
piddir=@piddir@
srcdir=@srcdir@
top_srcdir=@top_srcdir@
VPATH=@srcdir@
CC=@CC@
LD=@LD@
CFLAGS=@CFLAGS@
CPPFLAGS=-I. -I.. -I$(srcdir) -I$(srcdir)/.. @CPPFLAGS@ @DEFS@
EXEEXT=@EXEEXT@
LIBCOMPAT=../libopenbsd-compat.a
LIBS=@LIBS@
LDFLAGS=@LDFLAGS@ $(LIBCOMPAT)
TESTPROGS=closefromtest$(EXEEXT) snprintftest$(EXEEXT) strduptest$(EXEEXT) \
strtonumtest$(EXEEXT)
all: t-exec ${OTHERTESTS}
%$(EXEEXT): %.c
$(CC) $(CFLAGS) $(CPPFLAGS) $(LDFLAGS) -o $@ $< $(LIBCOMPAT) $(LIBS)
t-exec: $(TESTPROGS)
@echo running compat regress tests
@for TEST in ""$?; do \
echo "run test $${TEST}" ... 1>&2; \
./$${TEST}$(EXEEXT) || exit $$? ; \
done
@echo finished compat regress tests
clean:
rm -f *.o *.a core $(TESTPROGS) valid.out
distclean: clean
rm -f Makefile *~

60
crypto/openssh/openbsd-compat/regress/closefromtest.c
View File

@ -1,60 +0,0 @@
/*
* Copyright (c) 2006 Darren Tucker
*
* Permission to use, copy, modify, and distribute this software for any
* purpose with or without fee is hereby granted, provided that the above
* copyright notice and this permission notice appear in all copies.
*
* THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
* WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
* MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
* ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
* WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
* ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
* OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
*/
#include <sys/types.h>
#include <sys/stat.h>
#include <fcntl.h>
#include <stdio.h>
#include <stdlib.h>
#include <unistd.h>
#define NUM_OPENS 10
void
fail(char *msg)
{
fprintf(stderr, "closefrom: %s\n", msg);
exit(1);
}
int
main(void)
{
int i, max, fds[NUM_OPENS];
char buf[512];
for (i = 0; i < NUM_OPENS; i++)
if ((fds[i] = open("/dev/null", "r")) == -1)
exit(0); /* can't test */
max = i - 1;
/* should close last fd only */
closefrom(fds[max]);
if (close(fds[max]) != -1)
fail("failed to close highest fd");
/* make sure we can still use remaining descriptors */
for (i = 0; i < max; i++)
if (read(fds[i], buf, sizeof(buf)) == -1)
fail("closed descriptors it should not have");
/* should close all fds */
closefrom(fds[0]);
for (i = 0; i < NUM_OPENS; i++)
if (close(fds[i]) != -1)
fail("failed to close from lowest fd");
}

73
crypto/openssh/openbsd-compat/regress/snprintftest.c
View File

@ -1,73 +0,0 @@
/*
* Copyright (c) 2005 Darren Tucker
* Copyright (c) 2005 Damien Miller
*
* Permission to use, copy, modify, and distribute this software for any
* purpose with or without fee is hereby granted, provided that the above
* copyright notice and this permission notice appear in all copies.
*
* THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
* WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
* MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
* ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
* WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
* ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
* OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
*/
#define BUFSZ 2048
#include <sys/types.h>
#include <stdlib.h>
#include <stdio.h>
#include <stdarg.h>
#include <string.h>
static int failed = 0;
static void
fail(const char *m)
{
fprintf(stderr, "snprintftest: %s\n", m);
failed = 1;
}
int x_snprintf(char *str, size_t count, const char *fmt, ...)
{
size_t ret;
va_list ap;
va_start(ap, fmt);
ret = vsnprintf(str, count, fmt, ap);
va_end(ap);
return ret;
}
int
main(void)
{
char b[5];
char *src;
snprintf(b,5,"123456789");
if (b[4] != '\0')
fail("snprintf does not correctly terminate long strings");
/* check for read overrun on unterminated string */
if ((src = malloc(BUFSZ)) == NULL) {
fail("malloc failed");
} else {
memset(src, 'a', BUFSZ);
snprintf(b, sizeof(b), "%.*s", 1, src);
if (strcmp(b, "a") != 0)
fail("failed with length limit '%%.s'");
}
/* check that snprintf and vsnprintf return sane values */
if (snprintf(b, 1, "%s %d", "hello", 12345) != 11)
fail("snprintf does not return required length");
if (x_snprintf(b, 1, "%s %d", "hello", 12345) != 11)
fail("vsnprintf does not return required length");
return failed;
}

45
crypto/openssh/openbsd-compat/regress/strduptest.c
View File

@ -1,45 +0,0 @@
/*
* Copyright (c) 2005 Darren Tucker
*
* Permission to use, copy, modify, and distribute this software for any
* purpose with or without fee is hereby granted, provided that the above
* copyright notice and this permission notice appear in all copies.
*
* THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
* WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
* MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
* ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
* WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
* ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
* OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
*/
#include <stdlib.h>
#include <string.h>
static int fail = 0;
void
test(const char *a)
{
char *b;
b = strdup(a);
if (b == 0) {
fail = 1;
return;
}
if (strcmp(a, b) != 0)
fail = 1;
free(b);
}
int
main(void)
{
test("");
test("a");
test("\0");
test("abcdefghijklmnopqrstuvwxyz");
return fail;
}

66
crypto/openssh/openbsd-compat/regress/strtonumtest.c
View File

@ -1,66 +0,0 @@
/* $OpenBSD: strtonumtest.c,v 1.1 2004/08/03 20:38:36 otto Exp $ */
/*
* Copyright (c) 2004 Otto Moerbeek <otto@drijf.net>
*
* Permission to use, copy, modify, and distribute this software for any
* purpose with or without fee is hereby granted, provided that the above
* copyright notice and this permission notice appear in all copies.
*
* THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
* WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
* MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
* ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
* WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
* ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
* OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
*/
/* OPENBSD ORIGINAL: regress/lib/libc/strtonum/strtonumtest.c */
#include <limits.h>
#include <stdio.h>
#include <stdlib.h>
int fail;
void
test(const char *p, long long lb, long long ub, int ok)
{
long long val;
const char *q;
val = strtonum(p, lb, ub, &q);
if (ok && q != NULL) {
fprintf(stderr, "%s [%lld-%lld] ", p, lb, ub);
fprintf(stderr, "NUMBER NOT ACCEPTED %s\n", q);
fail = 1;
} else if (!ok && q == NULL) {
fprintf(stderr, "%s [%lld-%lld] %lld ", p, lb, ub, val);
fprintf(stderr, "NUMBER ACCEPTED\n");
fail = 1;
}
}
int main(int argc, char *argv[])
{
test("1", 0, 10, 1);
test("0", -2, 5, 1);
test("0", 2, 5, 0);
test("0", 2, LLONG_MAX, 0);
test("-2", 0, LLONG_MAX, 0);
test("0", -5, LLONG_MAX, 1);
test("-3", -3, LLONG_MAX, 1);
test("-9223372036854775808", LLONG_MIN, LLONG_MAX, 1);
test("9223372036854775807", LLONG_MIN, LLONG_MAX, 1);
test("-9223372036854775809", LLONG_MIN, LLONG_MAX, 0);
test("9223372036854775808", LLONG_MIN, LLONG_MAX, 0);
test("1000000000000000000000000", LLONG_MIN, LLONG_MAX, 0);
test("-1000000000000000000000000", LLONG_MIN, LLONG_MAX, 0);
test("-2", 10, -1, 0);
test("-2", -10, -1, 1);
test("-20", -10, -1, 0);
test("20", -10, -1, 0);
return (fail);
}

87
crypto/openssh/openssh.xml.in
View File

@ -1,87 +0,0 @@
<?xml version='1.0'?>
<!DOCTYPE service_bundle SYSTEM '/usr/share/lib/xml/dtd/service_bundle.dtd.1'>
<!--
Copyright (c) 2006 Chad Mynhier.
Permission to use, copy, modify, and distribute this software for any
purpose with or without fee is hereby granted, provided that the above
copyright notice and this permission notice appear in all copies.
THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
-->
<service_bundle type='manifest' name='OpenSSH server'>
<service
name='site/openssh'
type='service'
version='1'>
<create_default_instance enabled='false'/>
<single_instance/>
<dependency
name='filesystem-local'
grouping='require_all'
restart_on='none'
type='service'>
<service_fmri value='svc:/system/filesystem/local'/>
</dependency>
<dependency
name='network'
grouping='require_all'
restart_on='none'
type='service'>
<service_fmri value='svc:/milestone/network'/>
</dependency>
<dependent
name='multi-user-server'
restart_on='none'
grouping='optional_all'>
<service_fmri value='svc:/milestone/multi-user-server'/>
</dependent>
<exec_method
name='start'
type='method'
exec='/lib/svc/method/site/opensshd start'
timeout_seconds='60'>
<method_context/>
</exec_method>
<exec_method
name='stop'
type='method'
exec=':kill'
timeout_seconds='60'>
<method_context/>
</exec_method>
<property_group
name='startd'
type='framework'>
<propval name='ignore_error' type='astring' value='core,signal'/>
</property_group>
<template>
<common_name>
<loctext xml:lang='C'>OpenSSH server</loctext>
</common_name>
<documentation>
<manpage
title='sshd'
section='1M'
manpath='@prefix@/man'/>
</documentation>
</template>
</service>
</service_bundle>

82
crypto/openssh/opensshd.init.in
View File

@ -1,82 +0,0 @@
#!@STARTUP_SCRIPT_SHELL@
# Donated code that was put under PD license.
#
# Stripped PRNGd out of it for the time being.
umask 022
CAT=@CAT@
KILL=@KILL@
prefix=@prefix@
sysconfdir=@sysconfdir@
piddir=@piddir@
SSHD=$prefix/sbin/sshd
PIDFILE=$piddir/sshd.pid
SSH_KEYGEN=$prefix/bin/ssh-keygen
HOST_KEY_RSA1=$sysconfdir/ssh_host_key
HOST_KEY_DSA=$sysconfdir/ssh_host_dsa_key
HOST_KEY_RSA=$sysconfdir/ssh_host_rsa_key
checkkeys() {
if [ ! -f $HOST_KEY_RSA1 ]; then
${SSH_KEYGEN} -t rsa1 -f ${HOST_KEY_RSA1} -N ""
fi
if [ ! -f $HOST_KEY_DSA ]; then
${SSH_KEYGEN} -t dsa -f ${HOST_KEY_DSA} -N ""
fi
if [ ! -f $HOST_KEY_RSA ]; then
${SSH_KEYGEN} -t rsa -f ${HOST_KEY_RSA} -N ""
fi
}
stop_service() {
if [ -r $PIDFILE -a ! -z ${PIDFILE} ]; then
PID=`${CAT} ${PIDFILE}`
fi
if [ ${PID:=0} -gt 1 -a ! "X$PID" = "X " ]; then
${KILL} ${PID}
else
echo "Unable to read PID file"
fi
}
start_service() {
# XXX We really should check if the service is already going, but
# XXX we will opt out at this time. - Bal
# Check to see if we have keys that need to be made
checkkeys
# Start SSHD
echo "starting $SSHD... \c" ; $SSHD
sshd_rc=$?
if [ $sshd_rc -ne 0 ]; then
echo "$0: Error ${sshd_rc} starting ${SSHD}... bailing."
exit $sshd_rc
fi
echo done.
}
case $1 in
'start')
start_service
;;
'stop')
stop_service
;;
'restart')
stop_service
start_service
;;
*)
echo "$0: usage: $0 {start|stop|restart}"
;;
esac

98
crypto/openssh/regress/Makefile
View File

@ -1,98 +0,0 @@
# $OpenBSD: Makefile,v 1.42 2006/07/19 13:34:52 dtucker Exp $
REGRESS_TARGETS= t1 t2 t3 t4 t5 t6 t7 t-exec
tests: $(REGRESS_TARGETS)
clean:
for F in $(CLEANFILES); do rm -f $(OBJ)$$F; done
distclean: clean
LTESTS= connect \
proxy-connect \
connect-privsep \
proto-version \
proto-mismatch \
exit-status \
envpass \
transfer \
banner \
rekey \
stderr-data \
stderr-after-eof \
broken-pipe \
try-ciphers \
yes-head \
login-timeout \
agent \
agent-getpeereid \
agent-timeout \
agent-ptrace \
keyscan \
keygen-change \
scp \
sftp \
sftp-cmds \
sftp-badcmds \
sftp-batch \
sftp-glob \
reconfigure \
dynamic-forward \
forwarding \
multiplex \
reexec \
brokenkeys \
cfgmatch \
forcecommand
USER!= id -un
CLEANFILES= t2.out t6.out1 t6.out2 t7.out t7.out.pub copy.1 copy.2 \
authorized_keys_${USER} known_hosts pidfile \
ssh_config sshd_config.orig ssh_proxy sshd_config sshd_proxy \
rsa.pub rsa rsa1.pub rsa1 host.rsa host.rsa1 \
rsa-agent rsa-agent.pub rsa1-agent rsa1-agent.pub \
ls.copy banner.in banner.out empty.in \
scp-ssh-wrapper.scp ssh_proxy_envpass remote_pid \
sshd_proxy_bak rsa_ssh2_cr.prv rsa_ssh2_crnl.prv
#LTESTS += ssh-com ssh-com-client ssh-com-keygen ssh-com-sftp
t1:
ssh-keygen -if ${.CURDIR}/rsa_ssh2.prv | diff - ${.CURDIR}/rsa_openssh.prv
t2:
cat ${.CURDIR}/rsa_openssh.prv > $(OBJ)/t2.out
chmod 600 $(OBJ)/t2.out
ssh-keygen -yf $(OBJ)/t2.out | diff - ${.CURDIR}/rsa_openssh.pub
t3:
ssh-keygen -ef ${.CURDIR}/rsa_openssh.pub >$(OBJ)/rsa_secsh.pub
ssh-keygen -if $(OBJ)/rsa_secsh.pub | diff - ${.CURDIR}/rsa_openssh.pub
rm -f ${.CURDIR}/rsa_secsh.pub
t4:
ssh-keygen -lf ${.CURDIR}/rsa_openssh.pub |\
awk '{print $$2}' | diff - ${.CURDIR}/t4.ok
t5:
ssh-keygen -Bf ${.CURDIR}/rsa_openssh.pub |\
awk '{print $$2}' | diff - ${.CURDIR}/t5.ok
t6:
ssh-keygen -if ${.CURDIR}/dsa_ssh2.prv > $(OBJ)/t6.out1
ssh-keygen -if ${.CURDIR}/dsa_ssh2.pub > $(OBJ)/t6.out2
chmod 600 $(OBJ)/t6.out1
ssh-keygen -yf $(OBJ)/t6.out1 | diff - $(OBJ)/t6.out2
$(OBJ)/t7.out:
ssh-keygen -q -t rsa -N '' -f $@
t7: $(OBJ)/t7.out
ssh-keygen -lf $(OBJ)/t7.out > /dev/null
ssh-keygen -Bf $(OBJ)/t7.out > /dev/null
t-exec: ${LTESTS:=.sh}
@if [ "x$?" = "x" ]; then exit 0; fi; \
for TEST in ""$?; do \
echo "run test $${TEST}" ... 1>&2; \
(env SUDO=${SUDO} sh ${.CURDIR}/test-exec.sh ${.OBJDIR} ${.CURDIR}/$${TEST}) || exit $$?; \
done

108
crypto/openssh/regress/README.regress
View File

@ -1,108 +0,0 @@
Overview.
$ ./configure && make tests
You'll see some progress info. A failure will cause either the make to
abort or the driver script to report a "FATAL" failure.
The test consists of 2 parts. The first is the file-based tests which is
driven by the Makefile, and the second is a set of network or proxycommand
based tests, which are driven by a driver script (test-exec.sh) which is
called multiple times by the Makefile.
Failures in the first part will cause the Makefile to return an error.
Failures in the second part will print a "FATAL" message for the failed
test and continue.
OpenBSD has a system-wide regression test suite. OpenSSH Portable's test
suite is based on OpenBSD's with modifications.
Environment variables.
SUDO: path to sudo command, if desired. Note that some systems (notably
systems using PAM) require sudo to execute some tests.
TEST_SSH_TRACE: set to "yes" for verbose output from tests
TEST_SSH_QUIET: set to "yes" to suppress non-fatal output.
TEST_SSH_x: path to "ssh" command under test, where x=SSH,SSHD,SSHAGENT,SSHADD
SSHKEYGEN,SSHKEYSCAN,SFTP,SFTPSERVER
OBJ: used by test scripts to access build dir.
TEST_SHELL: shell used for running the test scripts.
TEST_SSH_PORT: TCP port to be used for the listening tests.
TEST_SSH_SSH_CONFOTPS: Configuration directives to be added to ssh_config
before running each test.
TEST_SSH_SSHD_CONFOTPS: Configuration directives to be added to sshd_config
before running each test.
Individual tests.
You can run an individual test from the top-level Makefile, eg:
$ make tests LTESTS=agent-timeout
If you need to manipulate the environment more you can invoke test-exec.sh
directly if you set up the path to find the binaries under test and the
test scripts themselves, for example:
$ cd regress
$ PATH=`pwd`/..:$PATH:. TEST_SHELL=/bin/sh sh test-exec.sh `pwd` \
agent-timeout.sh
ok agent timeout test
Files.
test-exec.sh: the main test driver. Sets environment, creates config files
and keys and runs the specified test.
At the time of writing, the individual tests are:
agent-timeout.sh: agent timeout test
agent.sh: simple agent test
broken-pipe.sh: broken pipe test
connect-privsep.sh: proxy connect with privsep
connect.sh: simple connect
exit-status.sh: remote exit status
forwarding.sh: local and remote forwarding
keygen-change.sh: change passphrase for key
keyscan.sh: keyscan
proto-mismatch.sh: protocol version mismatch
proto-version.sh: sshd version with different protocol combinations
proxy-connect.sh: proxy connect
sftp.sh: basic sftp put/get
ssh-com-client.sh: connect with ssh.com client
ssh-com-keygen.sh: ssh.com key import
ssh-com-sftp.sh: basic sftp put/get with ssh.com server
ssh-com.sh: connect to ssh.com server
stderr-after-eof.sh: stderr data after eof
stderr-data.sh: stderr data transfer
transfer.sh: transfer data
try-ciphers.sh: try ciphers
yes-head.sh: yes pipe head
Problems?
Run the failing test with shell tracing (-x) turned on:
$ PATH=`pwd`/..:$PATH:. sh -x test-exec.sh `pwd` agent-timeout.sh
Failed tests can be difficult to diagnose. Suggestions:
- run the individual test via ./test-exec.sh `pwd` [testname]
- set LogLevel to VERBOSE in test-exec.sh and enable syslogging of
auth.debug (eg to /var/log/authlog).
Known Issues.
- If your build requires ssh-rand-helper regress tests will fail
unless ssh-rand-helper is in pre-installed (the path to
ssh-rand-helper is hard coded).
- Similarly, if you do not have "scp" in your system's $PATH then the
multiplex scp tests will fail (since the system's shell startup scripts
will determine where the shell started by sshd will look for scp).
- Recent GNU coreutils deprecate "head -[n]": this will cause the yes-head
test to fail. The old behaviour can be restored by setting (and
exporting) _POSIX2_VERSION=199209 before running the tests.
$Id: README.regress,v 1.10 2005/10/03 10:14:18 dtucker Exp $

