xref: /freebsd/crypto/openssh/regress/test-exec.sh (revision 0fdf8fae8b569bf9fff3b5171e669dcd7cf9c79e) 
1#	$OpenBSD: test-exec.sh,v 1.119 2024/06/20 08:18:34 dtucker Exp $
2#	Placed in the Public Domain.
3
4#SUDO=sudo
5
6if [ ! -z "$TEST_SSH_ELAPSED_TIMES" ]; then
7	STARTTIME=`date '+%s'`
8fi
9
10if [ ! -z "$TEST_SSH_PORT" ]; then
11	PORT="$TEST_SSH_PORT"
12else
13	PORT=4242
14fi
15
16OBJ=$1
17if [ "x$OBJ" = "x" ]; then
18	echo '$OBJ not defined'
19	exit 2
20fi
21if [ ! -d $OBJ ]; then
22	echo "not a directory: $OBJ"
23	exit 2
24fi
25SCRIPT=$2
26if [ "x$SCRIPT" = "x" ]; then
27	echo '$SCRIPT not defined'
28	exit 2
29fi
30if [ ! -f $SCRIPT ]; then
31	echo "not a file: $SCRIPT"
32	exit 2
33fi
34if $TEST_SHELL -n $SCRIPT; then
35	true
36else
37	echo "syntax error in $SCRIPT"
38	exit 2
39fi
40unset SSH_AUTH_SOCK
41
42# Portable-specific settings.
43
44if [ -x /usr/ucb/whoami ]; then
45	USER=`/usr/ucb/whoami`
46elif whoami >/dev/null 2>&1; then
47	USER=`whoami`
48elif logname >/dev/null 2>&1; then
49	USER=`logname`
50else
51	USER=`id -un`
52fi
53if test -z "$LOGNAME"; then
54	LOGNAME="${USER}"
55	export LOGNAME
56fi
57
58# Unbreak GNU head(1)
59_POSIX2_VERSION=199209
60export _POSIX2_VERSION
61
62case `uname -s 2>/dev/null` in
63OSF1*)
64	BIN_SH=xpg4
65	export BIN_SH
66	;;
67CYGWIN*)
68	os=cygwin
69	;;
70esac
71
72# If configure tells us to use a different egrep, create a wrapper function
73# to call it.  This means we don't need to change all the tests that depend
74# on a good implementation.
75if test "x${EGREP}" != "x"; then
76	egrep ()
77{
78	 ${EGREP} "$@"
79}
80fi
81
82SRC=`dirname ${SCRIPT}`
83
84# defaults
85SSH=ssh
86SSHD=sshd
87SSHAGENT=ssh-agent
88SSHADD=ssh-add
89SSHKEYGEN=ssh-keygen
90SSHKEYSCAN=ssh-keyscan
91SFTP=sftp
92SFTPSERVER=/usr/libexec/openssh/sftp-server
93SSHD_SESSION=/usr/libexec/sshd-session
94SCP=scp
95
96# Set by make_tmpdir() on demand (below).
97SSH_REGRESS_TMP=
98
99# Interop testing
100PLINK=/usr/local/bin/plink
101PUTTYGEN=/usr/local/bin/puttygen
102CONCH=/usr/local/bin/conch
103DROPBEAR=/usr/local/bin/dropbear
104DBCLIENT=/usr/local/bin/dbclient
105DROPBEARKEY=/usr/local/bin/dropbearkey
106DROPBEARCONVERT=/usr/local/bin/dropbearconvert
107
108# So we can override this in Portable.
109TEST_SHELL="${TEST_SHELL:-/bin/sh}"
110
111# Tools used by multiple tests
112NC=$OBJ/netcat
113# Always use the one configure tells us to, even if that's empty.
