1# $OpenBSD: Makefile,v 1.135 2024/06/14 04:43:11 djm Exp $ 2 3tests: prep file-tests t-exec unit 4 5REGRESS_TARGETS= t1 t2 t3 t4 t5 t6 t7 t8 t9 t10 t11 t12 6 7# File based tests 8file-tests: $(REGRESS_TARGETS) 9 10# Interop tests are not run by default 11interop interop-tests: t-exec-interop 12 13extra extra-tests: t-extra 14 15prep: 16 test "x${USE_VALGRIND}" = "x" || mkdir -p $(OBJ)/valgrind-out 17 18clean: 19 for F in $(CLEANFILES); do rm -f $(OBJ)$$F; done 20 rm -rf $(OBJ).putty 21 rm -rf $(OBJ).dropbear 22 23distclean: clean 24 25LTESTS= connect \ 26 proxy-connect \ 27 sshfp-connect \ 28 connect-privsep \ 29 connect-uri \ 30 proto-version \ 31 proto-mismatch \ 32 exit-status \ 33 exit-status-signal \ 34 envpass \ 35 transfer \ 36 banner \ 37 rekey \ 38 dhgex \ 39 stderr-data \ 40 stderr-after-eof \ 41 broken-pipe \ 42 try-ciphers \ 43 yes-head \ 44 login-timeout \ 45 agent \ 46 agent-getpeereid \ 47 agent-timeout \ 48 agent-ptrace \ 49 agent-subprocess \ 50 keyscan \ 51 keygen-change \ 52 keygen-comment \ 53 keygen-convert \ 54 keygen-knownhosts \ 55 keygen-moduli \ 56 keygen-sshfp \ 57 key-options \ 58 scp \ 59 scp3 \ 60 scp-uri \ 61 sftp \ 62 sftp-chroot \ 63 sftp-cmds \ 64 sftp-badcmds \ 65 sftp-batch \ 66 sftp-glob \ 67 sftp-perm \ 68 sftp-uri \ 69 reconfigure \ 70 dynamic-forward \ 71 forwarding \ 72 multiplex \ 73 reexec \ 74 brokenkeys \ 75 sshcfgparse \ 76 cfgparse \ 77 cfgmatch \ 78 cfgmatchlisten \ 79 percent \ 80 addrmatch \ 81 localcommand \ 82 forcecommand \ 83 portnum \ 84 keytype \ 85 kextype \ 86 cert-hostkey \ 87 cert-userkey \ 88 host-expand \ 89 keys-command \ 90 forward-control \ 91 integrity \ 92 krl \ 93 multipubkey \ 94 limit-keytype \ 95 hostkey-agent \ 96 hostkey-rotate \ 97 principals-command \ 98 cert-file \ 99 cfginclude \ 100 servcfginclude \ 101 allow-deny-users \ 102 authinfo \ 103 sshsig \ 104 knownhosts \ 105 knownhosts-command \ 106 agent-restrict \ 107 hostbased \ 108 channel-timeout \ 109 connection-timeout \ 110 match-subsystem \ 111 agent-pkcs11-restrict \ 112 agent-pkcs11-cert \ 113 penalty \ 114 penalty-expire 115 116INTEROP_TESTS= putty-transfer putty-ciphers putty-kex conch-ciphers 117INTEROP_TESTS+= dropbear-ciphers dropbear-kex 118#INTEROP_TESTS+=ssh-com ssh-com-client ssh-com-keygen ssh-com-sftp 119 120EXTRA_TESTS= agent-pkcs11 121#EXTRA_TESTS+= cipher-speed 122 123USERNAME= ${LOGNAME} 124CLEANFILES= *.core actual agent-key.* authorized_keys_${USERNAME} \ 125 authorized_keys_${USERNAME}.