45
crypto/openssh/regress/agent-getpeereid.sh
View File

@ -1,45 +0,0 @@
# $OpenBSD: agent-getpeereid.sh,v 1.3 2006/07/06 12:01:53 grunk Exp $
# Placed in the Public Domain.
tid="disallow agent attach from other uid"
UNPRIV=nobody
ASOCK=${OBJ}/agent
SSH_AUTH_SOCK=/nonexistant
if grep "#undef.*HAVE_GETPEEREID" ${BUILDDIR}/config.h >/dev/null 2>&1
then
echo "skipped (not supported on this platform)"
exit 0
fi
if [ -z "$SUDO" ]; then
echo "skipped: need SUDO to switch to uid $UNPRIV"
exit 0
fi
trace "start agent"
eval `${SSHAGENT} -s -a ${ASOCK}` > /dev/null
r=$?
if [ $r -ne 0 ]; then
fail "could not start ssh-agent: exit code $r"
else
chmod 644 ${SSH_AUTH_SOCK}
ssh-add -l > /dev/null 2>&1
r=$?
if [ $r -ne 1 ]; then
fail "ssh-add failed with $r != 1"
fi
< /dev/null ${SUDO} -S -u ${UNPRIV} ssh-add -l > /dev/null 2>&1
r=$?
if [ $r -lt 2 ]; then
fail "ssh-add did not fail for ${UNPRIV}: $r < 2"
fi
trace "kill agent"
${SSHAGENT} -k > /dev/null
fi
rm -f ${OBJ}/agent

53
crypto/openssh/regress/agent-ptrace.sh
View File

@ -1,53 +0,0 @@
# $OpenBSD: agent-ptrace.sh,v 1.1 2002/12/09 15:38:30 markus Exp $
# Placed in the Public Domain.
tid="disallow agent ptrace attach"
if have_prog uname ; then
case `uname` in
AIX|CYGWIN*|OSF1)
echo "skipped (not supported on this platform)"
exit 0
;;
esac
fi
if have_prog gdb ; then
: ok
else
echo "skipped (gdb not found)"
exit 0
fi
if test -z "$SUDO" ; then
echo "skipped (SUDO not set)"
exit 0
else
$SUDO chown 0 ${SSHAGENT}
$SUDO chgrp 0 ${SSHAGENT}
$SUDO chmod 2755 ${SSHAGENT}
fi
trace "start agent"
eval `${SSHAGENT} -s` > /dev/null
r=$?
if [ $r -ne 0 ]; then
fail "could not start ssh-agent: exit code $r"
else
# ls -l ${SSH_AUTH_SOCK}
gdb ${SSHAGENT} ${SSH_AGENT_PID} > ${OBJ}/gdb.out 2>&1 << EOF
quit
EOF
if [ $? -ne 0 ]; then
fail "gdb failed: exit code $?"
fi
egrep 'ptrace: Operation not permitted.|procfs:.*Permission denied.|ttrace attach: Permission denied.|procfs:.*: Invalid argument.' >/dev/null ${OBJ}/gdb.out
r=$?
rm -f ${OBJ}/gdb.out
if [ $r -ne 0 ]; then
fail "ptrace succeeded?: exit code $r"
fi
trace "kill agent"
${SSHAGENT} -k > /dev/null
fi

36
crypto/openssh/regress/agent-timeout.sh
View File

@ -1,36 +0,0 @@
# $OpenBSD: agent-timeout.sh,v 1.1 2002/06/06 00:38:40 markus Exp $
# Placed in the Public Domain.
tid="agent timeout test"
SSHAGENT_TIMEOUT=10
trace "start agent"
eval `${SSHAGENT} -s` > /dev/null
r=$?
if [ $r -ne 0 ]; then
fail "could not start ssh-agent: exit code $r"
else
trace "add keys with timeout"
for t in rsa rsa1; do
${SSHADD} -t ${SSHAGENT_TIMEOUT} $OBJ/$t > /dev/null 2>&1
if [ $? -ne 0 ]; then
fail "ssh-add did succeed exit code 0"
fi
done
n=`${SSHADD} -l 2> /dev/null | wc -l`
trace "agent has $n keys"
if [ $n -ne 2 ]; then
fail "ssh-add -l did not return 2 keys: $n"
fi
trace "sleeping 2*${SSHAGENT_TIMEOUT} seconds"
sleep ${SSHAGENT_TIMEOUT}
sleep ${SSHAGENT_TIMEOUT}
${SSHADD} -l 2> /dev/null | grep 'The agent has no identities.' >/dev/null
if [ $? -ne 0 ]; then
fail "ssh-add -l still returns keys after timeout"
fi
trace "kill agent"
${SSHAGENT} -k > /dev/null
fi

75
crypto/openssh/regress/agent.sh
View File

@ -1,75 +0,0 @@
# $OpenBSD: agent.sh,v 1.6 2002/03/15 13:08:56 markus Exp $
# Placed in the Public Domain.
tid="simple agent test"
SSH_AUTH_SOCK=/nonexistant ${SSHADD} -l > /dev/null 2>&1
if [ $? -ne 2 ]; then
fail "ssh-add -l did not fail with exit code 2"
fi
trace "start agent"
eval `${SSHAGENT} -s` > /dev/null
r=$?
if [ $r -ne 0 ]; then
fail "could not start ssh-agent: exit code $r"
else
${SSHADD} -l > /dev/null 2>&1
if [ $? -ne 1 ]; then
fail "ssh-add -l did not fail with exit code 1"
fi
trace "overwrite authorized keys"
echon > $OBJ/authorized_keys_$USER
for t in rsa rsa1; do
# generate user key for agent
rm -f $OBJ/$t-agent
${SSHKEYGEN} -q -N '' -t $t -f $OBJ/$t-agent ||\
fail "ssh-keygen for $t-agent failed"
# add to authorized keys
cat $OBJ/$t-agent.pub >> $OBJ/authorized_keys_$USER
# add privat key to agent
${SSHADD} $OBJ/$t-agent > /dev/null 2>&1
if [ $? -ne 0 ]; then
fail "ssh-add did succeed exit code 0"
fi
done
${SSHADD} -l > /dev/null 2>&1
if [ $? -ne 0 ]; then
fail "ssh-add -l failed: exit code $?"
fi
# the same for full pubkey output
${SSHADD} -L > /dev/null 2>&1
if [ $? -ne 0 ]; then
fail "ssh-add -L failed: exit code $?"
fi
trace "simple connect via agent"
for p in 1 2; do
${SSH} -$p -F $OBJ/ssh_proxy somehost exit 5$p
if [ $? -ne 5$p ]; then
fail "ssh connect with protocol $p failed (exit code $?)"
fi
done
trace "agent forwarding"
for p in 1 2; do
${SSH} -A -$p -F $OBJ/ssh_proxy somehost ${SSHADD} -l > /dev/null 2>&1
if [ $? -ne 0 ]; then
fail "ssh-add -l via agent fwd proto $p failed (exit code $?)"
fi
${SSH} -A -$p -F $OBJ/ssh_proxy somehost \
"${SSH} -$p -F $OBJ/ssh_proxy somehost exit 5$p"
if [ $? -ne 5$p ]; then
fail "agent fwd proto $p failed (exit code $?)"
fi
done
trace "delete all agent keys"
${SSHADD} -D > /dev/null 2>&1
if [ $? -ne 0 ]; then
fail "ssh-add -D failed: exit code $?"
fi
trace "kill agent"
${SSHAGENT} -k > /dev/null
fi

44
crypto/openssh/regress/banner.sh
View File

@ -1,44 +0,0 @@
# $OpenBSD: banner.sh,v 1.2 2003/10/11 11:49:49 dtucker Exp $
# Placed in the Public Domain.
tid="banner"
echo "Banner $OBJ/banner.in" >> $OBJ/sshd_proxy
rm -f $OBJ/banner.out $OBJ/banner.in $OBJ/empty.in
touch $OBJ/empty.in
trace "test missing banner file"
verbose "test $tid: missing banner file"
( ${SSH} -2 -F $OBJ/ssh_proxy otherhost true 2>$OBJ/banner.out && \
cmp $OBJ/empty.in $OBJ/banner.out ) || \
fail "missing banner file"
for s in 0 10 100 1000 10000 100000 ; do
if [ "$s" = "0" ]; then
# create empty banner
touch $OBJ/banner.in
elif [ "$s" = "10" ]; then
# create 10-byte banner file
echo "abcdefghi" >$OBJ/banner.in
else
# increase size 10x
cp $OBJ/banner.in $OBJ/banner.out
for i in 0 1 2 3 4 5 6 7 8 ; do
cat $OBJ/banner.out >> $OBJ/banner.in
done
fi
trace "test banner size $s"
verbose "test $tid: size $s"
( ${SSH} -2 -F $OBJ/ssh_proxy otherhost true 2>$OBJ/banner.out && \
cmp $OBJ/banner.in $OBJ/banner.out ) || \
fail "banner size $s mismatch"
done
trace "test suppress banner (-q)"
verbose "test $tid: suppress banner (-q)"
( ${SSH} -q -2 -F $OBJ/ssh_proxy otherhost true 2>$OBJ/banner.out && \
cmp $OBJ/empty.in $OBJ/banner.out ) || \
fail "suppress banner (-q)"
rm -f $OBJ/banner.out $OBJ/banner.in $OBJ/empty.in

15
crypto/openssh/regress/broken-pipe.sh
View File

@ -1,15 +0,0 @@
# $OpenBSD: broken-pipe.sh,v 1.4 2002/03/15 13:08:56 markus Exp $
# Placed in the Public Domain.
tid="broken pipe test"
for p in 1 2; do
trace "protocol $p"
for i in 1 2 3 4; do
${SSH} -$p -F $OBJ/ssh_config_config nexthost echo $i 2> /dev/null | true
r=$?
if [ $r -ne 0 ]; then
fail "broken pipe returns $r for protocol $p"
fi
done
done

23
crypto/openssh/regress/brokenkeys.sh
View File

@ -1,23 +0,0 @@
# $OpenBSD: brokenkeys.sh,v 1.1 2004/10/29 23:59:22 djm Exp $
# Placed in the Public Domain.
tid="broken keys"
KEYS="$OBJ/authorized_keys_${USER}"
start_sshd
mv ${KEYS} ${KEYS}.bak
# Truncated key
echo "ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAIEABTM= bad key" > $KEYS
cat ${KEYS}.bak >> ${KEYS}
cat $OBJ/$t.pub >> $OBJ/authorized_keys_$USER
${SSH} -2 -F $OBJ/ssh_config somehost true
if [ $? -ne 0 ]; then
fail "ssh connect with protocol $p failed"
fi
mv ${KEYS}.bak ${KEYS}

79
crypto/openssh/regress/bsd.regress.mk
View File

@ -1,79 +0,0 @@
# $OpenBSD: bsd.regress.mk,v 1.9 2002/02/17 01:10:15 marc Exp $
# No man pages for regression tests.
NOMAN=
# No installation.
install:
# If REGRESSTARGETS is defined and PROG is not defined, set NOPROG
.if defined(REGRESSTARGETS) && !defined(PROG)
NOPROG=
.endif
.include <bsd.prog.mk>
.MAIN: all
all: regress
# XXX - Need full path to REGRESSLOG, otherwise there will be much pain.
REGRESSLOG?=/dev/null
REGRESSNAME=${.CURDIR:S/${BSDSRCDIR}\/regress\///}
.if defined(PROG) && !empty(PROG)
run-regress-${PROG}: ${PROG}
./${PROG}
.endif
.if !defined(REGRESSTARGETS)
REGRESSTARGETS=run-regress-${PROG}
. if defined(REGRESSSKIP)
REGRESSSKIPTARGETS=run-regress-${PROG}
. endif
.endif
REGRESSSKIPSLOW?=no
#.if (${REGRESSSKIPSLOW:L} == "yes") && defined(REGRESSSLOWTARGETS)
.if (${REGRESSSKIPSLOW} == "yes") && defined(REGRESSSLOWTARGETS)
REGRESSSKIPTARGETS+=${REGRESSSLOWTARGETS}
.endif
.if defined(REGRESSROOTTARGETS)
ROOTUSER!=id -g
SUDO?=
. if (${ROOTUSER} != 0) && empty(SUDO)
REGRESSSKIPTARGETS+=${REGRESSROOTTARGETS}
. endif
.endif
REGRESSSKIPTARGETS?=
regress:
.for RT in ${REGRESSTARGETS}
. if ${REGRESSSKIPTARGETS:M${RT}}
@echo -n "SKIP " >> ${REGRESSLOG}
. else
# XXX - we need a better method to see if a test fails due to timeout or just
# normal failure.
. if !defined(REGRESSMAXTIME)
@if cd ${.CURDIR} && ${MAKE} ${RT}; then \
echo -n "SUCCESS " >> ${REGRESSLOG} ; \
else \
echo -n "FAIL " >> ${REGRESSLOG} ; \
echo FAILED ; \
fi
. else
@if cd ${.CURDIR} && (ulimit -t ${REGRESSMAXTIME} ; ${MAKE} ${RT}); then \
echo -n "SUCCESS " >> ${REGRESSLOG} ; \
else \
echo -n "FAIL (possible timeout) " >> ${REGRESSLOG} ; \
echo FAILED ; \
fi
. endif
. endif
@echo ${REGRESSNAME}/${RT:S/^run-regress-//} >> ${REGRESSLOG}
.endfor
.PHONY: regress