114#OPENSSL_BIN="${OPENSSL_BIN:-openssl}"
115
116if [ "x$TEST_SSH_SSH" != "x" ]; then
117	SSH="${TEST_SSH_SSH}"
118fi
119if [ "x$TEST_SSH_SSHD_SESSION" != "x" ]; then
120	SSHD_SESSION="${TEST_SSH_SSHD_SESSION}"
121fi
122if [ "x$TEST_SSH_SSHD" != "x" ]; then
123	SSHD="${TEST_SSH_SSHD}"
124fi
125if [ "x$TEST_SSH_SSHAGENT" != "x" ]; then
126	SSHAGENT="${TEST_SSH_SSHAGENT}"
127fi
128if [ "x$TEST_SSH_SSHADD" != "x" ]; then
129	SSHADD="${TEST_SSH_SSHADD}"
130fi
131if [ "x$TEST_SSH_SSHKEYGEN" != "x" ]; then
132	SSHKEYGEN="${TEST_SSH_SSHKEYGEN}"
133fi
134if [ "x$TEST_SSH_SSHKEYSCAN" != "x" ]; then
135	SSHKEYSCAN="${TEST_SSH_SSHKEYSCAN}"
136fi
137if [ "x$TEST_SSH_SFTP" != "x" ]; then
138	SFTP="${TEST_SSH_SFTP}"
139fi
140if [ "x$TEST_SSH_SFTPSERVER" != "x" ]; then
141	SFTPSERVER="${TEST_SSH_SFTPSERVER}"
142fi
143if [ "x$TEST_SSH_SCP" != "x" ]; then
144	SCP="${TEST_SSH_SCP}"
145fi
146if [ "x$TEST_SSH_PLINK" != "x" ]; then
147	PLINK="${TEST_SSH_PLINK}"
148fi
149if [ "x$TEST_SSH_PUTTYGEN" != "x" ]; then
150	PUTTYGEN="${TEST_SSH_PUTTYGEN}"
151fi
152if [ "x$TEST_SSH_CONCH" != "x" ]; then
153	CONCH="${TEST_SSH_CONCH}"
154fi
155if [ "x$TEST_SSH_DROPBEAR" != "x" ]; then
156	DROPBEAR="${TEST_SSH_DROPBEAR}"
157fi
158if [ "x$TEST_SSH_DBCLIENT" != "x" ]; then
159	DBCLIENT="${TEST_SSH_DBCLIENT}"
160fi
161if [ "x$TEST_SSH_DROPBEARKEY" != "x" ]; then
162	DROPBEARKEY="${TEST_SSH_DROPBEARKEY}"
163fi
164if [ "x$TEST_SSH_DROPBEARCONVERT" != "x" ]; then
165	DROPBEARCONVERT="${TEST_SSH_DROPBEARCONVERT}"
166fi
167if [ "x$TEST_SSH_PKCS11_HELPER" != "x" ]; then
168	SSH_PKCS11_HELPER="${TEST_SSH_PKCS11_HELPER}"
169fi
170if [ "x$TEST_SSH_SK_HELPER" != "x" ]; then
171	SSH_SK_HELPER="${TEST_SSH_SK_HELPER}"
172fi
173if [ "x$TEST_SSH_OPENSSL" != "x" ]; then
174	OPENSSL_BIN="${TEST_SSH_OPENSSL}"
175fi
176
177# Path to sshd must be absolute for rexec
178case "$SSHD" in
179/*) ;;
180*) SSHD=`which $SSHD` ;;
181esac
182
183case "$SSHAGENT" in
184/*) ;;
185*) SSHAGENT=`which $SSHAGENT` ;;
186esac
187
188# Record the actual binaries used.
189SSH_BIN=${SSH}
190SSHD_BIN=${SSHD}
191SSHAGENT_BIN=${SSHAGENT}
192SSHADD_BIN=${SSHADD}
193SSHKEYGEN_BIN=${SSHKEYGEN}
194SSHKEYSCAN_BIN=${SSHKEYSCAN}
195SFTP_BIN=${SFTP}
196SFTPSERVER_BIN=${SFTPSERVER}
197SCP_BIN=${SCP}
198
199if [ "x$USE_VALGRIND" != "x" ]; then
200	rm -rf $OBJ/valgrind-out $OBJ/valgrind-vgdb
201	mkdir -p $OBJ/valgrind-out $OBJ/valgrind-vgdb
202	# When using sudo ensure low-priv tests can write pipes and logs.
203	if [ "x$SUDO" != "x" ]; then
204		chmod 777 $OBJ/valgrind-out $OBJ/valgrind-vgdb
205	fi
206	VG_TEST=`basename $SCRIPT .sh`
207
208	# Some tests are difficult to fix.