* \ 126 authorized_principals_${USERNAME} \ 127 banner.in banner.out cert_host_key* cert_user_key* \ 128 copy.1 copy.2 data ed25519-agent ed25519-agent* \ 129 ed25519-agent.pub ed25519 ed25519.pub empty.in \ 130 expect failed-regress.log failed-ssh.log failed-sshd.log \ 131 hkr.* host.ecdsa-sha2-nistp256 host.ecdsa-sha2-nistp384 \ 132 host.ecdsa-sha2-nistp521 host.ssh-dss host.ssh-ed25519 \ 133 host.ssh-rsa host_ca_key* host_krl_* host_revoked_* key.* \ 134 key.dsa-* key.ecdsa-* key.ed25519-512 \ 135 key.ed25519-512.pub key.rsa-* keys-command-args kh.* askpass \ 136 known_hosts known_hosts-cert known_hosts.* krl-* ls.copy \ 137 modpipe netcat no_identity_config \ 138 pidfile putty.rsa2 ready regress.log remote_pid \ 139 revoked-* rsa rsa-agent rsa-agent.pub rsa.pub rsa_ssh2_cr.prv \ 140 rsa_ssh2_crnl.prv scp-ssh-wrapper.exe \ 141 scp-ssh-wrapper.scp setuid-allowed sftp-server.log \ 142 sftp-server.sh sftp.log ssh-log-wrapper.sh ssh.log \ 143 ssh-agent.log ssh-add.log slow-sftp-server.sh \ 144 ssh-rsa_oldfmt knownhosts_command \ 145 ssh_config ssh_config.* ssh_proxy ssh_proxy_bak \ 146 ssh_proxy_* sshd.log sshd_config sshd_config.* \ 147 sshd_config.* sshd_proxy sshd_proxy.* sshd_proxy_bak \ 148 sshd_proxy_orig t10.out t10.out.pub t12.out t12.out.pub \ 149 t2.out t3.out t6.out1 t6.out2 t7.out t7.out.pub \ 150 t8.out t8.out.pub t9.out t9.out.pub \ 151 timestamp testdata user_*key* user_ca* user_key* 152 153# Enable all malloc(3) randomisations and checks 154TEST_ENV= "MALLOC_OPTIONS=CFGJRSUX" 155 156TEST_SSH_SSHKEYGEN?=ssh-keygen 157 158CPPFLAGS=-I.. 159 160t1: 161 set -xe ; if ${TEST_SSH_SSH} -Q key | grep -q "^ssh-rsa" ; then \ 162 ${TEST_SSH_SSHKEYGEN} -if ${.CURDIR}/rsa_ssh2.prv | diff - ${.CURDIR}/rsa_openssh.prv ; \ 163 tr '\n' '\r' <${.CURDIR}/rsa_ssh2.prv > ${.OBJDIR}/rsa_ssh2_cr.prv ; \ 164 ${TEST_SSH_SSHKEYGEN} -if ${.OBJDIR}/rsa_ssh2_cr.prv | diff - ${.CURDIR}/rsa_openssh.prv ; \ 165 awk '{print $$0 "\r"}' ${.CURDIR}/rsa_ssh2.prv > ${.OBJDIR}/rsa_ssh2_crnl.prv ; \ 166 ${TEST_SSH_SSHKEYGEN} -if ${.OBJDIR}/rsa_ssh2_crnl.prv | diff - ${.CURDIR}/rsa_openssh.prv ; \ 167 fi 168 169t2: 170 set -xe ; if ${TEST_SSH_SSH} -Q key | grep -q "^ssh-rsa" ; then \ 171 cat ${.CURDIR}/rsa_openssh.prv > $(OBJ)/t2.out ; \ 172 chmod 600 $(OBJ)/t2.out ; \ 173 ${TEST_SSH_SSHKEYGEN} -yf $(OBJ)/t2.out | diff - ${.CURDIR}/rsa_openssh.pub ; \ 174 fi 175 176t3: 177 set -xe ; if ${TEST_SSH_SSH} -Q key | grep -q "^ssh-rsa" ; then \ 178 ${TEST_SSH_SSHKEYGEN} -ef ${.CURDIR}/rsa_openssh.pub >$(OBJ)/t3.out ; \ 179 ${TEST_SSH_SSHKEYGEN} -if $(OBJ)/t3.out | diff - ${.CURDIR}/rsa_openssh.pub ; \ 180 fi 181 182t4: 183 set -xe ; if ${TEST_SSH_SSH} -Q key | grep -q "^ssh-rsa" ; then \ 184 ${TEST_SSH_SSHKEYGEN} -E md5 -lf ${.CURDIR}/rsa_openssh.pub |\ 185 awk '{print $$2}' | diff - ${.CURDIR}/t4.ok ; \ 186 fi 187 188t5: 189 set -xe ; if ${TEST_SSH_SSH} -Q key | grep -q "^ssh-rsa" ; then \ 190 ${TEST_SSH_SSHKEYGEN} -Bf ${.CURDIR}/rsa_openssh.pub |\ 191 awk '{print $$2}' | diff - ${.CURDIR}/t5.ok ; \ 192 fi 193t6: 194 set -xe ; if ${TEST_SSH_SSH} -Q key | grep -q "^ssh-dss" ; then \ 195 ${TEST_SSH_SSHKEYGEN} -if ${.CURDIR}/dsa_ssh2.prv > $(OBJ)/t6.out1 ; \ 196 ${TEST_SSH_SSHKEYGEN} -if ${.CURDIR}/dsa_ssh2.pub > $(OBJ)/t6.out2 ; \ 197 chmod 600 $(OBJ)/t6.out1 ; \ 198 ${TEST_SSH_SSHKEYGEN} -yf $(OBJ)/t6.out1 | diff - $(OBJ)/t6.out2 ; \ 199 fi 200 201$(OBJ)/t7.out: 202 set -xe ; if ${TEST_SSH_SSH} -Q key | grep -q "^ssh-dss" ; then \ 203 ${TEST_SSH_SSHKEYGEN} -q -t rsa -N '' -f $@ ; \ 204 fi 205 206t7: $(OBJ)/t7.out 207 set -xe ; if ${TEST_SSH_SSH} -Q key | grep -q "^ssh-dss" ; then \ 208 ${TEST_SSH_SSHKEYGEN} -lf $(OBJ)/t7.out > /dev/null ; \ 209 ${TEST_SSH_SSHKEYGEN} -Bf $(OBJ)/t7.out > /dev/null ; \ 210 fi 211 212$(OBJ)/t8.out: 213 set -xe ; if ssh -Q key | grep -q "^ssh-dss" ; then \ 214 ${TEST_SSH_SSHKEYGEN} -q -t dsa -N '' -f $@ ; \ 215 fi 216 217t8: $(OBJ)/t8.out 218 set -xe ; if ssh -Q key | grep -q "^ssh-dss" ; then \ 219 ${TEST_SSH_SSHKEYGEN} -lf $(OBJ)/t8.out > /dev/null ; \ 220 ${TEST_SSH_SSHKEYGEN} -Bf $(OBJ)/t8.out > /dev/null ; \ 221 fi 222 223$(OBJ)/t9.out: 224 ! ${TEST_SSH_SSH} -Q key-plain | grep ecdsa >/dev/null || \ 225 ${TEST_SSH_SSHKEYGEN} -q -t ecdsa -N '' -f $@ 226 227t9: $(OBJ)/t9.out 228 ! ${TEST_SSH_SSH} -Q key-plain | grep ecdsa >/dev/null || \ 229 ${TEST_SSH_SSHKEYGEN} -lf $(OBJ)/t9.out > /dev/null 230 ! ${TEST_SSH_SSH} -Q key-plain | grep ecdsa >/dev/null || \ 231 ${TEST_SSH_SSHKEYGEN} -Bf $(OBJ)/t9.out > /dev/null 232 233 234$(OBJ)/t10.out: 235 ${TEST_SSH_SSHKEYGEN} -q -t ed25519 -N '' -f $@ 236 237t10: $(OBJ)/t10.out 238 ${TEST_SSH_SSHKEYGEN} -lf $(OBJ)/t10.out > /dev/null 239 ${TEST_SSH_SSHKEYGEN} -Bf $(OBJ)/t10.out > /dev/null 240 241t11: 242 set -xe ; if ${TEST_SSH_SSH} -Q key | grep -q "^ssh-dss" ; then \ 243 ${TEST_SSH_SSHKEYGEN} -E sha256 -lf ${.CURDIR}/rsa_openssh.pub |\ 244 awk '{print $$2}' | diff - ${.CURDIR}/t11.ok ; \ 245 fi 246 247$(OBJ)/t12.out: 248 ${TEST_SSH_SSHKEYGEN} -q -t ed25519 -N '' -C 'test-comment-1234' -f $@ 249 250t12: $(OBJ)/t12.out 251 ${TEST_SSH_SSHKEYGEN} -lf $(OBJ)/t12.out.pub | grep test-comment-1234 >/dev/null 252 253t-exec: ${LTESTS:=.sh} 254 @if [ "x$?" = "x" ]; then exit 0; fi; \ 255 _started=""; test -z "${LTESTS_FROM}" && _started=1 ;\ 256 for TEST in ""$?; do \ 257 if [ -z "$$_started" ] ; then \ 258 if [ "x$$TEST" = "x${LTESTS_FROM}.sh" ]; then \ 259 _started=1; \ 260 else \ 261 continue; \ 262 fi ; \ 263 fi ; \ 264 skip=no; \ 265 for t in ""$${SKIP_LTESTS}; do \ 266 if [ "x$${t}.sh" = "x$${TEST}" ]; then skip=yes; fi; \ 267 done; \ 268 if [ "x$${skip}" = "xno" ]; then \ 269 echo "run test $${TEST}" ... 1>&2; \ 270 (env SUDO="${SUDO}" TEST_ENV=${TEST_ENV} ${TEST_SHELL} ${.CURDIR}/test-exec.sh ${.OBJDIR} ${.CURDIR}/$${TEST}) || exit $$?; \ 271 else \ 272 echo skip test $${TEST} 1>&2; \ 273 fi; \ 274 done 275 276t-exec-interop: ${INTEROP_TESTS:=.sh} 277 @if [ "x$?" = "x" ]; then exit 0; fi; \ 278 for TEST in ""$?; do \ 279 echo "run test $${TEST}" ... 1>&2; \ 280 (env SUDO="${SUDO}" TEST_ENV=${TEST_ENV} ${TEST_SHELL} ${.CURDIR}/test-exec.sh ${.OBJDIR} ${.CURDIR}/$${TEST}) || exit $$?; \ 281 done 282 283t-extra: ${EXTRA_TESTS:=.sh} 284 @if [ "x$?" = "x" ]; then exit 0; fi; \ 285 for TEST in ""$?; do \ 286 echo "run test $${TEST}" ... 1>&2; \ 287 (env SUDO="${SUDO}" TEST_ENV=${TEST_ENV} ${TEST_SHELL} ${.CURDIR}/test-exec.sh ${.OBJDIR} ${.CURDIR}/$${TEST}) || exit $$?; \ 288 done 289 290# Not run by default 291interop: ${INTEROP_TARGETS} 292 293# Unit tests, built by top-level Makefile 294unit: 295 set -e ; if test -z "${SKIP_UNIT}" ; then \ 296 V="" ; \ 297 test "x${USE_VALGRIND}" = "x" || \ 298 V=${.CURDIR}/valgrind-unit.sh ; \ 299 $$V ${.OBJDIR}/unittests/sshbuf/test_sshbuf ; \ 300 $$V ${.OBJDIR}/unittests/sshkey/test_sshkey \ 301 -d ${.CURDIR}/unittests/sshkey/testdata ; \ 302 $$V ${.OBJDIR}/unittests/sshsig/test_sshsig \ 303 -d ${.CURDIR}/unittests/sshsig/testdata ; \ 304 $$V ${.OBJDIR}/unittests/authopt/test_authopt \ 305 -d ${.CURDIR}/unittests/authopt/testdata ; \ 306 $$V ${.OBJDIR}/unittests/bitmap/test_bitmap ; \ 307 $$V ${.OBJDIR}/unittests/conversion/test_conversion ; \ 308 $$V ${.OBJDIR}/unittests/kex/test_kex ; \ 309 $$V ${.OBJDIR}/unittests/hostkeys/test_hostkeys \ 310 -d ${.CURDIR}/unittests/hostkeys/testdata ; \ 311 $$V ${.OBJDIR}/unittests/match/test_match ; \ 312 $$V ${.OBJDIR}/unittests/misc/test_misc ; \ 313 if test "x${TEST_SSH_UTF8}" = "xyes" ; then \ 314 $$V ${.OBJDIR}/unittests/utf8/test_utf8 ; \ 315 fi \ 316 fi 317