106
crypto/openssh/regress/cfgmatch.sh
View File

@ -1,106 +0,0 @@
# $OpenBSD: cfgmatch.sh,v 1.2 2006/07/22 01:50:00 dtucker Exp $
# Placed in the Public Domain.
tid="sshd_config match"
pidfile=$OBJ/remote_pid
fwdport=3301
fwd="-L $fwdport:127.0.0.1:$PORT"
stop_client()
{
pid=`cat $pidfile`
if [ ! -z "$pid" ]; then
kill $pid
sleep 1
fi
}
cp $OBJ/sshd_proxy $OBJ/sshd_proxy_bak
echo "PermitOpen 127.0.0.1:1" >>$OBJ/sshd_config
echo "Match Address 127.0.0.1" >>$OBJ/sshd_config
echo "PermitOpen 127.0.0.1:$PORT" >>$OBJ/sshd_config
echo "PermitOpen 127.0.0.1:1" >>$OBJ/sshd_proxy
echo "Match Address 127.0.0.1" >>$OBJ/sshd_proxy
echo "PermitOpen 127.0.0.1:$PORT" >>$OBJ/sshd_proxy
start_sshd
#set -x
# Test Match + PermitOpen in sshd_config. This should be permitted
for p in 1 2; do
rm -f $pidfile
trace "match permitopen localhost proto $p"
${SSH} -$p $fwd -F $OBJ/ssh_config -f somehost \
"echo \$\$ > $pidfile; exec sleep 100" >>$TEST_SSH_LOGFILE 2>&1 ||\
fail "match permitopen proto $p sshd failed"
sleep 1;
${SSH} -q -$p -p $fwdport -F $OBJ/ssh_config somehost true || \
fail "match permitopen permit proto $p"
stop_client
done
# Same but from different source. This should not be permitted
for p in 1 2; do
rm -f $pidfile
trace "match permitopen proxy proto $p"
${SSH} -q -$p $fwd -F $OBJ/ssh_proxy -f somehost \
"echo \$\$ > $pidfile; exec sleep 100" >>$TEST_SSH_LOGFILE 2>&1 ||\
fail "match permitopen proxy proto $p sshd failed"
sleep 1;
${SSH} -q -$p -p $fwdport -F $OBJ/ssh_config somehost true && \
fail "match permitopen deny proto $p"
stop_client
done
# Retry previous with key option, should also be denied.
echo -n 'permitopen="127.0.0.1:'$PORT'" ' >$OBJ/authorized_keys_$USER
cat $OBJ/rsa.pub >> $OBJ/authorized_keys_$USER
echo -n 'permitopen="127.0.0.1:'$PORT'" ' >>$OBJ/authorized_keys_$USER
cat $OBJ/rsa1.pub >> $OBJ/authorized_keys_$USER
for p in 1 2; do
rm -f $pidfile
trace "match permitopen proxy w/key opts proto $p"
${SSH} -q -$p $fwd -F $OBJ/ssh_proxy -f somehost \
"echo \$\$ > $pidfile; exec sleep 100" >>$TEST_SSH_LOGFILE 2>&1 ||\
fail "match permitopen w/key opt proto $p sshd failed"
sleep 1;
${SSH} -q -$p -p $fwdport -F $OBJ/ssh_config somehost true && \
fail "match permitopen deny w/key opt proto $p"
stop_client
done
# Test both sshd_config and key options permitting the same dst/port pair.
# Should be permitted.
for p in 1 2; do
rm -f $pidfile
trace "match permitopen localhost proto $p"
${SSH} -$p $fwd -F $OBJ/ssh_config -f somehost \
"echo \$\$ > $pidfile; exec sleep 100" >>$TEST_SSH_LOGFILE 2>&1 ||\
fail "match permitopen proto $p sshd failed"
sleep 1;
${SSH} -q -$p -p $fwdport -F $OBJ/ssh_config somehost true || \
fail "match permitopen permit proto $p"
stop_client
done
cp $OBJ/sshd_proxy_bak $OBJ/sshd_proxy
echo "PermitOpen 127.0.0.1:1 127.0.0.1:$PORT 127.0.0.2:2" >>$OBJ/sshd_proxy
echo "Match User $USER" >>$OBJ/sshd_proxy
echo "PermitOpen 127.0.0.1:1 127.0.0.1:2" >>$OBJ/sshd_proxy
# Test that a Match overrides a PermitOpen in the global section
for p in 1 2; do
rm -f $pidfile
trace "match permitopen proxy w/key opts proto $p"
${SSH} -q -$p $fwd -F $OBJ/ssh_proxy -f somehost \
"echo \$\$ > $pidfile; exec sleep 100" >>$TEST_SSH_LOGFILE 2>&1 ||\
fail "match override permitopen proto $p sshd failed"
sleep 1;
${SSH} -q -$p -p $fwdport -F $OBJ/ssh_config somehost true && \
fail "match override permitopen proto $p"
stop_client
done

47
crypto/openssh/regress/cipher-speed.sh
View File

@ -1,47 +0,0 @@
# $OpenBSD: cipher-speed.sh,v 1.2 2005/05/24 04:09:54 djm Exp $
# Placed in the Public Domain.
tid="cipher speed"
getbytes ()
{
sed -n '/transferred/s/.*secs (\(.* bytes.sec\).*/\1/p'
}
tries="1 2"
DATA=/bin/ls
DATA=/bsd
macs="hmac-sha1 hmac-md5 hmac-sha1-96 hmac-md5-96"
ciphers="aes128-cbc 3des-cbc blowfish-cbc cast128-cbc
arcfour128 arcfour256 arcfour aes192-cbc aes256-cbc aes128-ctr"
for c in $ciphers; do for m in $macs; do
trace "proto 2 cipher $c mac $m"
for x in $tries; do
echo -n "$c/$m:\t"
( ${SSH} -o 'compression no' \
-F $OBJ/ssh_proxy -2 -m $m -c $c somehost \
exec sh -c \'"dd of=/dev/null obs=32k"\' \
< ${DATA} ) 2>&1 | getbytes
if [ $? -ne 0 ]; then
fail "ssh -2 failed with mac $m cipher $c"
fi
done
done; done
ciphers="3des blowfish"
for c in $ciphers; do
trace "proto 1 cipher $c"
for x in $tries; do
echo -n "$c:\t"
( ${SSH} -o 'compression no' \
-F $OBJ/ssh_proxy -1 -c $c somehost \
exec sh -c \'"dd of=/dev/null obs=32k"\' \
< ${DATA} ) 2>&1 | getbytes
if [ $? -ne 0 ]; then
fail "ssh -1 failed with cipher $c"
fi
done
done

13
crypto/openssh/regress/connect-privsep.sh
View File

@ -1,13 +0,0 @@
# $OpenBSD: connect-privsep.sh,v 1.1 2002/03/21 21:45:07 markus Exp $
# Placed in the Public Domain.
tid="proxy connect with privsep"
echo 'UsePrivilegeSeparation yes' >> $OBJ/sshd_proxy
for p in 1 2; do
${SSH} -$p -F $OBJ/ssh_proxy 999.999.999.999 true
if [ $? -ne 0 ]; then
fail "ssh privsep+proxyconnect protocol $p failed"
fi
done

13
crypto/openssh/regress/connect.sh
View File

@ -1,13 +0,0 @@
# $OpenBSD: connect.sh,v 1.4 2002/03/15 13:08:56 markus Exp $
# Placed in the Public Domain.
tid="simple connect"
start_sshd
for p in 1 2; do
${SSH} -o "Protocol=$p" -F $OBJ/ssh_config somehost true
if [ $? -ne 0 ]; then
fail "ssh connect with protocol $p failed"
fi
done

BIN
crypto/openssh/regress/copy.1
View File

Binary file not shown.

BIN
crypto/openssh/regress/copy.2
View File

Binary file not shown.

14
crypto/openssh/regress/dsa_ssh2.prv
View File

@ -1,14 +0,0 @@
---- BEGIN SSH2 ENCRYPTED PRIVATE KEY ----
Subject: ssh-keygen test
Comment: "1024-bit dsa, Tue Jan 08 2002 22:00:23 +0100"
P2/56wAAAgIAAAAmZGwtbW9kcHtzaWdue2RzYS1uaXN0LXNoYTF9LGRoe3BsYWlufX0AAA
AEbm9uZQAAAcQAAAHAAAAAAAAABACwUfm3AxZTut3icBmwCcD48nY64HzuELlQ+vEqjIcR
Lo49es/DQTeLNQ+kdKRCfouosGNv0WqxRtF0tUsWdXxS37oHGa4QPugBdHRd7YlZGZv8kg
x7FsoepY7v7E683/97dv2zxL3AGagTEzWr7fl0yPexAaZoDvtQrrjX44BLmwAABACWQkvv
MxnD8eFkS1konFfMJ1CkuRfTN34CBZ6dY7VTSGemy4QwtFdMKmoufD0eKgy3p5WOeWCYKt
F4FhjHKZk/aaxFjjIbtkrnlvXg64QI11dSZyBN6/ViQkHPSkUDF+A6AAEhrNbQbAFSvao1
kTvNtPCtL0AkUIduEMzGQfLCTAAAAKDeC043YVo9Zo0zAEeIA4uZh4LBCQAAA/9aj7Y5ik
ehygJ4qTDSlVypsPuV+n59tMS0e2pfrSG87yf5r94AKBmJeho5OO6wYaXCxsVB7AFbSUD6
75AK8mHF4v1/+7SWKk5f8xlMCMSPZ9K0+j/W1d/q2qkhnnDZolOHDomLA+U00i5ya/jnTV
zyDPWLFpWK8u3xGBPAYX324gAAAKDHFvooRnaXdZbeWGTTqmgHB1GU9A==
---- END SSH2 ENCRYPTED PRIVATE KEY ----

13
crypto/openssh/regress/dsa_ssh2.pub
View File

@ -1,13 +0,0 @@
---- BEGIN SSH2 PUBLIC KEY ----
Subject: ssh-keygen test
Comment: "1024-bit dsa, Tue Jan 08 2002 22:00:23 +0100"
AAAAB3NzaC1kc3MAAACBALBR+bcDFlO63eJwGbAJwPjydjrgfO4QuVD68SqMhxEujj16z8
NBN4s1D6R0pEJ+i6iwY2/RarFG0XS1SxZ1fFLfugcZrhA+6AF0dF3tiVkZm/ySDHsWyh6l
ju/sTrzf/3t2/bPEvcAZqBMTNavt+XTI97EBpmgO+1CuuNfjgEubAAAAFQDeC043YVo9Zo
0zAEeIA4uZh4LBCQAAAIEAlkJL7zMZw/HhZEtZKJxXzCdQpLkX0zd+AgWenWO1U0hnpsuE
MLRXTCpqLnw9HioMt6eVjnlgmCrReBYYxymZP2msRY4yG7ZK55b14OuECNdXUmcgTev1Yk
JBz0pFAxfgOgABIazW0GwBUr2qNZE7zbTwrS9AJFCHbhDMxkHywkwAAACAWo+2OYpHocoC
eKkw0pVcqbD7lfp+fbTEtHtqX60hvO8n+a/eACgZiXoaOTjusGGlwsbFQewBW0lA+u+QCv
JhxeL9f/u0lipOX/MZTAjEj2fStPo/1tXf6tqpIZ5w2aJThw6JiwPlNNIucmv4501c8gz1
ixaVivLt8RgTwGF99uI=
---- END SSH2 PUBLIC KEY ----

50
crypto/openssh/regress/dynamic-forward.sh
View File

@ -1,50 +0,0 @@
# $OpenBSD: dynamic-forward.sh,v 1.4 2004/06/22 22:55:56 dtucker Exp $
# Placed in the Public Domain.
tid="dynamic forwarding"
FWDPORT=`expr $PORT + 1`
DATA=/bin/ls${EXEEXT}
if have_prog nc && nc -h 2>&1 | grep "proxy address" >/dev/null; then
proxycmd="nc -x 127.0.0.1:$FWDPORT -X"
elif have_prog connect; then
proxycmd="connect -S 127.0.0.1:$FWDPORT -"
else
echo "skipped (no suitable ProxyCommand found)"
exit 0
fi
trace "will use ProxyCommand $proxycmd"
start_sshd
for p in 1 2; do
trace "start dynamic forwarding, fork to background"
${SSH} -$p -F $OBJ/ssh_config -f -D $FWDPORT -q somehost \
exec sh -c \'"echo \$\$ > $OBJ/remote_pid; exec sleep 444"\'
for s in 4 5; do
for h in 127.0.0.1 localhost; do
trace "testing ssh protocol $p socks version $s host $h"
${SSH} -F $OBJ/ssh_config \
-o "ProxyCommand ${proxycmd}${s} $h $PORT" \
somehost cat $DATA > $OBJ/ls.copy
test -f $OBJ/ls.copy || fail "failed copy $DATA"
cmp $DATA $OBJ/ls.copy || fail "corrupted copy of $DATA"
done
done
if [ -f $OBJ/remote_pid ]; then
remote=`cat $OBJ/remote_pid`
trace "terminate remote shell, pid $remote"
if [ $remote -gt 1 ]; then
kill -HUP $remote
fi
else
fail "no pid file: $OBJ/remote_pid"
fi
# Must allow time for connection tear-down
sleep 2
done

60
crypto/openssh/regress/envpass.sh
View File

@ -1,60 +0,0 @@
# $OpenBSD: envpass.sh,v 1.4 2005/03/04 08:48:46 djm Exp $
# Placed in the Public Domain.
tid="environment passing"
# NB accepted env vars are in test-exec.sh (_XXX_TEST_* and _XXX_TEST)
# Prepare a custom config to test for a configuration parsing bug fixed in 4.0
cat << EOF > $OBJ/ssh_proxy_envpass
Host test-sendenv-confparse-bug
SendEnv *
EOF
cat $OBJ/ssh_proxy >> $OBJ/ssh_proxy_envpass
trace "pass env, don't accept"
verbose "test $tid: pass env, don't accept"
_TEST_ENV=blah ${SSH} -oSendEnv="*" -F $OBJ/ssh_proxy_envpass otherhost \
sh << 'EOF'
test -z "$_TEST_ENV"
EOF
r=$?
if [ $r -ne 0 ]; then
fail "environment found"
fi
trace "don't pass env, accept"
verbose "test $tid: don't pass env, accept"
_XXX_TEST_A=1 _XXX_TEST_B=2 ${SSH} -F $OBJ/ssh_proxy_envpass otherhost \
sh << 'EOF'
test -z "$_XXX_TEST_A" && test -z "$_XXX_TEST_B"
EOF
r=$?
if [ $r -ne 0 ]; then
fail "environment found"
fi
trace "pass single env, accept single env"
verbose "test $tid: pass single env, accept single env"
_XXX_TEST=blah ${SSH} -oSendEnv="_XXX_TEST" -F $OBJ/ssh_proxy_envpass \
otherhost sh << 'EOF'
test X"$_XXX_TEST" = X"blah"
EOF
r=$?
if [ $r -ne 0 ]; then
fail "environment not found"
fi
trace "pass multiple env, accept multiple env"
verbose "test $tid: pass multiple env, accept multiple env"
_XXX_TEST_A=1 _XXX_TEST_B=2 ${SSH} -oSendEnv="_XXX_TEST_*" \
-F $OBJ/ssh_proxy_envpass otherhost \
sh << 'EOF'
test X"$_XXX_TEST_A" = X"1" -a X"$_XXX_TEST_B" = X"2"
EOF
r=$?
if [ $r -ne 0 ]; then
fail "environment not found"
fi
rm -f $OBJ/ssh_proxy_envpass

24
crypto/openssh/regress/exit-status.sh
View File

@ -1,24 +0,0 @@
# $OpenBSD: exit-status.sh,v 1.6 2002/03/15 13:08:56 markus Exp $
# Placed in the Public Domain.
tid="remote exit status"
for p in 1 2; do
for s in 0 1 4 5 44; do
trace "proto $p status $s"
verbose "test $tid: proto $p status $s"
${SSH} -$p -F $OBJ/ssh_proxy otherhost exit $s
r=$?
if [ $r -ne $s ]; then
fail "exit code mismatch for protocol $p: $r != $s"
fi
# same with early close of stdout/err
${SSH} -$p -F $OBJ/ssh_proxy -n otherhost \
exec sh -c \'"sleep 2; exec > /dev/null 2>&1; sleep 3; exit $s"\'
r=$?
if [ $r -ne $s ]; then
fail "exit code (with sleep) mismatch for protocol $p: $r != $s"
fi
done
done

42
crypto/openssh/regress/forcecommand.sh
View File

@ -1,42 +0,0 @@
# $OpenBSD: forcecommand.sh,v 1.1 2006/07/19 13:09:28 dtucker Exp $
# Placed in the Public Domain.
tid="forced command"
cp $OBJ/sshd_proxy $OBJ/sshd_proxy_bak
echon 'command="true" ' >$OBJ/authorized_keys_$USER
cat $OBJ/rsa.pub >> $OBJ/authorized_keys_$USER
echon 'command="true" ' >>$OBJ/authorized_keys_$USER
cat $OBJ/rsa1.pub >> $OBJ/authorized_keys_$USER
for p in 1 2; do
trace "forced command in key option proto $p"
${SSH} -$p -F $OBJ/ssh_proxy somehost false \ ||
fail "forced command in key proto $p"
done
echon 'command="false" ' >$OBJ/authorized_keys_$USER
cat $OBJ/rsa.pub >> $OBJ/authorized_keys_$USER
echon 'command="false" ' >>$OBJ/authorized_keys_$USER
cat $OBJ/rsa1.pub >> $OBJ/authorized_keys_$USER
cp $OBJ/sshd_proxy_bak $OBJ/sshd_proxy
echo "ForceCommand true" >> $OBJ/sshd_proxy
for p in 1 2; do
trace "forced command in sshd_config overrides key option proto $p"
${SSH} -$p -F $OBJ/ssh_proxy somehost false \ ||
fail "forced command in key proto $p"
done
cp $OBJ/sshd_proxy_bak $OBJ/sshd_proxy
echo "ForceCommand false" >> $OBJ/sshd_proxy
echo "Match User $USER" >> $OBJ/sshd_proxy
echo " ForceCommand true" >> $OBJ/sshd_proxy
for p in 1 2; do
trace "forced command with match proto $p"
${SSH} -$p -F $OBJ/ssh_proxy somehost false \ ||
fail "forced command in key proto $p"
done