209	case "$VG_TEST" in
210	reexec)
211		VG_SKIP=1 ;;
212	sftp-chroot)
213		if [ "x${SUDO}" != "x" ]; then
214			VG_SKIP=1
215		fi ;;
216	esac
217
218	if [ x"$VG_SKIP" = "x" ]; then
219		VG_LEAK="--leak-check=no"
220		if [ x"$VALGRIND_CHECK_LEAKS" != "x" ]; then
221			VG_LEAK="--leak-check=full"
222		fi
223		VG_IGNORE="/bin/*,/sbin/*,/usr/*,/var/*"
224		VG_LOG="$OBJ/valgrind-out/${VG_TEST}."
225		VG_OPTS="--track-origins=yes $VG_LEAK"
226		VG_OPTS="$VG_OPTS --trace-children=yes"
227		VG_OPTS="$VG_OPTS --trace-children-skip=${VG_IGNORE}"
228		VG_OPTS="$VG_OPTS --vgdb-prefix=$OBJ/valgrind-vgdb/"
229		VG_PATH="valgrind"
230		if [ "x$VALGRIND_PATH" != "x" ]; then
231			VG_PATH="$VALGRIND_PATH"
232		fi
233		VG="$VG_PATH $VG_OPTS"
234		SSH="$VG --log-file=${VG_LOG}ssh.%p $SSH"
235		SSHD="$VG --log-file=${VG_LOG}sshd.%p $SSHD"
236		SSHAGENT="$VG --log-file=${VG_LOG}ssh-agent.%p $SSHAGENT"
237		SSHADD="$VG --log-file=${VG_LOG}ssh-add.%p $SSHADD"
238		SSHKEYGEN="$VG --log-file=${VG_LOG}ssh-keygen.%p $SSHKEYGEN"
239		SSHKEYSCAN="$VG --log-file=${VG_LOG}ssh-keyscan.%p $SSHKEYSCAN"
240		SFTP="$VG --log-file=${VG_LOG}sftp.%p ${SFTP}"
241		SCP="$VG --log-file=${VG_LOG}scp.%p $SCP"
242		cat > $OBJ/valgrind-sftp-server.sh << EOF
243#!/bin/sh
244exec $VG --log-file=${VG_LOG}sftp-server.%p $SFTPSERVER "\$@"
245EOF
246		chmod a+rx $OBJ/valgrind-sftp-server.sh
247		SFTPSERVER="$OBJ/valgrind-sftp-server.sh"
248	fi
249fi
250
251# Logfiles.
252# SSH_LOGFILE should be the debug output of ssh(1) only
253# SSHD_LOGFILE should be the debug output of sshd(8) only
254# REGRESS_LOGFILE is the log of progress of the regress test itself.
255# TEST_SSH_LOGDIR will contain datestamped logs of all binaries run in
256# chronological order.
257if [ "x$TEST_SSH_LOGDIR" = "x" ]; then
258	TEST_SSH_LOGDIR=$OBJ/log
259	mkdir -p $TEST_SSH_LOGDIR
260fi
261if [ "x$TEST_SSH_LOGFILE" = "x" ]; then
262	TEST_SSH_LOGFILE=$OBJ/ssh.log
263fi
264if [ "x$TEST_SSHD_LOGFILE" = "x" ]; then
265	TEST_SSHD_LOGFILE=$OBJ/sshd.log
266fi
267if [ "x$TEST_REGRESS_LOGFILE" = "x" ]; then
268	TEST_REGRESS_LOGFILE=$OBJ/regress.log
269fi
270
271# If set, keep track of successful tests and skip them them if we've
272# previously completed that test.