95
crypto/openssh/regress/forwarding.sh
View File

@ -1,95 +0,0 @@
# $OpenBSD: forwarding.sh,v 1.6 2006/07/11 18:51:21 markus Exp $
# Placed in the Public Domain.
tid="local and remote forwarding"
DATA=/bin/ls${EXEEXT}
start_sshd
base=33
last=$PORT
fwd=""
for j in 0 1 2; do
for i in 0 1 2; do
a=$base$j$i
b=`expr $a + 50`
c=$last
# fwd chain: $a -> $b -> $c
fwd="$fwd -L$a:127.0.0.1:$b -R$b:127.0.0.1:$c"
last=$a
done
done
for p in 1 2; do
q=`expr 3 - $p`
trace "start forwarding, fork to background"
${SSH} -$p -F $OBJ/ssh_config -f $fwd somehost sleep 10
trace "transfer over forwarded channels and check result"
${SSH} -$q -F $OBJ/ssh_config -p$last -o 'ConnectionAttempts=4' \
somehost cat $DATA > $OBJ/ls.copy
test -f $OBJ/ls.copy || fail "failed copy $DATA"
cmp $DATA $OBJ/ls.copy || fail "corrupted copy of $DATA"
sleep 10
done
for p in 1 2; do
for d in L R; do
trace "exit on -$d forward failure, proto $p"
# this one should succeed
${SSH} -$p -F $OBJ/ssh_config \
-$d ${base}01:127.0.0.1:$PORT \
-$d ${base}02:127.0.0.1:$PORT \
-$d ${base}03:127.0.0.1:$PORT \
-$d ${base}04:127.0.0.1:$PORT \
-oExitOnForwardFailure=yes somehost true
if [ $? != 0 ]; then
fail "connection failed, should not"
else
# this one should fail
${SSH} -q -$p -F $OBJ/ssh_config \
-$d ${base}01:127.0.0.1:$PORT \
-$d ${base}02:127.0.0.1:$PORT \
-$d ${base}03:127.0.0.1:$PORT \
-$d ${base}01:127.0.0.1:$PORT \
-$d ${base}04:127.0.0.1:$PORT \
-oExitOnForwardFailure=yes somehost true
r=$?
if [ $r != 255 ]; then
fail "connection not termintated, but should ($r)"
fi
fi
done
done
for p in 1 2; do
trace "simple clear forwarding proto $p"
${SSH} -$p -F $OBJ/ssh_config -oClearAllForwardings=yes somehost true
trace "clear local forward proto $p"
${SSH} -$p -f -F $OBJ/ssh_config -L ${base}01:127.0.0.1:$PORT \
-oClearAllForwardings=yes somehost sleep 10
if [ $? != 0 ]; then
fail "connection failed with cleared local forwarding"
else
# this one should fail
${SSH} -$p -F $OBJ/ssh_config -p ${base}01 true \
2>${TEST_SSH_LOGFILE} && \
fail "local forwarding not cleared"
fi
sleep 10
trace "clear remote forward proto $p"
${SSH} -$p -f -F $OBJ/ssh_config -R ${base}01:127.0.0.1:$PORT \
-oClearAllForwardings=yes somehost sleep 10
if [ $? != 0 ]; then
fail "connection failed with cleared remote forwarding"
else
# this one should fail
${SSH} -$p -F $OBJ/ssh_config -p ${base}01 true \
2>${TEST_SSH_LOGFILE} && \
fail "remote forwarding not cleared"
fi
sleep 10
done

23
crypto/openssh/regress/keygen-change.sh
View File

@ -1,23 +0,0 @@
# $OpenBSD: keygen-change.sh,v 1.2 2002/07/16 09:15:55 markus Exp $
# Placed in the Public Domain.
tid="change passphrase for key"
S1="secret1"
S2="2secret"
for t in rsa dsa rsa1; do
# generate user key for agent
trace "generating $t key"
rm -f $OBJ/$t-key
${SSHKEYGEN} -q -N ${S1} -t $t -f $OBJ/$t-key
if [ $? -eq 0 ]; then
${SSHKEYGEN} -p -P ${S1} -N ${S2} -f $OBJ/$t-key > /dev/null
if [ $? -ne 0 ]; then
fail "ssh-keygen -p failed for $t-key"
fi
else
fail "ssh-keygen for $t-key failed"
fi
rm -f $OBJ/$t-key $OBJ/$t-key.pub
done

19
crypto/openssh/regress/keyscan.sh
View File

@ -1,19 +0,0 @@
# $OpenBSD: keyscan.sh,v 1.3 2002/03/15 13:08:56 markus Exp $
# Placed in the Public Domain.
tid="keyscan"
# remove DSA hostkey
rm -f ${OBJ}/host.dsa
start_sshd
for t in rsa1 rsa dsa; do
trace "keyscan type $t"
${SSHKEYSCAN} -t $t -p $PORT 127.0.0.1 127.0.0.1 127.0.0.1 \
> /dev/null 2>&1
r=$?
if [ $r -ne 0 ]; then
fail "ssh-keyscan -t $t failed with: $r"
fi
done

29
crypto/openssh/regress/login-timeout.sh
View File

@ -1,29 +0,0 @@
# $OpenBSD: login-timeout.sh,v 1.4 2005/02/27 23:13:36 djm Exp $
# Placed in the Public Domain.
tid="connect after login grace timeout"
trace "test login grace with privsep"
echo "LoginGraceTime 10s" >> $OBJ/sshd_config
echo "MaxStartups 1" >> $OBJ/sshd_config
start_sshd
(echo SSH-2.0-fake; sleep 60) | telnet 127.0.0.1 ${PORT} >/dev/null 2>&1 &
sleep 15
${SSH} -F $OBJ/ssh_config somehost true
if [ $? -ne 0 ]; then
fail "ssh connect after login grace timeout failed with privsep"
fi
$SUDO kill `cat $PIDFILE`
trace "test login grace without privsep"
echo "UsePrivilegeSeparation no" >> $OBJ/sshd_config
start_sshd
(echo SSH-2.0-fake; sleep 60) | telnet 127.0.0.1 ${PORT} >/dev/null 2>&1 &
sleep 15
${SSH} -F $OBJ/ssh_config somehost true
if [ $? -ne 0 ]; then
fail "ssh connect after login grace timeout failed without privsep"
fi

92
crypto/openssh/regress/multiplex.sh
View File

@ -1,92 +0,0 @@
# $OpenBSD: multiplex.sh,v 1.11 2005/04/25 09:54:09 dtucker Exp $
# Placed in the Public Domain.
CTL=/tmp/openssh.regress.ctl-sock.$$
tid="connection multiplexing"
if grep "#define.*DISABLE_FD_PASSING" ${BUILDDIR}/config.h >/dev/null 2>&1
then
echo "skipped (not supported on this platform)"
exit 0
fi
DATA=/bin/ls${EXEEXT}
COPY=$OBJ/ls.copy
LOG=$TEST_SSH_LOGFILE
start_sshd
trace "start master, fork to background"
${SSH} -Nn2 -MS$CTL -F $OBJ/ssh_config -oSendEnv="_XXX_TEST" somehost &
MASTER_PID=$!
# Wait for master to start and authenticate
sleep 5
verbose "test $tid: envpass"
trace "env passing over multiplexed connection"
_XXX_TEST=blah ${SSH} -oSendEnv="_XXX_TEST" -S$CTL otherhost sh << 'EOF'
test X"$_XXX_TEST" = X"blah"
EOF
if [ $? -ne 0 ]; then
fail "environment not found"
fi
verbose "test $tid: transfer"
rm -f ${COPY}
trace "ssh transfer over multiplexed connection and check result"
${SSH} -S$CTL otherhost cat ${DATA} > ${COPY}
test -f ${COPY} || fail "ssh -Sctl: failed copy ${DATA}"
cmp ${DATA} ${COPY} || fail "ssh -Sctl: corrupted copy of ${DATA}"
rm -f ${COPY}
trace "ssh transfer over multiplexed connection and check result"
${SSH} -S $CTL otherhost cat ${DATA} > ${COPY}
test -f ${COPY} || fail "ssh -S ctl: failed copy ${DATA}"
cmp ${DATA} ${COPY} || fail "ssh -S ctl: corrupted copy of ${DATA}"
rm -f ${COPY}
trace "sftp transfer over multiplexed connection and check result"
echo "get ${DATA} ${COPY}" | \
${SFTP} -S ${SSH} -oControlPath=$CTL otherhost >$LOG 2>&1
test -f ${COPY} || fail "sftp: failed copy ${DATA}"
cmp ${DATA} ${COPY} || fail "sftp: corrupted copy of ${DATA}"
rm -f ${COPY}
trace "scp transfer over multiplexed connection and check result"
${SCP} -S ${SSH} -oControlPath=$CTL otherhost:${DATA} ${COPY} >$LOG 2>&1
test -f ${COPY} || fail "scp: failed copy ${DATA}"
cmp ${DATA} ${COPY} || fail "scp: corrupted copy of ${DATA}"
rm -f ${COPY}
for s in 0 1 4 5 44; do
trace "exit status $s over multiplexed connection"
verbose "test $tid: status $s"
${SSH} -S $CTL otherhost exit $s
r=$?
if [ $r -ne $s ]; then
fail "exit code mismatch for protocol $p: $r != $s"
fi
# same with early close of stdout/err
trace "exit status $s with early close over multiplexed connection"
${SSH} -S $CTL -n otherhost \
exec sh -c \'"sleep 2; exec > /dev/null 2>&1; sleep 3; exit $s"\'
r=$?
if [ $r -ne $s ]; then
fail "exit code (with sleep) mismatch for protocol $p: $r != $s"
fi
done
trace "test check command"
${SSH} -S $CTL -Ocheck otherhost || fail "check command failed"
trace "test exit command"
${SSH} -S $CTL -Oexit otherhost || fail "send exit command failed"
# Wait for master to exit
sleep 2
kill -0 $MASTER_PID >/dev/null 2>&1 && fail "exit command failed"

19
crypto/openssh/regress/proto-mismatch.sh
View File

@ -1,19 +0,0 @@
# $OpenBSD: proto-mismatch.sh,v 1.3 2002/03/15 13:08:56 markus Exp $
# Placed in the Public Domain.
tid="protocol version mismatch"
mismatch ()
{
server=$1
client=$2
banner=`echo ${client} | ${SSHD} -o "Protocol=${server}" -i -f ${OBJ}/sshd_proxy`
r=$?
trace "sshd prints ${banner}"
if [ $r -ne 255 ]; then
fail "sshd prints ${banner} and accepts connect with version ${client}"
fi
}
mismatch 2 SSH-1.5-HALLO
mismatch 1 SSH-2.0-HALLO

34
crypto/openssh/regress/proto-version.sh
View File

@ -1,34 +0,0 @@
# $OpenBSD: proto-version.sh,v 1.3 2002/03/15 13:08:56 markus Exp $
# Placed in the Public Domain.
tid="sshd version with different protocol combinations"
# we just start sshd in inetd mode and check the banner
check_version ()
{
version=$1
expect=$2
banner=`echon | ${SSHD} -o "Protocol=${version}" -i -f ${OBJ}/sshd_proxy`
case ${banner} in
SSH-1.99-*)
proto=199
;;
SSH-2.0-*)
proto=20
;;
SSH-1.5-*)
proto=15
;;
*)
proto=0
;;
esac
if [ ${expect} -ne ${proto} ]; then
fail "wrong protocol version ${banner} for ${version}"
fi
}
check_version 2,1 199
check_version 1,2 199
check_version 2 20
check_version 1 15

18
crypto/openssh/regress/proxy-connect.sh
View File

@ -1,18 +0,0 @@
# $OpenBSD: proxy-connect.sh,v 1.5 2002/12/09 15:28:46 markus Exp $
# Placed in the Public Domain.
tid="proxy connect"
for p in 1 2; do
${SSH} -$p -F $OBJ/ssh_proxy 999.999.999.999 true
if [ $? -ne 0 ]; then
fail "ssh proxyconnect protocol $p failed"
fi
SSH_CONNECTION=`${SSH} -$p -F $OBJ/ssh_proxy 999.999.999.999 'echo $SSH_CONNECTION'`
if [ $? -ne 0 ]; then
fail "ssh proxyconnect protocol $p failed"
fi
if [ "$SSH_CONNECTION" != "UNKNOWN 65535 UNKNOWN 65535" ]; then
fail "bad SSH_CONNECTION"
fi
done

36
crypto/openssh/regress/reconfigure.sh
View File

@ -1,36 +0,0 @@
# $OpenBSD: reconfigure.sh,v 1.2 2003/06/21 09:14:05 markus Exp $
# Placed in the Public Domain.
tid="simple connect after reconfigure"
# we need the full path to sshd for -HUP
case $SSHD in
/*)
# full path is OK
;;
*)
# otherwise make fully qualified
SSHD=$OBJ/$SSHD
esac
start_sshd
PID=`cat $PIDFILE`
rm -f $PIDFILE
$SUDO kill -HUP $PID
trace "wait for sshd to restart"
i=0;
while [ ! -f $PIDFILE -a $i -lt 10 ]; do
i=`expr $i + 1`
sleep $i
done
test -f $PIDFILE || fatal "sshd did not restart"
for p in 1 2; do
${SSH} -o "Protocol=$p" -F $OBJ/ssh_config somehost true
if [ $? -ne 0 ]; then
fail "ssh connect with protocol $p failed after reconfigure"
fi
done

72
crypto/openssh/regress/reexec.sh
View File

@ -1,72 +0,0 @@
# $OpenBSD: reexec.sh,v 1.5 2004/10/08 02:01:50 djm Exp $
# Placed in the Public Domain.
tid="reexec tests"
DATA=/bin/ls${EXEEXT}
COPY=${OBJ}/copy
SSHD_ORIG=$SSHD${EXEEXT}
SSHD_COPY=$OBJ/sshd${EXEEXT}
# Start a sshd and then delete it
start_sshd_copy ()
{
cp $SSHD_ORIG $SSHD_COPY
SSHD=$SSHD_COPY
start_sshd
SSHD=$SSHD_ORIG
}
# Do basic copy tests
copy_tests ()
{
rm -f ${COPY}
for p in 1 2; do
verbose "$tid: proto $p"
${SSH} -nqo "Protocol=$p" -F $OBJ/ssh_config somehost \
cat ${DATA} > ${COPY}
if [ $? -ne 0 ]; then
fail "ssh cat $DATA failed"
fi
cmp ${DATA} ${COPY} || fail "corrupted copy"
rm -f ${COPY}
done
}
verbose "test config passing"
cp $OBJ/sshd_config $OBJ/sshd_config.orig
start_sshd
echo "InvalidXXX=no" >> $OBJ/sshd_config
copy_tests
$SUDO kill `cat $PIDFILE`
rm -f $PIDFILE
cp $OBJ/sshd_config.orig $OBJ/sshd_config
verbose "test reexec fallback"
start_sshd_copy
rm -f $SSHD_COPY
copy_tests
$SUDO kill `cat $PIDFILE`
rm -f $PIDFILE
verbose "test reexec fallback without privsep"
cp $OBJ/sshd_config.orig $OBJ/sshd_config
echo "UsePrivilegeSeparation=no" >> $OBJ/sshd_config
start_sshd_copy
rm -f $SSHD_COPY
copy_tests
$SUDO kill `cat $PIDFILE`
rm -f $PIDFILE

32
crypto/openssh/regress/rekey.sh
View File

@ -1,32 +0,0 @@
# $OpenBSD: rekey.sh,v 1.1 2003/03/28 13:58:28 markus Exp $
# Placed in the Public Domain.
tid="rekey during transfer data"
DATA=${OBJ}/data
COPY=${OBJ}/copy
LOG=${OBJ}/log
rm -f ${COPY} ${LOG} ${DATA}
touch ${DATA}
dd if=/bin/ls${EXEEXT} of=${DATA} bs=1k seek=511 count=1 > /dev/null 2>&1
for s in 16 1k 128k 256k; do
trace "rekeylimit ${s}"
rm -f ${COPY}
cat $DATA | \
${SSH} -oCompression=no -oRekeyLimit=$s \
-v -F $OBJ/ssh_proxy somehost "cat > ${COPY}" \
2> ${LOG}
if [ $? -ne 0 ]; then
fail "ssh failed"
fi
cmp $DATA ${COPY} || fail "corrupted copy"
n=`grep 'NEWKEYS sent' ${LOG} | wc -l`
n=`expr $n - 1`
trace "$n rekeying(s)"
if [ $n -lt 1 ]; then
fail "no rekeying occured"
fi
done
rm -f ${COPY} ${LOG} ${DATA}

15
crypto/openssh/regress/rsa_openssh.prv
View File

@ -1,15 +0,0 @@
-----BEGIN RSA PRIVATE KEY-----
MIICWgIBAAKBgQDsilwKcaKN6wSMNd1WgQ9+HRqQEkD0kCTVttrazGu0OhBU3Uko
+dFD1Ip0CxdXmN25JQWxOYF7h/Ocu8P3jzv3RTX87xKR0YzlXTLX+SLtF/ySebS3
xWPrlfRUDhh03hR5V+8xxvvy9widPYKw/oItwGSueOsEq1LTczCDv2dAjQIDAQAB
An8nH5VzvHkMbSqJ6eOYDsVwomRvYbH5IEaYl1x6VATITNvAu9kUdQ4NsSpuMc+7
Jj9gKZvmO1y2YCKc0P/iO+i/eV0L+yQh1Rw18jQZll+12T+LZrKRav03YNvMx0gN
wqWY48Kt6hv2/N/ebQzKRe79+D0t2cTh92hT7xENFLIBAkEBGnoGKFjAUkJCwO1V
mzpUqMHpRZVOrqP9hUmPjzNJ5oBPFGe4+h1hoSRFOAzaNuZt8ssbqaLCkzB8bfzj
qhZqAQJBANZekuUpp8iBLeLSagw5FkcPwPzq6zfExbhvsZXb8Bo/4SflNs4JHXwI
7SD9Z8aJLvM4uQ/5M70lblDMQ40i3o0CQQDIJvBYBFL5tlOgakq/O7yi+wt0L5BZ
9H79w5rCSAA0IHRoK/qI1urHiHC3f3vbbLk5UStfrqEaND/mm0shyNIBAkBLsYdC
/ctt5Bc0wUGK4Vl5bBmj9LtrrMJ4FpBpLwj/69BwCuKoK9XKZ0h73p6XHveCEGRg
PIlFX4MtaoLrwgU9AkBV2k4dgIws+X8YX65EsyyFjnlDqX4x0nSOjQB1msIKfHBr
dh5XLDBTTCxnKhMJ0Yx/opgOvf09XHBFwaQntR5i
-----END RSA PRIVATE KEY-----