273if [ "x$TEST_REGRESS_CACHE_DIR" != "x" ]; then
274	if [ ! -d "$TEST_REGRESS_CACHE_DIR" ]; then
275		mkdir -p "$TEST_REGRESS_CACHE_DIR"
276	fi
277	TEST="`basename $SCRIPT .sh`"
278	CACHE="${TEST_REGRESS_CACHE_DIR}/${TEST}.cache"
279	for i in ${SSH} ${SSHD} ${SSHAGENT} ${SSHADD} ${SSHKEYGEN} ${SCP} \
280	    ${SFTP} ${SFTPSERVER} ${SSHKEYSCAN}; do
281		case $i in
282		/*)	bin="$i" ;;
283		*)	bin="`which $i`" ;;
284		esac
285		if [ "$bin" -nt "$CACHE" ]; then
286			rm -f "$CACHE"
287		fi
288	done
289	if [ -f "$CACHE" ]; then
290		echo ok cached $CACHE
291		exit 0
292	fi
293fi
294
295# truncate logfiles
296>$TEST_REGRESS_LOGFILE
297
298# Create ssh and sshd wrappers with logging.  These create a datestamped
299# unique file for every invocation so that we can retain all logs from a
300# given test no matter how many times it's invoked.  It also leaves a
301# symlink with the original name for tests (and people) who look for that.
302
303# For ssh, e can't just specify "SSH=ssh -E..." because sftp and scp don't
304# handle spaces in arguments.  scp and sftp like to use -q so we remove those
305# to preserve our debug logging.  In the rare instance where -q is desirable
306# -qq is equivalent and is not removed.
307SSHLOGWRAP=$OBJ/ssh-log-wrapper.sh
308cat >$SSHLOGWRAP <<EOD
309#!/bin/sh
310timestamp="\`$OBJ/timestamp\`"
311logfile="${TEST_SSH_LOGDIR}/\${timestamp}.ssh.\$\$.log"
312echo "Executing: ${SSH} \$@" log \${logfile} >>$TEST_REGRESS_LOGFILE
313echo "Executing: ${SSH} \$@" >>\${logfile}
314for i in "\$@";do shift;case "\$i" in -q):;; *) set -- "\$@" "\$i";;esac;done
315rm -f $TEST_SSH_LOGFILE
316ln -f -s \${logfile} $TEST_SSH_LOGFILE
317exec ${SSH} -E\${logfile} "\$@"
318EOD
319
320chmod a+rx $OBJ/ssh-log-wrapper.sh
321REAL_SSH="$SSH"
322REAL_SSHD="$SSHD"
323SSH="$SSHLOGWRAP"
324
325SSHDLOGWRAP=$OBJ/sshd-log-wrapper.sh
326cat >$SSHDLOGWRAP <<EOD
327#!/bin/sh
328timestamp="\`$OBJ/timestamp\`"
329logfile="${TEST_SSH_LOGDIR}/\${timestamp}.sshd.\$\$.log"
330rm -f $TEST_SSHD_LOGFILE
331touch \$logfile
332test -z "$SUDO" || chown $USER \$logfile
333ln -f -s \${logfile} $TEST_SSHD_LOGFILE
334echo "Executing: ${SSHD} \$@" log \${logfile} >>$TEST_REGRESS_LOGFILE
335echo "Executing: ${SSHD} \$@" >>\${logfile}
336exec ${SSHD} -E\${logfile} "\$@"
337EOD
338chmod a+rx $OBJ/sshd-log-wrapper.sh
339
340ssh_logfile ()
341{
342	tool="$1"
343	timestamp="`$OBJ/timestamp`"
344	logfile="${TEST_SSH_LOGDIR}/${timestamp}.$tool.$$.log"
345	echo "Logging $tool to log \${logfile}" >>$TEST_REGRESS_LOGFILE
346	echo $logfile
347}
348
349# Some test data.  We make a copy because some tests will overwrite it.
350# The tests may assume that $DATA exists and is writable and $COPY does
351# not exist.  Tests requiring larger data files can call increase_datafile_size
352# [kbytes] to ensure the file is at least that large.
353DATANAME=data
354DATA=$OBJ/${DATANAME}
355cat ${SSH_BIN} >${DATA}
356chmod u+w ${DATA}
357COPY=$OBJ/copy
358rm -f ${COPY}
359
360increase_datafile_size()
361{
362	while [ `du -k ${DATA} | cut -f1` -lt $1 ]; do
363		cat ${SSH_BIN} >>${DATA}
364	done
365}
366
367# these should be used in tests
368export SSH SSHD SSHAGENT SSHADD SSHKEYGEN SSHKEYSCAN SFTP SFTPSERVER SCP
369export SSH_PKCS11_HELPER SSH_SK_HELPER
370#echo $SSH $SSHD $SSHAGENT $SSHADD $SSHKEYGEN $SSHKEYSCAN $SFTP $SFTPSERVER $SCP
371
372# Portable specific functions
373which()
374{
375	saved_IFS="$IFS"
376	IFS=":"
377	for i in $PATH
378	do
379		if [ -x $i/$1 ]; then
380			IFS="$saved_IFS"
381			echo "$i/$1"
382			return 0
383		fi
384	done
385	IFS="$saved_IFS"
386	echo "$i/$1"
387	return 1
388}
389
390have_prog()
391{
392	which "$1" >/dev/null 2>&1
393	return $?