1
crypto/openssh/regress/rsa_openssh.pub
View File

@ -1 +0,0 @@
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAAAgQDsilwKcaKN6wSMNd1WgQ9+HRqQEkD0kCTVttrazGu0OhBU3Uko+dFD1Ip0CxdXmN25JQWxOYF7h/Ocu8P3jzv3RTX87xKR0YzlXTLX+SLtF/ySebS3xWPrlfRUDhh03hR5V+8xxvvy9widPYKw/oItwGSueOsEq1LTczCDv2dAjQ==

16
crypto/openssh/regress/rsa_ssh2.prv
View File

@ -1,16 +0,0 @@
---- BEGIN SSH2 ENCRYPTED PRIVATE KEY ----
Subject: ssh-keygen test
Comment: "1024-bit rsa, Sat Jun 23 2001 12:21:26 -0400"
P2/56wAAAi4AAAA3aWYtbW9kbntzaWdue3JzYS1wa2NzMS1zaGExfSxlbmNyeXB0e3JzYS
1wa2NzMXYyLW9hZXB9fQAAAARub25lAAAB3wAAAdsAAAARAQABAAAD9icflXO8eQxtKonp
45gOxXCiZG9hsfkgRpiXXHpUBMhM28C72RR1Dg2xKm4xz7smP2Apm+Y7XLZgIpzQ/+I76L
95XQv7JCHVHDXyNBmWX7XZP4tmspFq/Tdg28zHSA3CpZjjwq3qG/b8395tDMpF7v34PS3Z
xOH3aFPvEQ0UsgEAAAQA7IpcCnGijesEjDXdVoEPfh0akBJA9JAk1bba2sxrtDoQVN1JKP
nRQ9SKdAsXV5jduSUFsTmBe4fznLvD948790U1/O8SkdGM5V0y1/ki7Rf8knm0t8Vj65X0
VA4YdN4UeVfvMcb78vcInT2CsP6CLcBkrnjrBKtS03Mwg79nQI0AAAH/VdpOHYCMLPl/GF
+uRLMshY55Q6l+MdJ0jo0AdZrCCnxwa3YeVywwU0wsZyoTCdGMf6KYDr39PVxwRcGkJ7Ue
YgAAAgDWXpLlKafIgS3i0moMORZHD8D86us3xMW4b7GV2/AaP+En5TbOCR18CO0g/WfGiS
7zOLkP+TO9JW5QzEONIt6NAAACAQEaegYoWMBSQkLA7VWbOlSowelFlU6uo/2FSY+PM0nm
gE8UZ7j6HWGhJEU4DNo25m3yyxuposKTMHxt/OOqFmoB
---- END SSH2 ENCRYPTED PRIVATE KEY ----
---

13
crypto/openssh/regress/runtests.sh
View File

@ -1,13 +0,0 @@
#!/bin/sh
TEST_SSH_SSH=../ssh
TEST_SSH_SSHD=../sshd
TEST_SSH_SSHAGENT=../ssh-agent
TEST_SSH_SSHADD=../ssh-add
TEST_SSH_SSHKEYGEN=../ssh-keygen
TEST_SSH_SSHKEYSCAN=../ssh-keyscan
TEST_SSH_SFTP=../sftp
TEST_SSH_SFTPSERVER=../sftp-server
pmake

57
crypto/openssh/regress/scp-ssh-wrapper.sh
View File

@ -1,57 +0,0 @@
#!/bin/sh
# $OpenBSD: scp-ssh-wrapper.sh,v 1.2 2005/12/14 04:36:39 dtucker Exp $
# Placed in the Public Domain.
printname () {
NAME=$1
save_IFS=$IFS
IFS=/
set -- `echo "$NAME"`
IFS="$save_IFS"
while [ $# -ge 1 ] ; do
if [ "x$1" != "x" ]; then
echo "D0755 0 $1"
fi
shift;
done
}
# Discard all but last argument. We use arg later.
while test "$1" != ""; do
arg="$1"
shift
done
BAD="../../../../../../../../../../../../../${DIR}/dotpathdir"
case "$SCPTESTMODE" in
badserver_0)
echo "D0755 0 /${DIR}/rootpathdir"
echo "C755 2 rootpathfile"
echo "X"
;;
badserver_1)
echo "D0755 0 $BAD"
echo "C755 2 file"
echo "X"
;;
badserver_2)
echo "D0755 0 $BAD"
echo "C755 2 file"
echo "X"
;;
badserver_3)
printname $BAD
echo "C755 2 file"
echo "X"
;;
badserver_4)
printname $BAD
echo "D0755 0 .."
echo "C755 2 file"
echo "X"
;;
*)
exec $arg
;;
esac

127
crypto/openssh/regress/scp.sh
View File

@ -1,127 +0,0 @@
# $OpenBSD: scp.sh,v 1.7 2006/01/31 10:36:33 djm Exp $
# Placed in the Public Domain.
tid="scp"
#set -x
# Figure out if diff understands "-N"
if diff -N ${SRC}/scp.sh ${SRC}/scp.sh 2>/dev/null; then
DIFFOPT="-rN"
else
DIFFOPT="-r"
fi
DATA=/bin/ls${EXEEXT}
COPY=${OBJ}/copy
COPY2=${OBJ}/copy2
DIR=${COPY}.dd
DIR2=${COPY}.dd2
SRC=`dirname ${SCRIPT}`
cp ${SRC}/scp-ssh-wrapper.sh ${OBJ}/scp-ssh-wrapper.scp
chmod 755 ${OBJ}/scp-ssh-wrapper.scp
scpopts="-q -S ${OBJ}/scp-ssh-wrapper.scp"
scpclean() {
rm -rf ${COPY} ${COPY2} ${DIR} ${DIR2}
mkdir ${DIR} ${DIR2}
}
verbose "$tid: simple copy local file to local file"
scpclean
$SCP $scpopts ${DATA} ${COPY} || fail "copy failed"
cmp ${DATA} ${COPY} || fail "corrupted copy"
verbose "$tid: simple copy local file to remote file"
scpclean
$SCP $scpopts ${DATA} somehost:${COPY} || fail "copy failed"
cmp ${DATA} ${COPY} || fail "corrupted copy"
verbose "$tid: simple copy remote file to local file"
scpclean
$SCP $scpopts somehost:${DATA} ${COPY} || fail "copy failed"
cmp ${DATA} ${COPY} || fail "corrupted copy"
verbose "$tid: simple copy local file to remote dir"
scpclean
cp ${DATA} ${COPY}
$SCP $scpopts ${COPY} somehost:${DIR} || fail "copy failed"
cmp ${COPY} ${DIR}/copy || fail "corrupted copy"
verbose "$tid: simple copy local file to local dir"
scpclean
cp ${DATA} ${COPY}
$SCP $scpopts ${COPY} ${DIR} || fail "copy failed"
cmp ${COPY} ${DIR}/copy || fail "corrupted copy"
verbose "$tid: simple copy remote file to local dir"
scpclean
cp ${DATA} ${COPY}
$SCP $scpopts somehost:${COPY} ${DIR} || fail "copy failed"
cmp ${COPY} ${DIR}/copy || fail "corrupted copy"
verbose "$tid: recursive local dir to remote dir"
scpclean
rm -rf ${DIR2}
cp ${DATA} ${DIR}/copy
$SCP $scpopts -r ${DIR} somehost:${DIR2} || fail "copy failed"
diff ${DIFFOPT} ${DIR} ${DIR2} || fail "corrupted copy"
verbose "$tid: recursive local dir to local dir"
scpclean
rm -rf ${DIR2}
cp ${DATA} ${DIR}/copy
$SCP $scpopts -r ${DIR} ${DIR2} || fail "copy failed"
diff ${DIFFOPT} ${DIR} ${DIR2} || fail "corrupted copy"
verbose "$tid: recursive remote dir to local dir"
scpclean
rm -rf ${DIR2}
cp ${DATA} ${DIR}/copy
$SCP $scpopts -r somehost:${DIR} ${DIR2} || fail "copy failed"
diff ${DIFFOPT} ${DIR} ${DIR2} || fail "corrupted copy"
verbose "$tid: shell metacharacters"
scpclean
(cd ${DIR} && \
touch '`touch metachartest`' && \
$SCP $scpopts *metachar* ${DIR2} 2>/dev/null; \
[ ! -f metachartest ] ) || fail "shell metacharacters"
if [ ! -z "$SUDO" ]; then
verbose "$tid: skipped file after scp -p with failed chown+utimes"
scpclean
cp -p ${DATA} ${DIR}/copy
cp -p ${DATA} ${DIR}/copy2
cp ${DATA} ${DIR2}/copy
chmod 660 ${DIR2}/copy
$SUDO chown root ${DIR2}/copy
$SCP -p $scpopts somehost:${DIR}/\* ${DIR2} >/dev/null 2>&1
$SUDO diff ${DIFFOPT} ${DIR} ${DIR2} || fail "corrupted copy"
$SUDO rm ${DIR2}/copy
fi
for i in 0 1 2 3 4; do
verbose "$tid: disallow bad server #$i"
SCPTESTMODE=badserver_$i
export DIR SCPTESTMODE
scpclean
$SCP $scpopts somehost:${DATA} ${DIR} >/dev/null 2>/dev/null
[ -d {$DIR}/rootpathdir ] && fail "allows dir relative to root dir"
[ -d ${DIR}/dotpathdir ] && fail "allows dir creation in non-recursive mode"
scpclean
$SCP -r $scpopts somehost:${DATA} ${DIR2} >/dev/null 2>/dev/null
[ -d ${DIR}/dotpathdir ] && fail "allows dir creation outside of subdir"
done
verbose "$tid: detect non-directory target"
scpclean
echo a > ${COPY}
echo b > ${COPY2}
$SCP $scpopts ${DATA} ${COPY} ${COPY2}
cmp ${COPY} ${COPY2} >/dev/null && fail "corrupt target"
scpclean
rm -f ${OBJ}/scp-ssh-wrapper.scp

78
crypto/openssh/regress/sftp-badcmds.sh
View File

@ -1,78 +0,0 @@
# $OpenBSD: sftp-badcmds.sh,v 1.2 2003/05/15 04:07:12 mouring Exp $
# Placed in the Public Domain.
tid="sftp invalid commands"
DATA=/bin/ls${EXEEXT}
DATA2=/bin/sh${EXEEXT}
NONEXIST=/NONEXIST.$$
COPY=${OBJ}/copy
GLOBFILES=`(cd /bin;echo l*)`
rm -rf ${COPY} ${COPY}.1 ${COPY}.2 ${COPY}.dd
rm -f ${COPY}
verbose "$tid: get nonexistent"
echo "get $NONEXIST $COPY" | ${SFTP} -P ${SFTPSERVER} >/dev/null 2>&1 \
|| fail "get nonexistent failed"
test -f ${COPY} && fail "existing copy after get nonexistent"
rm -f ${COPY}.dd/*
verbose "$tid: glob get to nonexistent directory"
echo "get /bin/l* $NONEXIST" | ${SFTP} -P ${SFTPSERVER} >/dev/null 2>&1 \
|| fail "get nonexistent failed"
for x in $GLOBFILES; do
test -f ${COPY}.dd/$x && fail "existing copy after get nonexistent"
done
rm -f ${COPY}
verbose "$tid: put nonexistent"
echo "put $NONEXIST $COPY" | ${SFTP} -P ${SFTPSERVER} >/dev/null 2>&1 \
|| fail "put nonexistent failed"
test -f ${COPY} && fail "existing copy after put nonexistent"
rm -f ${COPY}.dd/*
verbose "$tid: glob put to nonexistent directory"
echo "put /bin/l* ${COPY}.dd" | ${SFTP} -P ${SFTPSERVER} >/dev/null 2>&1 \
|| fail "put nonexistent failed"
for x in $GLOBFILES; do
test -f ${COPY}.dd/$x && fail "existing copy after nonexistent"
done
rm -f ${COPY}
verbose "$tid: rename nonexistent"
echo "rename $NONEXIST ${COPY}.1" | ${SFTP} -P ${SFTPSERVER} >/dev/null 2>&1 \
|| fail "rename nonexist failed"
test -f ${COPY}.1 && fail "file exists after rename nonexistent"
rm -f ${COPY} ${COPY}.1
cp $DATA $COPY
cp $DATA2 ${COPY}.1
verbose "$tid: rename target exists"
echo "rename $COPY ${COPY}.1" | ${SFTP} -P ${SFTPSERVER} >/dev/null 2>&1 \
|| fail "rename target exists failed"
test -f ${COPY} || fail "oldname missing after rename target exists"
test -f ${COPY}.1 || fail "newname missing after rename target exists"
cmp $DATA ${COPY} >/dev/null 2>&1 || fail "corrupted oldname after rename target exists"
cmp $DATA2 ${COPY}.1 >/dev/null 2>&1 || fail "corrupted newname after rename target exists"
rm -rf ${COPY} ${COPY}.dd
cp $DATA $COPY
mkdir ${COPY}.dd
verbose "$tid: rename target exists (directory)"
echo "rename $COPY ${COPY}.dd" | ${SFTP} -P ${SFTPSERVER} >/dev/null 2>&1 \
|| fail "rename target exists (directory) failed"
test -f ${COPY} || fail "oldname missing after rename target exists (directory)"
test -d ${COPY}.dd || fail "newname missing after rename target exists (directory)"
cmp $DATA ${COPY} >/dev/null 2>&1 || fail "corrupted oldname after rename target exists (directory)"
rm -f ${COPY}.dd/*
rm -rf ${COPY}
cp ${DATA2} ${COPY}
verbose "$tid: glob put files to local file"
echo "put /bin/l* $COPY" | ${SFTP} -P ${SFTPSERVER} >/dev/null 2>&1
cmp ${DATA2} ${COPY} || fail "put successed when it should have failed"
rm -rf ${COPY} ${COPY}.1 ${COPY}.2 ${COPY}.dd

57
crypto/openssh/regress/sftp-batch.sh
View File

@ -1,57 +0,0 @@
# $OpenBSD: sftp-batch.sh,v 1.3 2004/01/13 09:49:06 djm Exp $
# Placed in the Public Domain.
tid="sftp batchfile"
DATA=/bin/ls${EXEEXT}
COPY=${OBJ}/copy
BATCH=${OBJ}/sftp.bb
rm -rf ${COPY} ${COPY}.1 ${COPY}.2 ${COPY}.dd ${BATCH}.*
cat << EOF > ${BATCH}.pass.1
get $DATA $COPY
put ${COPY} ${COPY}.1
rm ${COPY}
-put ${COPY} ${COPY}.2
EOF
cat << EOF > ${BATCH}.pass.2
# This is a comment
# That was a blank line
ls
EOF
cat << EOF > ${BATCH}.fail.1
get $DATA $COPY
put ${COPY} ${COPY}.3
rm ${COPY}.*
# The next command should fail
put ${COPY}.3 ${COPY}.4
EOF
cat << EOF > ${BATCH}.fail.2
# The next command should fail
jajajajaja
EOF
verbose "$tid: good commands"
${SFTP} -b ${BATCH}.pass.1 -P ${SFTPSERVER} >/dev/null 2>&1 \
|| fail "good commands failed"
verbose "$tid: bad commands"
${SFTP} -b ${BATCH}.fail.1 -P ${SFTPSERVER} >/dev/null 2>&1 \
&& fail "bad commands succeeded"
verbose "$tid: comments and blanks"
${SFTP} -b ${BATCH}.pass.2 -P ${SFTPSERVER} >/dev/null 2>&1 \
|| fail "comments & blanks failed"
verbose "$tid: junk command"
${SFTP} -b ${BATCH}.fail.2 -P ${SFTPSERVER} >/dev/null 2>&1 \
&& fail "junk command succeeded"
rm -rf ${COPY} ${COPY}.1 ${COPY}.2 ${COPY}.dd ${BATCH}.*