394}
395
396jot() {
397	awk "BEGIN { for (i = $2; i < $2 + $1; i++) { printf \"%d\n\", i } exit }"
398}
399
400if [ ! -x "`which rev`" ]; then
401rev()
402{
403	awk '{for (i=length; i>0; i--) printf "%s", substr($0, i, 1); print ""}'
404}
405fi
406
407if [ -x "/usr/xpg4/bin/id" ]; then
408id()
409{
410	/usr/xpg4/bin/id $@
411}
412fi
413
414# Check whether preprocessor symbols are defined in config.h.
415config_defined ()
416{
417	str=$1
418	while test "x$2" != "x" ; do
419		str="$str|$2"
420		shift
421	done
422	egrep "^#define.*($str)" ${BUILDDIR}/config.h >/dev/null 2>&1
423}
424
425md5 () {
426	if have_prog md5sum; then
427		md5sum
428	elif have_prog openssl; then
429		openssl md5
430	elif have_prog cksum; then
431		cksum
432	elif have_prog sum; then
433		sum
434	elif [ -x ${OPENSSL_BIN} ]; then
435		${OPENSSL_BIN} md5
436	else
437		wc -c
438	fi
439}
440
441# Some platforms don't have hostname at all, but on others uname -n doesn't
442# provide the fully qualified name we need, so in the former case we create
443# our own hostname function.
444if ! have_prog hostname; then
445	hostname() {
446		uname -n
447	}
448fi
449
450make_tmpdir ()
451{
452	SSH_REGRESS_TMP="$($OBJ/mkdtemp openssh-XXXXXXXX)" || \
453	    fatal "failed to create temporary directory"
454}
455# End of portable specific functions
456
457stop_sshd ()
458{
459	[ -z $PIDFILE ] && return
460	[ -f $PIDFILE ] || return
461	pid=`$SUDO cat $PIDFILE`
462	if [ "X$pid" = "X" ]; then
463		echo "no sshd running" 1>&2
464		return
465	elif [ $pid -lt 2 ]; then
466		echo "bad pid for sshd: $pid" 1>&2
467		return
468	fi
469	$SUDO kill $pid
470	trace "wait for sshd to exit"
471	i=0;
472	while [ -f $PIDFILE -a $i -lt 5 ]; do
473		i=`expr $i + 1`
474		sleep $i
475	done
476	if test -f $PIDFILE; then
477		if $SUDO kill -0 $pid; then
478			echo "sshd didn't exit port $PORT pid $pid" 1>&2
479		else
480			echo "sshd died without cleanup" 1>&2
481		fi
482		exit 1
483	fi
484	PIDFILE=""
485}
486
487# helper
488cleanup ()
489{
490	if [ "x$SSH_PID" != "x" ]; then
491		if [ $SSH_PID -lt 2 ]; then
492			echo bad pid for ssh: $SSH_PID
493		else
494			kill $SSH_PID
495		fi
496	fi
497	if [ "x$SSH_REGRESS_TMP" != "x" ]; then
498		rm -rf "$SSH_REGRESS_TMP"
499	fi
500	stop_sshd
501	if [ ! -z "$TEST_SSH_ELAPSED_TIMES" ]; then
502		now=`date '+%s'`
503		elapsed=$(($now - $STARTTIME))
504		echo elapsed $elapsed `basename $SCRIPT .sh`
505	fi
506}
507
508start_debug_log ()
509{
510	echo "trace: $@" >>$TEST_REGRESS_LOGFILE
511	if [ -d "$TEST_SSH_LOGDIR" ]; then
512		rm -f $TEST_SSH_LOGDIR/*
513	fi
514}
515
516save_debug_log ()
517{
518	testname=`echo $tid | tr ' ' _`
519	tarname="$OBJ/failed-$testname-logs.tar"
520
521	for logfile in $TEST_SSH_LOGDIR $TEST_REGRESS_LOGFILE \
522	    $TEST_SSH_LOGFILE $TEST_SSHD_LOGFILE; do
523		if [ ! -z "$SUDO" ] && [ -f "$logfile" ]; then
524			$SUDO chown -R $USER $logfile
525		fi
526	done
527	echo $@ >>$TEST_REGRESS_LOGFILE
528	echo $@ >>$TEST_SSH_LOGFILE
529	echo $@ >>$TEST_SSHD_LOGFILE
530	echo "Saving debug logs to $tarname" >>$TEST_REGRESS_LOGFILE
531	(cat $TEST_REGRESS_LOGFILE; echo) >>$OBJ/failed-regress.log
532	(cat $TEST_SSH_LOGFILE; echo) >>$OBJ/failed-ssh.log
533	(cat $TEST_SSHD_LOGFILE; echo) >>$OBJ/failed-sshd.log
534
535	# Save all logfiles in a tarball.
536	(cd $OBJ &&
537	  logfiles=""
538	  for i in $TEST_REGRESS_LOGFILE $TEST_SSH_LOGFILE $TEST_SSHD_LOGFILE \
539	    $TEST_SSH_LOGDIR; do
540		if [ -e "`basename $i`" ]; then
541			logfiles="$logfiles `basename $i`"
542		else
543			logfiles="$logfiles $i"
544		fi
545	  done
546	  tar cf "$tarname" $logfiles)
547}
548
549trace ()
550{
551	start_debug_log $@
552	if [ "X$TEST_SSH_TRACE" = "Xyes" ]; then
553		echo "$@"
554	fi
555}
556
557verbose ()
558{
559	start_debug_log $@
560	if [ "X$TEST_SSH_QUIET" != "Xyes" ]; then
561		echo "$@"
562	fi
563}
564
565fail ()
566{
567	save_debug_log "FAIL: $@"
568	RESULT=1
569	echo "$@"
570	if test "x$TEST_SSH_FAIL_FATAL" != "x" ; then
571		cleanup
572		exit $RESULT
573	fi
574}
575
576fatal ()
577{
578	save_debug_log "FATAL: $@"
579	printf "FATAL: "
580	fail "$@"
581	cleanup
582	exit $RESULT
583}
584
585# Skip remaining tests in script.
586skip ()
587{
588	echo "SKIPPED: $@"
589	cleanup
590	exit $RESULT
591}
592
593maybe_add_scp_path_to_sshd ()
594{
595	# If we're testing a non-installed scp, add its directory to sshd's
596	# PATH so we can test it.  We don't do this for all tests as it
597	# breaks the SetEnv tests.
598	case "$SCP" in
599	/*)	PATH_WITH_SCP="`dirname $SCP`:$PATH"
600		echo "	SetEnv PATH='$PATH_WITH_SCP'" >>$OBJ/sshd_config
601		echo "	SetEnv PATH='$PATH_WITH_SCP'" >>$OBJ/sshd_proxy ;;
602	esac
603}
604
605RESULT=0
606PIDFILE=$OBJ/pidfile
607
608trap fatal 3 2
609
610# create server config
611cat << EOF > $OBJ/sshd_config
612	StrictModes		no
613	Port			$PORT
614	AddressFamily		inet
615	ListenAddress		127.0.0.1
616	#ListenAddress		::1
617	PidFile			$PIDFILE
618	AuthorizedKeysFile	$OBJ/authorized_keys_%u
619	LogLevel		DEBUG3
620	AcceptEnv		_XXX_TEST_*
621	AcceptEnv		_XXX_TEST
622	Subsystem	sftp	$SFTPSERVER
623	SshdSessionPath		$SSHD_SESSION
624	PerSourcePenalties	no
625EOF
626
627# This may be necessary if /usr/src and/or /usr/obj are group-writable,
628# but if you aren't careful with permissions then the unit tests could
629# be abused to locally escalate privileges.