211
crypto/openssh/regress/sftp-cmds.sh
View File

@ -1,211 +0,0 @@
# $OpenBSD: sftp-cmds.sh,v 1.6 2003/10/07 07:04:52 djm Exp $
# Placed in the Public Domain.
# XXX - TODO:
# - chmod / chown / chgrp
# - -p flag for get & put
tid="sftp commands"
DATA=/bin/ls${EXEEXT}
COPY=${OBJ}/copy
# test that these files are readable!
for i in `(cd /bin;echo l*)`
do
if [ -r $i ]; then
GLOBFILES="$GLOBFILES $i"
fi
done
if have_prog uname
then
case `uname` in
CYGWIN*)
os=cygwin
;;
*)
os=`uname`
;;
esac
else
os="unknown"
fi
# Path with embedded quote
QUOTECOPY=${COPY}".\"blah\""
QUOTECOPY_ARG=${COPY}'.\"blah\"'
rm -rf ${COPY} ${COPY}.1 ${COPY}.2 ${COPY}.dd ${COPY}.dd2
mkdir ${COPY}.dd
verbose "$tid: lls"
echo "lls ${OBJ}" | ${SFTP} -P ${SFTPSERVER} >/dev/null 2>&1 \
|| fail "lls failed"
# XXX always successful
verbose "$tid: ls"
echo "ls ${OBJ}" | ${SFTP} -P ${SFTPSERVER} >/dev/null 2>&1 \
|| fail "ls failed"
# XXX always successful
verbose "$tid: shell"
echo "!echo hi there" | ${SFTP} -P ${SFTPSERVER} >/dev/null 2>&1 \
|| fail "shell failed"
# XXX always successful
verbose "$tid: pwd"
echo "pwd" | ${SFTP} -P ${SFTPSERVER} >/dev/null 2>&1 \
|| fail "pwd failed"
# XXX always successful
verbose "$tid: lpwd"
echo "lpwd" | ${SFTP} -P ${SFTPSERVER} >/dev/null 2>&1 \
|| fail "lpwd failed"
# XXX always successful
verbose "$tid: quit"
echo "quit" | ${SFTP} -P ${SFTPSERVER} >/dev/null 2>&1 \
|| fail "quit failed"
# XXX always successful
verbose "$tid: help"
echo "help" | ${SFTP} -P ${SFTPSERVER} >/dev/null 2>&1 \
|| fail "help failed"
# XXX always successful
rm -f ${COPY}
verbose "$tid: get"
echo "get $DATA $COPY" | ${SFTP} -P ${SFTPSERVER} >/dev/null 2>&1 \
|| fail "get failed"
cmp $DATA ${COPY} || fail "corrupted copy after get"
rm -f ${COPY}
verbose "$tid: get quoted"
echo "get \"$DATA\" $COPY" | ${SFTP} -P ${SFTPSERVER} >/dev/null 2>&1 \
|| fail "get failed"
cmp $DATA ${COPY} || fail "corrupted copy after get"
if [ "$os" != "cygwin" ]; then
rm -f ${QUOTECOPY}
cp $DATA ${QUOTECOPY}
verbose "$tid: get filename with quotes"
echo "get \"$QUOTECOPY_ARG\" ${COPY}" | ${SFTP} -P ${SFTPSERVER} >/dev/null 2>&1 \
|| fail "put failed"
cmp ${COPY} ${QUOTECOPY} || fail "corrupted copy after get with quotes"
rm -f ${QUOTECOPY} ${COPY}
fi
rm -f ${COPY}.dd/*
verbose "$tid: get to directory"
echo "get $DATA ${COPY}.dd" | ${SFTP} -P ${SFTPSERVER} >/dev/null 2>&1 \
|| fail "get failed"
cmp $DATA ${COPY}.dd/`basename $DATA` || fail "corrupted copy after get"
rm -f ${COPY}.dd/*
verbose "$tid: glob get to directory"
echo "get /bin/l* ${COPY}.dd" | ${SFTP} -P ${SFTPSERVER} >/dev/null 2>&1 \
|| fail "get failed"
for x in $GLOBFILES; do
cmp /bin/$x ${COPY}.dd/$x || fail "corrupted copy after get"
done
rm -f ${COPY}.dd/*
verbose "$tid: get to local dir"
(echo "lcd ${COPY}.dd"; echo "get $DATA" ) | ${SFTP} -P ${SFTPSERVER} >/dev/null 2>&1 \
|| fail "get failed"
cmp $DATA ${COPY}.dd/`basename $DATA` || fail "corrupted copy after get"
rm -f ${COPY}.dd/*
verbose "$tid: glob get to local dir"
(echo "lcd ${COPY}.dd"; echo "get /bin/l*") | ${SFTP} -P ${SFTPSERVER} >/dev/null 2>&1 \
|| fail "get failed"
for x in $GLOBFILES; do
cmp /bin/$x ${COPY}.dd/$x || fail "corrupted copy after get"
done
rm -f ${COPY}
verbose "$tid: put"
echo "put $DATA $COPY" | ${SFTP} -P ${SFTPSERVER} >/dev/null 2>&1 \
|| fail "put failed"
cmp $DATA ${COPY} || fail "corrupted copy after put"
if [ "$os" != "cygwin" ]; then
rm -f ${QUOTECOPY}
verbose "$tid: put filename with quotes"
echo "put $DATA \"$QUOTECOPY_ARG\"" | ${SFTP} -P ${SFTPSERVER} >/dev/null 2>&1 \
|| fail "put failed"
cmp $DATA ${QUOTECOPY} || fail "corrupted copy after put with quotes"
fi
rm -f ${COPY}.dd/*
verbose "$tid: put to directory"
echo "put $DATA ${COPY}.dd" | ${SFTP} -P ${SFTPSERVER} >/dev/null 2>&1 \
|| fail "put failed"
cmp $DATA ${COPY}.dd/`basename $DATA` || fail "corrupted copy after put"
rm -f ${COPY}.dd/*
verbose "$tid: glob put to directory"
echo "put /bin/l* ${COPY}.dd" | ${SFTP} -P ${SFTPSERVER} >/dev/null 2>&1 \
|| fail "put failed"
for x in $GLOBFILES; do
cmp /bin/$x ${COPY}.dd/$x || fail "corrupted copy after put"
done
rm -f ${COPY}.dd/*
verbose "$tid: put to local dir"
(echo "cd ${COPY}.dd"; echo "put $DATA") | ${SFTP} -P ${SFTPSERVER} >/dev/null 2>&1 \
|| fail "put failed"
cmp $DATA ${COPY}.dd/`basename $DATA` || fail "corrupted copy after put"
rm -f ${COPY}.dd/*
verbose "$tid: glob put to local dir"
(echo "cd ${COPY}.dd"; echo "put /bin/l*") | ${SFTP} -P ${SFTPSERVER} >/dev/null 2>&1 \
|| fail "put failed"
for x in $GLOBFILES; do
cmp /bin/$x ${COPY}.dd/$x || fail "corrupted copy after put"
done
verbose "$tid: rename"
echo "rename $COPY ${COPY}.1" | ${SFTP} -P ${SFTPSERVER} >/dev/null 2>&1 \
|| fail "rename failed"
test -f ${COPY}.1 || fail "missing file after rename"
cmp $DATA ${COPY}.1 >/dev/null 2>&1 || fail "corrupted copy after rename"
verbose "$tid: rename directory"
echo "rename ${COPY}.dd ${COPY}.dd2" | ${SFTP} -P ${SFTPSERVER} >/dev/null 2>&1 \
|| fail "rename directory failed"
test -d ${COPY}.dd && fail "oldname exists after rename directory"
test -d ${COPY}.dd2 || fail "missing newname after rename directory"
verbose "$tid: ln"
echo "ln ${COPY}.1 ${COPY}.2" | ${SFTP} -P ${SFTPSERVER} >/dev/null 2>&1 || fail "ln failed"
test -h ${COPY}.2 || fail "missing file after ln"
verbose "$tid: mkdir"
echo "mkdir ${COPY}.dd" | ${SFTP} -P ${SFTPSERVER} >/dev/null 2>&1 \
|| fail "mkdir failed"
test -d ${COPY}.dd || fail "missing directory after mkdir"
# XXX do more here
verbose "$tid: chdir"
echo "chdir ${COPY}.dd" | ${SFTP} -P ${SFTPSERVER} >/dev/null 2>&1 \
|| fail "chdir failed"
verbose "$tid: rmdir"
echo "rmdir ${COPY}.dd" | ${SFTP} -P ${SFTPSERVER} >/dev/null 2>&1 \
|| fail "rmdir failed"
test -d ${COPY}.1 && fail "present directory after rmdir"
verbose "$tid: lmkdir"
echo "lmkdir ${COPY}.dd" | ${SFTP} -P ${SFTPSERVER} >/dev/null 2>&1 \
|| fail "lmkdir failed"
test -d ${COPY}.dd || fail "missing directory after lmkdir"
# XXX do more here
verbose "$tid: lchdir"
echo "lchdir ${COPY}.dd" | ${SFTP} -P ${SFTPSERVER} >/dev/null 2>&1 \
|| fail "lchdir failed"
rm -rf ${COPY} ${COPY}.1 ${COPY}.2 ${COPY}.dd ${COPY}.dd2

28
crypto/openssh/regress/sftp-glob.sh
View File

@ -1,28 +0,0 @@
# $OpenBSD: sftp-glob.sh,v 1.1 2004/12/10 01:31:30 fgsch Exp $
# Placed in the Public Domain.
tid="sftp glob"
BASE=${OBJ}/glob
DIR=${BASE}/dir
DATA=${DIR}/file
rm -rf ${BASE}
mkdir -p ${DIR}
touch ${DATA}
verbose "$tid: ls file"
echo "ls -l ${DIR}/fil*" | ${SFTP} -P ${SFTPSERVER} 2>/dev/null | \
grep ${DATA} >/dev/null 2>&1
if [ $? -ne 0 ]; then
fail "globbed ls file failed"
fi
verbose "$tid: ls dir"
echo "ls -l ${BASE}/d*" | ${SFTP} -P ${SFTPSERVER} 2>/dev/null | \
grep file >/dev/null 2>&1
if [ $? -ne 0 ]; then
fail "globbed ls dir failed"
fi
rm -rf ${BASE}

35
crypto/openssh/regress/sftp.sh
View File

@ -1,35 +0,0 @@
# $OpenBSD: sftp.sh,v 1.2 2002/03/27 22:39:52 markus Exp $
# Placed in the Public Domain.
tid="basic sftp put/get"
DATA=/bin/ls${EXEEXT}
COPY=${OBJ}/copy
SFTPCMDFILE=${OBJ}/batch
cat >$SFTPCMDFILE <<EOF
version
get $DATA ${COPY}.1
put $DATA ${COPY}.2
EOF
BUFFERSIZE="5 1000 32000 64000"
REQUESTS="1 2 10"
for B in ${BUFFERSIZE}; do
for R in ${REQUESTS}; do
verbose "test $tid: buffer_size $B num_requests $R"
rm -f ${COPY}.1 ${COPY}.2
${SFTP} -P ${SFTPSERVER} -B $B -R $R -b $SFTPCMDFILE \
> /dev/null 2>&1
r=$?
if [ $r -ne 0 ]; then
fail "sftp failed with $r"
else
cmp $DATA ${COPY}.1 || fail "corrupted copy after get"
cmp $DATA ${COPY}.2 || fail "corrupted copy after put"
fi
done
done
rm -f ${COPY}.1 ${COPY}.2
rm -f $SFTPCMDFILE

134
crypto/openssh/regress/ssh-com-client.sh
View File

@ -1,134 +0,0 @@
# $OpenBSD: ssh-com-client.sh,v 1.6 2004/02/24 17:06:52 markus Exp $
# Placed in the Public Domain.
tid="connect with ssh.com client"
#TEST_COMBASE=/path/to/ssh/com/binaries
if [ "X${TEST_COMBASE}" = "X" ]; then
fatal '$TEST_COMBASE is not set'
fi
VERSIONS="
2.1.0
2.2.0
2.3.0
2.3.1
2.4.0
3.0.0
3.1.0
3.2.0
3.2.2
3.2.3
3.2.5
3.2.9
3.2.9.1
3.3.0"
# 2.0.10 2.0.12 2.0.13 don't like the test setup
# setup authorized keys
SRC=`dirname ${SCRIPT}`
cp ${SRC}/dsa_ssh2.prv ${OBJ}/id.com
chmod 600 ${OBJ}/id.com
${SSHKEYGEN} -i -f ${OBJ}/id.com > $OBJ/id.openssh
chmod 600 ${OBJ}/id.openssh
${SSHKEYGEN} -y -f ${OBJ}/id.openssh > $OBJ/authorized_keys_$USER
${SSHKEYGEN} -e -f ${OBJ}/id.openssh > $OBJ/id.com.pub
echo IdKey ${OBJ}/id.com > ${OBJ}/id.list
# we need a DSA host key
t=dsa
rm -f ${OBJ}/$t ${OBJ}/$t.pub
${SSHKEYGEN} -q -N '' -t $t -f ${OBJ}/$t
$SUDO cp $OBJ/$t $OBJ/host.$t
echo HostKey $OBJ/host.$t >> $OBJ/sshd_config
# add hostkeys to known hosts
mkdir -p ${OBJ}/${USER}/hostkeys
HK=${OBJ}/${USER}/hostkeys/key_${PORT}_127.0.0.1
${SSHKEYGEN} -e -f ${OBJ}/rsa.pub > ${HK}.ssh-rsa.pub
${SSHKEYGEN} -e -f ${OBJ}/dsa.pub > ${HK}.ssh-dss.pub
cat > ${OBJ}/ssh2_config << EOF
*:
QuietMode yes
StrictHostKeyChecking yes
Port ${PORT}
User ${USER}
Host 127.0.0.1
IdentityFile ${OBJ}/id.list
RandomSeedFile ${OBJ}/random_seed
UserConfigDirectory ${OBJ}/%U
AuthenticationSuccessMsg no
BatchMode yes
ForwardX11 no
EOF
# we need a real server (no ProxyConnect option)
start_sshd
DATA=/bin/ls${EXEEXT}
COPY=${OBJ}/copy
rm -f ${COPY}
# go for it
for v in ${VERSIONS}; do
ssh2=${TEST_COMBASE}/${v}/ssh2
if [ ! -x ${ssh2} ]; then
continue
fi
verbose "ssh2 ${v}"
key=ssh-dss
skipcat=0
case $v in
2.1.*|2.3.0)
skipcat=1
;;
3.0.*)
key=ssh-rsa
;;
esac
cp ${HK}.$key.pub ${HK}.pub
# check exit status
${ssh2} -q -F ${OBJ}/ssh2_config somehost exit 42
r=$?
if [ $r -ne 42 ]; then
fail "ssh2 ${v} exit code test failed (got $r, expected 42)"
fi
# data transfer
rm -f ${COPY}
${ssh2} -F ${OBJ}/ssh2_config somehost cat ${DATA} > ${COPY}
if [ $? -ne 0 ]; then
fail "ssh2 ${v} cat test (receive) failed"
fi
cmp ${DATA} ${COPY} || fail "ssh2 ${v} cat test (receive) data mismatch"
# data transfer, again
if [ $skipcat -eq 0 ]; then
rm -f ${COPY}
cat ${DATA} | \
${ssh2} -F ${OBJ}/ssh2_config host "cat > ${COPY}"
if [ $? -ne 0 ]; then
fail "ssh2 ${v} cat test (send) failed"
fi
cmp ${DATA} ${COPY} || \
fail "ssh2 ${v} cat test (send) data mismatch"
fi
# no stderr after eof
rm -f ${COPY}
${ssh2} -F ${OBJ}/ssh2_config somehost \
exec sh -c \'"exec > /dev/null; sleep 1; echo bla 1>&2; exit 0"\' \
2> /dev/null
if [ $? -ne 0 ]; then
fail "ssh2 ${v} stderr test failed"
fi
done
rm -rf ${OBJ}/${USER}
for i in ssh2_config random_seed dsa.pub dsa host.dsa \
id.list id.com id.com.pub id.openssh; do
rm -f ${OBJ}/$i
done

74
crypto/openssh/regress/ssh-com-keygen.sh
View File

@ -1,74 +0,0 @@
# $OpenBSD: ssh-com-keygen.sh,v 1.4 2004/02/24 17:06:52 markus Exp $
# Placed in the Public Domain.
tid="ssh.com key import"
#TEST_COMBASE=/path/to/ssh/com/binaries
if [ "X${TEST_COMBASE}" = "X" ]; then
fatal '$TEST_COMBASE is not set'
fi
VERSIONS="
2.0.10
2.0.12
2.0.13
2.1.0
2.2.0
2.3.0
2.3.1
2.4.0
3.0.0
3.1.0
3.2.0
3.2.2
3.2.3
3.2.5
3.2.9
3.2.9.1
3.3.0"
COMPRV=${OBJ}/comkey
COMPUB=${COMPRV}.pub
OPENSSHPRV=${OBJ}/opensshkey
OPENSSHPUB=${OPENSSHPRV}.pub
# go for it
for v in ${VERSIONS}; do
keygen=${TEST_COMBASE}/${v}/ssh-keygen2
if [ ! -x ${keygen} ]; then
continue
fi
types="dss"
case $v in
2.3.1|3.*)
types="$types rsa"
;;
esac
for t in $types; do
verbose "ssh-keygen $v/$t"
rm -f $COMPRV $COMPUB $OPENSSHPRV $OPENSSHPUB
${keygen} -q -P -t $t ${COMPRV} > /dev/null 2>&1
if [ $? -ne 0 ]; then
fail "${keygen} -t $t failed"
continue
fi
${SSHKEYGEN} -if ${COMPUB} > ${OPENSSHPUB}
if [ $? -ne 0 ]; then
fail "import public key ($v/$t) failed"
continue
fi
${SSHKEYGEN} -if ${COMPRV} > ${OPENSSHPRV}
if [ $? -ne 0 ]; then
fail "import private key ($v/$t) failed"
continue
fi
chmod 600 ${OPENSSHPRV}
${SSHKEYGEN} -yf ${OPENSSHPRV} |\
diff - ${OPENSSHPUB}
if [ $? -ne 0 ]; then
fail "public keys ($v/$t) differ"
fi
done
done
rm -f $COMPRV $COMPUB $OPENSSHPRV $OPENSSHPUB

67
crypto/openssh/regress/ssh-com-sftp.sh
View File

@ -1,67 +0,0 @@
# $OpenBSD: ssh-com-sftp.sh,v 1.5 2004/02/24 17:06:52 markus Exp $
# Placed in the Public Domain.
tid="basic sftp put/get with ssh.com server"
DATA=/bin/ls${EXEEXT}
COPY=${OBJ}/copy
SFTPCMDFILE=${OBJ}/batch
cat >$SFTPCMDFILE <<EOF
version
get $DATA ${COPY}.1
put $DATA ${COPY}.2
EOF
BUFFERSIZE="5 1000 32000 64000"
REQUESTS="1 2 10"
#TEST_COMBASE=/path/to/ssh/com/binaries
if [ "X${TEST_COMBASE}" = "X" ]; then
fatal '$TEST_COMBASE is not set'
fi
VERSIONS="
2.0.10
2.0.12
2.0.13
2.1.0
2.2.0
2.3.0
2.3.1
2.4.0
3.0.0
3.1.0
3.2.0
3.2.2
3.2.3
3.2.5
3.2.9
3.2.9.1
3.3.0"
# go for it
for v in ${VERSIONS}; do
server=${TEST_COMBASE}/${v}/sftp-server2
if [ ! -x ${server} ]; then
continue
fi
verbose "sftp-server $v"
for B in ${BUFFERSIZE}; do
for R in ${REQUESTS}; do
verbose "test $tid: buffer_size $B num_requests $R"
rm -f ${COPY}.1 ${COPY}.2
${SFTP} -P ${server} -B $B -R $R -b $SFTPCMDFILE \
> /dev/null 2>&1
r=$?
if [ $r -ne 0 ]; then
fail "sftp failed with $r"
else
cmp $DATA ${COPY}.1 || fail "corrupted copy after get"
cmp $DATA ${COPY}.2 || fail "corrupted copy after put"
fi
done
done
done
rm -f ${COPY}.1 ${COPY}.2
rm -f $SFTPCMDFILE