630if [ ! -z "$TEST_SSH_UNSAFE_PERMISSIONS" ]; then
631	echo "	StrictModes no" >> $OBJ/sshd_config
632else
633	# check and warn if excessive permissions are likely to cause failures.
634	unsafe=""
635	dir="${OBJ}"
636	while test ${dir} != "/"; do
637		if test -d "${dir}" && ! test -h "${dir}"; then
638			perms=`ls -ld ${dir}`
639			case "${perms}" in
640			?????w????*|????????w?*) unsafe="${unsafe} ${dir}" ;;
641			esac
642		fi
643		dir=`dirname ${dir}`
644	done
645	if ! test  -z "${unsafe}"; then
646		cat <<EOD
647
648WARNING: Unsafe (group or world writable) directory permissions found:
649${unsafe}
650
651These could be abused to locally escalate privileges.  If you are
652sure that this is not a risk (eg there are no other users), you can
653bypass this check by setting TEST_SSH_UNSAFE_PERMISSIONS=1
654
655EOD
656	fi
657fi
658
659if [ ! -z "$TEST_SSH_MODULI_FILE" ]; then
660	trace "adding modulifile='$TEST_SSH_MODULI_FILE' to sshd_config"
661	echo "	ModuliFile '$TEST_SSH_MODULI_FILE'" >> $OBJ/sshd_config
662fi
663
664if [ ! -z "$TEST_SSH_SSHD_CONFOPTS" ]; then
665	trace "adding sshd_config option $TEST_SSH_SSHD_CONFOPTS"
666	echo "$TEST_SSH_SSHD_CONFOPTS" >> $OBJ/sshd_config
667fi
668
669# server config for proxy connects
670cp $OBJ/sshd_config $OBJ/sshd_proxy
671
672# allow group-writable directories in proxy-mode
673echo 'StrictModes no' >> $OBJ/sshd_proxy
674
675# create client config
676cat << EOF > $OBJ/ssh_config
677Host *
678	Hostname		127.0.0.1
679	HostKeyAlias		localhost-with-alias
680	Port			$PORT
681	User			$USER
682	GlobalKnownHostsFile	$OBJ/known_hosts
683	UserKnownHostsFile	$OBJ/known_hosts
684	PubkeyAuthentication	yes
685	ChallengeResponseAuthentication	no
686	PasswordAuthentication	no
687	BatchMode		yes
688	StrictHostKeyChecking	yes
689	LogLevel		DEBUG3
690EOF
691
692if [ ! -z "$TEST_SSH_SSH_CONFOPTS" ]; then
693	trace "adding ssh_config option $TEST_SSH_SSH_CONFOPTS"