119
crypto/openssh/regress/ssh-com.sh
View File

@ -1,119 +0,0 @@
# $OpenBSD: ssh-com.sh,v 1.7 2004/02/24 17:06:52 markus Exp $
# Placed in the Public Domain.
tid="connect to ssh.com server"
#TEST_COMBASE=/path/to/ssh/com/binaries
if [ "X${TEST_COMBASE}" = "X" ]; then
fatal '$TEST_COMBASE is not set'
fi
VERSIONS="
2.0.12
2.0.13
2.1.0
2.2.0
2.3.0
2.4.0
3.0.0
3.1.0
3.2.0
3.2.2
3.2.3
3.2.5
3.2.9
3.2.9.1
3.3.0"
# 2.0.10 does not support UserConfigDirectory
# 2.3.1 requires a config in $HOME/.ssh2
SRC=`dirname ${SCRIPT}`
# ssh.com
cat << EOF > $OBJ/sshd2_config
#*:
# Port and ListenAddress are not used.
QuietMode yes
Port 4343
ListenAddress 127.0.0.1
UserConfigDirectory ${OBJ}/%U
Ciphers AnyCipher
PubKeyAuthentication yes
#AllowedAuthentications publickey
AuthorizationFile authorization
HostKeyFile ${SRC}/dsa_ssh2.prv
PublicHostKeyFile ${SRC}/dsa_ssh2.pub
RandomSeedFile ${OBJ}/random_seed
MaxConnections 0
PermitRootLogin yes
VerboseMode no
CheckMail no
Ssh1Compatibility no
EOF
# create client config
sed "s/HostKeyAlias.*/HostKeyAlias ssh2-localhost-with-alias/" \
< $OBJ/ssh_config > $OBJ/ssh_config_com
# we need a DSA key for
rm -f ${OBJ}/dsa ${OBJ}/dsa.pub
${SSHKEYGEN} -q -N '' -t dsa -f ${OBJ}/dsa
# setup userdir, try rsa first
mkdir -p ${OBJ}/${USER}
cp /dev/null ${OBJ}/${USER}/authorization
for t in rsa dsa; do
${SSHKEYGEN} -e -f ${OBJ}/$t.pub > ${OBJ}/${USER}/$t.com
echo Key $t.com >> ${OBJ}/${USER}/authorization
echo IdentityFile ${OBJ}/$t >> ${OBJ}/ssh_config_com
done
# convert and append DSA hostkey
(
echon 'ssh2-localhost-with-alias,127.0.0.1,::1 '
${SSHKEYGEN} -if ${SRC}/dsa_ssh2.pub
) >> $OBJ/known_hosts
# go for it
for v in ${VERSIONS}; do
sshd2=${TEST_COMBASE}/${v}/sshd2
if [ ! -x ${sshd2} ]; then
continue
fi
trace "sshd2 ${v}"
PROXY="proxycommand ${sshd2} -qif ${OBJ}/sshd2_config 2> /dev/null"
${SSH} -qF ${OBJ}/ssh_config_com -o "${PROXY}" dummy exit 0
if [ $? -ne 0 ]; then
fail "ssh connect to sshd2 ${v} failed"
fi
ciphers="3des-cbc blowfish-cbc arcfour"
macs="hmac-md5"
case $v in
2.4.*)
ciphers="$ciphers cast128-cbc"
macs="$macs hmac-sha1 hmac-sha1-96 hmac-md5-96"
;;
3.*)
ciphers="$ciphers aes128-cbc cast128-cbc"
macs="$macs hmac-sha1 hmac-sha1-96 hmac-md5-96"
;;
esac
#ciphers="3des-cbc"
for m in $macs; do
for c in $ciphers; do
trace "sshd2 ${v} cipher $c mac $m"
verbose "test ${tid}: sshd2 ${v} cipher $c mac $m"
${SSH} -c $c -m $m -qF ${OBJ}/ssh_config_com -o "${PROXY}" dummy exit 0
if [ $? -ne 0 ]; then
fail "ssh connect to sshd2 ${v} with $c/$m failed"
fi
done
done
done
rm -rf ${OBJ}/${USER}
for i in sshd_config_proxy ssh_config_proxy random_seed \
sshd2_config dsa.pub dsa ssh_config_com; do
rm -f ${OBJ}/$i
done

13
crypto/openssh/regress/sshd-log-wrapper.sh
View File

@ -1,13 +0,0 @@
#!/bin/sh
# $OpenBSD: sshd-log-wrapper.sh,v 1.2 2005/02/27 11:40:30 dtucker Exp $
# Placed in the Public Domain.
#
# simple wrapper for sshd proxy mode to catch stderr output
# sh sshd-log-wrapper.sh /path/to/sshd /path/to/logfile
sshd=$1
log=$2
shift
shift
exec $sshd $@ -e 2>>$log

40
crypto/openssh/regress/stderr-after-eof.sh
View File

@ -1,40 +0,0 @@
# $OpenBSD: stderr-after-eof.sh,v 1.1 2002/03/23 16:38:09 markus Exp $
# Placed in the Public Domain.
tid="stderr data after eof"
DATA=/etc/motd
DATA=${OBJ}/data
COPY=${OBJ}/copy
if have_prog md5sum; then
CHECKSUM=md5sum
elif have_prog openssl; then
CHECKSUM="openssl md5"
elif have_prog cksum; then
CHECKSUM=cksum
elif have_prog sum; then
CHECKSUM=sum
else
fatal "No checksum program available, aborting $tid test"
fi
# setup data
rm -f ${DATA} ${COPY}
cp /dev/null ${DATA}
for i in 1 2 3 4 5 6; do
(date;echo $i) | $CHECKSUM >> ${DATA}
done
${SSH} -2 -F $OBJ/ssh_proxy otherhost \
exec sh -c \'"exec > /dev/null; sleep 2; cat ${DATA} 1>&2 $s"\' \
2> ${COPY}
r=$?
if [ $r -ne 0 ]; then
fail "ssh failed with exit code $r"
fi
egrep 'Disconnecting: Received extended_data after EOF' ${COPY} &&
fail "ext data received after eof"
cmp ${DATA} ${COPY} || fail "stderr corrupt"
rm -f ${DATA} ${COPY}

33
crypto/openssh/regress/stderr-data.sh
View File

@ -1,33 +0,0 @@
# $OpenBSD: stderr-data.sh,v 1.2 2002/03/27 22:39:52 markus Exp $
# Placed in the Public Domain.
tid="stderr data transfer"
DATA=/bin/ls${EXEEXT}
COPY=${OBJ}/copy
rm -f ${COPY}
for n in '' -n; do
for p in 1 2; do
verbose "test $tid: proto $p ($n)"
${SSH} $n -$p -F $OBJ/ssh_proxy otherhost \
exec sh -c \'"exec > /dev/null; sleep 3; cat ${DATA} 1>&2 $s"\' \
2> ${COPY}
r=$?
if [ $r -ne 0 ]; then
fail "ssh failed with exit code $r"
fi
cmp ${DATA} ${COPY} || fail "stderr corrupt"
rm -f ${COPY}
${SSH} $n -$p -F $OBJ/ssh_proxy otherhost \
exec sh -c \'"echo a; exec > /dev/null; sleep 3; cat ${DATA} 1>&2 $s"\' \
> /dev/null 2> ${COPY}
r=$?
if [ $r -ne 0 ]; then
fail "ssh failed with exit code $r"
fi
cmp ${DATA} ${COPY} || fail "stderr corrupt"
rm -f ${COPY}
done
done

1
crypto/openssh/regress/t4.ok
View File

@ -1 +0,0 @@
3b:dd:44:e9:49:18:84:95:f1:e7:33:6b:9d:93:b1:36

1
crypto/openssh/regress/t5.ok
View File

@ -1 +0,0 @@
xokes-lylis-byleh-zebib-kalus-bihas-tevah-haroz-suhar-foved-noxex

307
crypto/openssh/regress/test-exec.sh
View File

@ -1,307 +0,0 @@
# $OpenBSD: test-exec.sh,v 1.28 2005/05/20 23:14:15 djm Exp $
# Placed in the Public Domain.
#SUDO=sudo
# Unbreak GNU head(1)
_POSIX2_VERSION=199209
export _POSIX2_VERSION
case `uname -s 2>/dev/null` in
OSF1*)
BIN_SH=xpg4
export BIN_SH
;;
esac
if [ ! -z "$TEST_SSH_PORT" ]; then
PORT="$TEST_SSH_PORT"
else
PORT=4242
fi
if [ -x /usr/ucb/whoami ]; then
USER=`/usr/ucb/whoami`
elif whoami >/dev/null 2>&1; then
USER=`whoami`
elif logname >/dev/null 2>&1; then
USER=`logname`
else
USER=`id -un`
fi
OBJ=$1
if [ "x$OBJ" = "x" ]; then
echo '$OBJ not defined'
exit 2
fi
if [ ! -d $OBJ ]; then
echo "not a directory: $OBJ"
exit 2
fi
SCRIPT=$2
if [ "x$SCRIPT" = "x" ]; then
echo '$SCRIPT not defined'
exit 2
fi
if [ ! -f $SCRIPT ]; then
echo "not a file: $SCRIPT"
exit 2
fi
if $TEST_SHELL -n $SCRIPT; then
true
else
echo "syntax error in $SCRIPT"
exit 2
fi
unset SSH_AUTH_SOCK
SRC=`dirname ${SCRIPT}`
# defaults
SSH=ssh
SSHD=sshd
SSHAGENT=ssh-agent
SSHADD=ssh-add
SSHKEYGEN=ssh-keygen
SSHKEYSCAN=ssh-keyscan
SFTP=sftp
SFTPSERVER=/usr/libexec/openssh/sftp-server
SCP=scp
if [ "x$TEST_SSH_SSH" != "x" ]; then
SSH="${TEST_SSH_SSH}"
fi
if [ "x$TEST_SSH_SSHD" != "x" ]; then
SSHD="${TEST_SSH_SSHD}"
fi
if [ "x$TEST_SSH_SSHAGENT" != "x" ]; then
SSHAGENT="${TEST_SSH_SSHAGENT}"
fi
if [ "x$TEST_SSH_SSHADD" != "x" ]; then
SSHADD="${TEST_SSH_SSHADD}"
fi
if [ "x$TEST_SSH_SSHKEYGEN" != "x" ]; then
SSHKEYGEN="${TEST_SSH_SSHKEYGEN}"
fi
if [ "x$TEST_SSH_SSHKEYSCAN" != "x" ]; then
SSHKEYSCAN="${TEST_SSH_SSHKEYSCAN}"
fi
if [ "x$TEST_SSH_SFTP" != "x" ]; then
SFTP="${TEST_SSH_SFTP}"
fi
if [ "x$TEST_SSH_SFTPSERVER" != "x" ]; then
SFTPSERVER="${TEST_SSH_SFTPSERVER}"
fi
if [ "x$TEST_SSH_SCP" != "x" ]; then
SCP="${TEST_SSH_SCP}"
fi
# Path to sshd must be absolute for rexec
case "$SSHD" in
/*) ;;
*) SSHD=`which sshd` ;;
esac
if [ "x$TEST_SSH_LOGFILE" = "x" ]; then
TEST_SSH_LOGFILE=/dev/null
fi
# these should be used in tests
export SSH SSHD SSHAGENT SSHADD SSHKEYGEN SSHKEYSCAN SFTP SFTPSERVER SCP
#echo $SSH $SSHD $SSHAGENT $SSHADD $SSHKEYGEN $SSHKEYSCAN $SFTP $SFTPSERVER $SCP
# helper
echon()
{
if [ "x`echo -n`" = "x" ]; then
echo -n "$@"
elif [ "x`echo '\c'`" = "x" ]; then
echo "$@\c"
else
fatal "Don't know how to echo without newline."
fi
}
have_prog()
{
saved_IFS="$IFS"
IFS=":"
for i in $PATH
do
if [ -x $i/$1 ]; then
IFS="$saved_IFS"
return 0
fi
done
IFS="$saved_IFS"
return 1
}
cleanup ()
{
if [ -f $PIDFILE ]; then
pid=`cat $PIDFILE`
if [ "X$pid" = "X" ]; then
echo no sshd running
else
if [ $pid -lt 2 ]; then
echo bad pid for ssd: $pid
else
$SUDO kill $pid
fi
fi
fi
}
trace ()
{
echo "trace: $@" >>$TEST_SSH_LOGFILE
if [ "X$TEST_SSH_TRACE" = "Xyes" ]; then
echo "$@"
fi
}
verbose ()
{
echo "verbose: $@" >>$TEST_SSH_LOGFILE
if [ "X$TEST_SSH_QUIET" != "Xyes" ]; then
echo "$@"
fi
}
fail ()
{
echo "FAIL: $@" >>$TEST_SSH_LOGFILE
RESULT=1
echo "$@"
}
fatal ()
{
echo "FATAL: $@" >>$TEST_SSH_LOGFILE
echon "FATAL: "
fail "$@"
cleanup
exit $RESULT
}
RESULT=0
PIDFILE=$OBJ/pidfile
trap fatal 3 2
# create server config
cat << EOF > $OBJ/sshd_config
StrictModes no
Port $PORT
AddressFamily inet
ListenAddress 127.0.0.1
#ListenAddress ::1
PidFile $PIDFILE
AuthorizedKeysFile $OBJ/authorized_keys_%u
LogLevel VERBOSE
AcceptEnv _XXX_TEST_*
AcceptEnv _XXX_TEST
Subsystem sftp $SFTPSERVER
EOF
if [ ! -z "$TEST_SSH_SSHD_CONFOPTS" ]; then
trace "adding sshd_config option $TEST_SSH_SSHD_CONFOPTS"
echo "$TEST_SSH_SSHD_CONFOPTS" >> $OBJ/sshd_config
fi
# server config for proxy connects
cp $OBJ/sshd_config $OBJ/sshd_proxy
# allow group-writable directories in proxy-mode
echo 'StrictModes no' >> $OBJ/sshd_proxy
# create client config
cat << EOF > $OBJ/ssh_config
Host *
Hostname 127.0.0.1
HostKeyAlias localhost-with-alias
Port $PORT
User $USER
GlobalKnownHostsFile $OBJ/known_hosts
UserKnownHostsFile $OBJ/known_hosts
RSAAuthentication yes
PubkeyAuthentication yes
ChallengeResponseAuthentication no
HostbasedAuthentication no
PasswordAuthentication no
BatchMode yes
StrictHostKeyChecking yes
EOF
if [ ! -z "$TEST_SSH_SSH_CONFOPTS" ]; then
trace "adding ssh_config option $TEST_SSH_SSHD_CONFOPTS"
echo "$TEST_SSH_SSH_CONFOPTS" >> $OBJ/ssh_config
fi
rm -f $OBJ/known_hosts $OBJ/authorized_keys_$USER
trace "generate keys"
for t in rsa rsa1; do
# generate user key
rm -f $OBJ/$t
${SSHKEYGEN} -b 1024 -q -N '' -t $t -f $OBJ/$t ||\
fail "ssh-keygen for $t failed"
# known hosts file for client
(
echon 'localhost-with-alias,127.0.0.1,::1 '
cat $OBJ/$t.pub
) >> $OBJ/known_hosts
# setup authorized keys
cat $OBJ/$t.pub >> $OBJ/authorized_keys_$USER
echo IdentityFile $OBJ/$t >> $OBJ/ssh_config
# use key as host key, too
$SUDO cp $OBJ/$t $OBJ/host.$t
echo HostKey $OBJ/host.$t >> $OBJ/sshd_config
# don't use SUDO for proxy connect
echo HostKey $OBJ/$t >> $OBJ/sshd_proxy
done
chmod 644 $OBJ/authorized_keys_$USER
# create a proxy version of the client config
(
cat $OBJ/ssh_config
echo proxycommand ${SUDO} sh ${SRC}/sshd-log-wrapper.sh ${SSHD} ${TEST_SSH_LOGFILE} -i -f $OBJ/sshd_proxy
) > $OBJ/ssh_proxy
# check proxy config
${SSHD} -t -f $OBJ/sshd_proxy || fatal "sshd_proxy broken"
start_sshd ()
{
# start sshd
$SUDO ${SSHD} -f $OBJ/sshd_config -t || fatal "sshd_config broken"
$SUDO ${SSHD} -f $OBJ/sshd_config -e >>$TEST_SSH_LOGFILE 2>&1
trace "wait for sshd"
i=0;
while [ ! -f $PIDFILE -a $i -lt 10 ]; do
i=`expr $i + 1`
sleep $i
done
test -f $PIDFILE || fatal "no sshd running on port $PORT"
}
# source test body
. $SCRIPT
# kill sshd
cleanup
if [ $RESULT -eq 0 ]; then
verbose ok $tid
else
echo failed $tid
fi
exit $RESULT

29
crypto/openssh/regress/transfer.sh
View File

@ -1,29 +0,0 @@
# $OpenBSD: transfer.sh,v 1.1 2002/03/27 00:03:37 markus Exp $
# Placed in the Public Domain.
tid="transfer data"
DATA=/bin/ls${EXEEXT}
COPY=${OBJ}/copy
for p in 1 2; do
verbose "$tid: proto $p"
rm -f ${COPY}
${SSH} -n -q -$p -F $OBJ/ssh_proxy somehost cat ${DATA} > ${COPY}
if [ $? -ne 0 ]; then
fail "ssh cat $DATA failed"
fi
cmp ${DATA} ${COPY} || fail "corrupted copy"
for s in 10 100 1k 32k 64k 128k 256k; do
trace "proto $p dd-size ${s}"
rm -f ${COPY}
dd if=$DATA obs=${s} 2> /dev/null | \
${SSH} -q -$p -F $OBJ/ssh_proxy somehost "cat > ${COPY}"
if [ $? -ne 0 ]; then
fail "ssh cat $DATA failed"
fi
cmp $DATA ${COPY} || fail "corrupted copy"
done
done
rm -f ${COPY}

49
crypto/openssh/regress/try-ciphers.sh
View File

@ -1,49 +0,0 @@
# $OpenBSD: try-ciphers.sh,v 1.10 2005/05/24 04:10:54 djm Exp $
# Placed in the Public Domain.
tid="try ciphers"
ciphers="aes128-cbc 3des-cbc blowfish-cbc cast128-cbc
arcfour128 arcfour256 arcfour
aes192-cbc aes256-cbc rijndael-cbc@lysator.liu.se
aes128-ctr aes192-ctr aes256-ctr"
macs="hmac-sha1 hmac-md5 hmac-sha1-96 hmac-md5-96"
for c in $ciphers; do
for m in $macs; do
trace "proto 2 cipher $c mac $m"
verbose "test $tid: proto 2 cipher $c mac $m"
${SSH} -F $OBJ/ssh_proxy -2 -m $m -c $c somehost true
if [ $? -ne 0 ]; then
fail "ssh -2 failed with mac $m cipher $c"
fi
done
done
ciphers="3des blowfish"
for c in $ciphers; do
trace "proto 1 cipher $c"
verbose "test $tid: proto 1 cipher $c"
${SSH} -F $OBJ/ssh_proxy -1 -c $c somehost true
if [ $? -ne 0 ]; then
fail "ssh -1 failed with cipher $c"
fi
done
if ${SSH} -oCiphers=acss@openssh.org 2>&1 | grep "Bad SSH2 cipher" >/dev/null
then
:
else
echo "Ciphers acss@openssh.org" >> $OBJ/sshd_proxy
c=acss@openssh.org
for m in $macs; do
trace "proto 2 $c mac $m"
verbose "test $tid: proto 2 cipher $c mac $m"
${SSH} -F $OBJ/ssh_proxy -2 -m $m -c $c somehost true
if [ $? -ne 0 ]; then
fail "ssh -2 failed with mac $m cipher $c"
fi
done
fi

15
crypto/openssh/regress/yes-head.sh
View File

@ -1,15 +0,0 @@
# $OpenBSD: yes-head.sh,v 1.4 2002/03/15 13:08:56 markus Exp $
# Placed in the Public Domain.
tid="yes pipe head"
for p in 1 2; do
lines=`${SSH} -$p -F $OBJ/ssh_proxy thishost 'sh -c "while true;do echo yes;done | _POSIX2_VERSION=199209 head -2000"' | (sleep 3 ; wc -l)`
if [ $? -ne 0 ]; then
fail "yes|head test failed"
lines = 0;
fi
if [ $lines -ne 2000 ]; then
fail "yes|head returns $lines lines instead of 2000"
fi
done

29
crypto/openssh/scard/Makefile.in
View File

@ -1,29 +0,0 @@
# $Id: Makefile.in,v 1.5 2006/10/23 21:44:47 tim Exp $
prefix=@prefix@
datadir=@datadir@
datarootdir=@datarootdir@
srcdir=@srcdir@
top_srcdir=@top_srcdir@
INSTALL=@INSTALL@
VPATH=@srcdir@
all:
#Ssh.bin: Ssh.bin.uu
# uudecode Ssh.bin.uu
clean:
# rm -rf Ssh.bin
distprep:
uudecode Ssh.bin.uu
distclean: clean
rm -f Makefile *~
install: $(srcdir)/Ssh.bin
$(top_srcdir)/mkinstalldirs $(DESTDIR)$(datadir)
$(INSTALL) -m 0644 $(srcdir)/Ssh.bin $(DESTDIR)$(datadir)/Ssh.bin

BIN
crypto/openssh/scard/Ssh.bin
View File

Binary file not shown.

17
crypto/openssh/scard/Ssh.bin.uu
View File

@ -1,17 +0,0 @@
begin 644 Ssh.bin
M`P)!&P`801X`>``!`E@"`/Y@\`4`_J'P!0!!&T$=`?Z@\`4`01M!'`'^>/,!
M`4$;01X!_G#S%P'^0],1`?Y@\!0`_G/S'0#^<]4``D$;L`4`_F'3``#^8=,%
M`/ZAT`$!_J#0)P'^H],*`?ZCTPD`_G/5"P7^8=,'`OZAT`H`_J#0$@3^:-,@
M`T$;`P`%`/Y@`<P``$$<\@\``$$=\B$``$$>\A```/`0__(%`@8!`0H``&``
M0205!!D)I$L`"0J0`&``*!4$&58``````.P````%____P````.D````0````
M,P```"````#'````,````(T````R````V!4#&0A*``D*;@!@`"@5!QD*`/\]
M(6``1A)*``D*9P!@`"@*/P!@`$LK"1)@`$LK!6``4!P$#00#2@`.#01@`%5@
M`%I@`"@37``>%0@2%0A>`%\($F``9%(`:`H_`&``2RL*<VA@`$LK8`!I"1`U
M(14#`Q)@`&X<!`T$`TL`"P,28`!D4@`.#01@`%5@`%I@`"A2`"X5`PH$`&``
M<RL#!6``9%(`'14#"@$"8`!S*P,%8`!D4@`,4@`)"FT`8``H60``\`+_\@$!
M`0D`"```"I``8``H60#P$__R`0$""0`,``!B01LM7P`\*UD```#P$O_V`0$#
M`0`8```37``>7@`R10`/$UP`'@H`R`D07@`W!%>P!?_R`0$$`@`\```37P``
M$V+^H2U?``5=``H38OZ@+5\`#UT`%!-B_G@M"@0`7P`970`>"@0`8``C10`)
/"F<`8``H$UX`+5D`````
`
end

164
crypto/openssh/scard/Ssh.java
View File

@ -1,164 +0,0 @@
// $Id: Ssh.java,v 1.3 2002/05/22 04:24:02 djm Exp $
//
// Ssh.java
// SSH / smartcard integration project, smartcard side
//
// Tomoko Fukuzawa, created, Feb., 2000
//
// Naomaru Itoi, modified, Apr., 2000
//
// copyright 2000
// the regents of the university of michigan
// all rights reserved
//
// permission is granted to use, copy, create derivative works
// and redistribute this software and such derivative works
// for any purpose, so long as the name of the university of
// michigan is not used in any advertising or publicity
// pertaining to the use or distribution of this software
// without specific, written prior authorization. if the
// above copyright notice or any other identification of the
// university of michigan is included in any copy of any
// portion of this software, then the disclaimer below must
// also be included.
//
// this software is provided as is, without representation
// from the university of michigan as to its fitness for any
// purpose, and without warranty by the university of
// michigan of any kind, either express or implied, including
// without limitation the implied warranties of
// merchantability and fitness for a particular purpose. the
// regents of the university of michigan shall not be liable
// for any damages, including special, indirect, incidental, or
// consequential damages, with respect to any claim arising
// out of or in connection with the use of the software, even
// if it has been or is hereafter advised of the possibility of
// such damages.
import javacard.framework.*;
import javacardx.framework.*;
import javacardx.crypto.*;
public class Ssh extends javacard.framework.Applet
{
// Change this when the applet changes; hi byte is major, low byte is minor
static final short applet_version = (short)0x0102;
/* constants declaration */
// code of CLA byte in the command APDU header
static final byte Ssh_CLA =(byte)0x05;
// codes of INS byte in the command APDU header
static final byte DECRYPT = (byte) 0x10;
static final byte GET_KEYLENGTH = (byte) 0x20;
static final byte GET_PUBKEY = (byte) 0x30;
static final byte GET_VERSION = (byte) 0x32;
static final byte GET_RESPONSE = (byte) 0xc0;
static final short keysize = 1024;
static final short root_fid = (short)0x3f00;
static final short privkey_fid = (short)0x0012;
static final short pubkey_fid = (short)(('s'<<8)|'h');
/* instance variables declaration */
AsymKey rsakey;
CyberflexFile file;
CyberflexOS os;
private Ssh()
{
file = new CyberflexFile();
os = new CyberflexOS();
rsakey = new RSA_CRT_PrivateKey (keysize);
if ( ! rsakey.isSupportedLength (keysize) )
ISOException.throwIt (ISO.SW_WRONG_LENGTH);
register();
} // end of the constructor
public boolean select() {
if (!rsakey.isInitialized())
rsakey.setKeyInstance ((short)0xc8, (short)0x10);
return true;
}
public static void install(APDU apdu)
{
new Ssh(); // create a Ssh applet instance (card)
} // end of install method
public static void main(String args[]) {
ISOException.throwIt((short) 0x9000);
}
public void process(APDU apdu)
{
// APDU object carries a byte array (buffer) to
// transfer incoming and outgoing APDU header
// and data bytes between card and CAD
byte buffer[] = apdu.getBuffer();
short size, st;
// verify that if the applet can accept this
// APDU message
// NI: change suggested by Wayne Dyksen, Purdue
if (buffer[ISO.OFFSET_INS] == ISO.INS_SELECT)
ISOException.throwIt(ISO.SW_NO_ERROR);
switch (buffer[ISO.OFFSET_INS]) {
case DECRYPT:
if (buffer[ISO.OFFSET_CLA] != Ssh_CLA)
ISOException.throwIt(ISO.SW_CLA_NOT_SUPPORTED);
//decrypt (apdu);
size = (short) (buffer[ISO.OFFSET_LC] & 0x00FF);
if (apdu.setIncomingAndReceive() != size)
ISOException.throwIt (ISO.SW_WRONG_LENGTH);
// check access; depends on bit 2 (x/a)
file.selectFile(root_fid);
file.selectFile(privkey_fid);
st = os.checkAccess(ACL.EXECUTE);
if (st != ST.ACCESS_CLEARED) {
CyberflexAPDU.prepareSW1SW2(st);
ISOException.throwIt(CyberflexAPDU.getSW1SW2());
}
rsakey.cryptoUpdate (buffer, (short) ISO.OFFSET_CDATA, size,
buffer, (short) ISO.OFFSET_CDATA);
apdu.setOutgoingAndSend ((short) ISO.OFFSET_CDATA, size);
break;
case GET_PUBKEY:
file.selectFile(root_fid); // select root
file.selectFile(pubkey_fid); // select public key file
size = (short)(file.getFileSize() - 16);
st = os.readBinaryFile(buffer, (short)0, (short)0, size);
if (st == ST.SUCCESS)
apdu.setOutgoingAndSend((short)0, size);
else {
CyberflexAPDU.prepareSW1SW2(st);
ISOException.throwIt(CyberflexAPDU.getSW1SW2());
}
break;
case GET_KEYLENGTH:
Util.setShort(buffer, (short)0, keysize);
apdu.setOutgoingAndSend ((short)0, (short)2);
break;
case GET_VERSION:
Util.setShort(buffer, (short)0, applet_version);
apdu.setOutgoingAndSend ((short)0, (short)2);
break;
case GET_RESPONSE:
break;
default:
ISOException.throwIt (ISO.SW_INS_NOT_SUPPORTED);
}
} // end of process method
} // end of class Ssh

75
crypto/openssh/ssh_prng_cmds.in
View File

@ -1,75 +0,0 @@
# entropy gathering commands
# Format is: "program-name args" path rate
# The "rate" represents the number of bits of usuable entropy per
# byte of command output. Be conservative.
#
# $Id: ssh_prng_cmds.in,v 1.9 2003/11/21 12:48:56 djm Exp $
"ls -alni /var/log" @PROG_LS@ 0.02
"ls -alni /var/adm" @PROG_LS@ 0.02
"ls -alni /usr/adm" @PROG_LS@ 0.02
"ls -alni /var/mail" @PROG_LS@ 0.02
"ls -alni /usr/mail" @PROG_LS@ 0.02
"ls -alni /var/adm/syslog" @PROG_LS@ 0.02
"ls -alni /usr/adm/syslog" @PROG_LS@ 0.02
"ls -alni /var/spool/mail" @PROG_LS@ 0.02
"ls -alni /proc" @PROG_LS@ 0.02
"ls -alni /tmp" @PROG_LS@ 0.02
"ls -alni /var/tmp" @PROG_LS@ 0.02
"ls -alni /usr/tmp" @PROG_LS@ 0.02
"ls -alTi /var/log" @PROG_LS@ 0.02
"ls -alTi /var/adm" @PROG_LS@ 0.02
"ls -alTi /var/mail" @PROG_LS@ 0.02
"ls -alTi /var/adm/syslog" @PROG_LS@ 0.02
"ls -alTi /var/spool/mail" @PROG_LS@ 0.02
"ls -alTi /proc" @PROG_LS@ 0.02
"ls -alTi /tmp" @PROG_LS@ 0.02
"ls -alTi /var/tmp" @PROG_LS@ 0.02
"ls -alTi /usr/tmp" @PROG_LS@ 0.02
"netstat -an" @PROG_NETSTAT@ 0.05
"netstat -in" @PROG_NETSTAT@ 0.05
"netstat -rn" @PROG_NETSTAT@ 0.02
"netstat -pn" @PROG_NETSTAT@ 0.02
"netstat -ia" @PROG_NETSTAT@ 0.05
"netstat -s" @PROG_NETSTAT@ 0.02
"netstat -is" @PROG_NETSTAT@ 0.07
"arp -n -a" @PROG_ARP@ 0.02
"ifconfig -a" @PROG_IFCONFIG@ 0.02
"ps laxww" @PROG_PS@ 0.03
"ps -al" @PROG_PS@ 0.03
"ps -efl" @PROG_PS@ 0.03
"jstat" @PROG_JSTAT@ 0.07
"w" @PROG_W@ 0.05
"who -i" @PROG_WHO@ 0.01
"last" @PROG_LAST@ 0.01
"lastlog" @PROG_LASTLOG@ 0.01
"df" @PROG_DF@ 0.01
"df -i" @PROG_DF@ 0.01
"sar -d" @PROG_SAR@ 0.04
"vmstat" @PROG_VMSTAT@ 0.01
"uptime" @PROG_UPTIME@ 0.01
"ipcs -a" @PROG_IPCS@ 0.01
"tail -200 /var/log/messages" @PROG_TAIL@ 0.01
"tail -200 /var/log/syslog" @PROG_TAIL@ 0.01
"tail -200 /var/adm/messages" @PROG_TAIL@ 0.01
"tail -200 /var/adm/syslog" @PROG_TAIL@ 0.01
"tail -200 /var/adm/syslog/syslog.log" @PROG_TAIL@ 0.01
"tail -200 /var/log/maillog" @PROG_TAIL@ 0.01
"tail -200 /var/adm/maillog" @PROG_TAIL@ 0.01
"tail -200 /var/adm/syslog/mail.log" @PROG_TAIL@ 0.01

69
crypto/openssh/survey.sh.in
View File

@ -1,69 +0,0 @@
#!/bin/sh
#
# Copyright (c) 2004, 2005 Darren Tucker
#
# Permission to use, copy, modify, and distribute this software for any
# purpose with or without fee is hereby granted, provided that the above
# copyright notice and this permission notice appear in all copies.
#
# THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
# WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
# MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
# ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
# WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
# ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
# OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
host="@host@"
AWK="@AWK@"
CC="@CC@"
CPP="@CPP@"
CFLAGS="@CFLAGS@"
CPPFLAGS="@CPPFLAGS@"
LDFLAGS="@LDFLAGS@"
LIBS="@LIBS@"
# Note format:
# identifier: [data] CRCR
echo "openssh-survey-version: 1"
echo
echo "openssh-version: `./ssh -V 2>&1`"
echo
configinv=`$AWK '/^ \\\$.*configure/' config.log | sed 's/^ \\\$ //g'`
echo "configure-invocation: $configinv"
echo
echo "host: $host"
echo
echo "uname: `uname`"
echo
echo "uname-r: `uname -r`"
echo
echo "uname-m: `uname -m`"
echo
echo "uname-p: `uname -p`"
echo
echo "oslevel: `oslevel 2>/dev/null`"
echo
echo "oslevel-r: `oslevel -r 2>/dev/null`"
echo
echo "cc: $CC"
echo
echo "cflags: $CFLAGS"
echo
echo "cppflags: $CPPFLAGS"
echo
echo "ldflags: $LDFLAGS"
echo
echo "libs: $LIBS"
echo
echo "ccver-v: `$CC -v 2>&1 | sed '/^[ \t]*$/d'`"
echo
echo "ccver-V: `$CC -V 2>&1 | sed '/^[ \t]*$/d'`"
echo
echo "cppdefines:"
${CPP} -dM - </dev/null
echo
echo "config.h:"
egrep '#define|#undef' config.h
echo