694	echo "$TEST_SSH_SSH_CONFOPTS" >> $OBJ/ssh_config
695fi
696
697rm -f $OBJ/known_hosts $OBJ/authorized_keys_$USER
698
699SSH_SK_PROVIDER=
700if ! config_defined ENABLE_SK; then
701	trace skipping sk-dummy
702elif [ -f "${SRC}/misc/sk-dummy/obj/sk-dummy.so" ] ; then
703	SSH_SK_PROVIDER="${SRC}/misc/sk-dummy/obj/sk-dummy.so"
704elif [ -f "${OBJ}/misc/sk-dummy/sk-dummy.so" ] ; then
705	SSH_SK_PROVIDER="${OBJ}/misc/sk-dummy/sk-dummy.so"
706elif [ -f "${SRC}/misc/sk-dummy/sk-dummy.so" ] ; then
707	SSH_SK_PROVIDER="${SRC}/misc/sk-dummy/sk-dummy.so"
708fi
709export SSH_SK_PROVIDER
710
711if ! test -z "$SSH_SK_PROVIDER"; then
712	EXTRA_AGENT_ARGS='-P/*' # XXX want realpath(1)...
713	echo "SecurityKeyProvider $SSH_SK_PROVIDER" >> $OBJ/ssh_config
714	echo "SecurityKeyProvider $SSH_SK_PROVIDER" >> $OBJ/sshd_config
715	echo "SecurityKeyProvider $SSH_SK_PROVIDER" >> $OBJ/sshd_proxy
716fi
717export EXTRA_AGENT_ARGS
718
719maybe_filter_sk() {
720	if test -z "$SSH_SK_PROVIDER" ; then
721		grep -v ^sk
722	else
723		cat
724	fi
725}
726
727SSH_KEYTYPES=`$SSH -Q key-plain | maybe_filter_sk`
728SSH_HOSTKEY_TYPES=`$SSH -Q key-plain | maybe_filter_sk`
729
730for t in ${SSH_KEYTYPES}; do
731	# generate user key
732	if [ ! -f $OBJ/$t ] || [ ${SSHKEYGEN_BIN} -nt $OBJ/$t ]; then
733		trace "generating key type $t"
734		rm -f $OBJ/$t
735		${SSHKEYGEN} -q -N '' -t $t  -f $OBJ/$t ||\
736			fail "ssh-keygen for $t failed"
737	else
738		trace "using cached key type $t"
739	fi
740
741	# setup authorized keys
742	cat $OBJ/$t.pub >> $OBJ/authorized_keys_$USER
743	echo IdentityFile $OBJ/$t >> $OBJ/ssh_config
744done
745
746for t in ${SSH_HOSTKEY_TYPES}; do
747	# known hosts file for client
748	(
749		printf 'localhost-with-alias,127.0.0.1,::1 '
750		cat $OBJ/$t.pub
751	) >> $OBJ/known_hosts
752
753	# use key as host key, too
754	(umask 077; $SUDO cp $OBJ/$t $OBJ/host.$t)
755	echo HostKey $OBJ/host.$t >> $OBJ/sshd_config
756
757	# don't use SUDO for proxy connect
758	echo HostKey $OBJ/$t >> $OBJ/sshd_proxy
759done
760chmod 644 $OBJ/authorized_keys_$USER
761
762# Activate Twisted Conch tests if the binary is present
763REGRESS_INTEROP_CONCH=no
764if test -x "$CONCH" ; then
765	REGRESS_INTEROP_CONCH=yes
766fi
767
768# If PuTTY is present, new enough and we are running a PuTTY test, prepare
769# keys and configuration.
770REGRESS_INTEROP_PUTTY=no
771if test -x "$PUTTYGEN" -a -x "$PLINK" &&
772    "$PUTTYGEN" --help 2>&1 | grep -- --new-passphrase >/dev/null; then
773	REGRESS_INTEROP_PUTTY=yes
774fi
775case "$SCRIPT" in
776*putty*)	;;
777*)		REGRESS_INTEROP_PUTTY=no ;;
778esac
779
780puttysetup() {
781	if test "x$REGRESS_INTEROP_PUTTY" != "xyes" ; then
782		skip "putty interop tests not enabled"
783	fi
784
785	mkdir -p ${OBJ}/.putty
786
787	# Add a PuTTY key to authorized_keys
788	rm -f ${OBJ}/putty.rsa2
789	if ! "$PUTTYGEN" -t rsa -o ${OBJ}/putty.rsa2 \
790	    --random-device=/dev/urandom \
791	    --new-passphrase /dev/null < /dev/null > /dev/null; then
792		echo "Your installed version of PuTTY is too old to support --new-passphrase, skipping test" >&2
793		exit 1
794	fi
795	"$PUTTYGEN" -O public-openssh ${OBJ}/putty.rsa2 \
796	    >> $OBJ/authorized_keys_$USER
797
798	# Convert rsa2 host key to PuTTY format
799	cp $OBJ/ssh-rsa $OBJ/ssh-rsa_oldfmt
800	${SSHKEYGEN} -p -N '' -m PEM -f $OBJ/ssh-rsa_oldfmt >/dev/null
801	${SRC}/ssh2putty.sh 127.0.0.1 $PORT $OBJ/ssh-rsa_oldfmt > \
802	    ${OBJ}/.putty/sshhostkeys
803	${SRC}/ssh2putty.sh 127.0.0.1 22 $OBJ/ssh-rsa_oldfmt >> \
804	    ${OBJ}/.putty/sshhostkeys
805	rm -f $OBJ/ssh-rsa_oldfmt
806
807	# Setup proxied session
808	mkdir -p ${OBJ}/.putty/sessions
809	rm -f ${OBJ}/.putty/sessions/localhost_proxy
810	echo "Protocol=ssh" >> ${OBJ}/.putty/sessions/localhost_proxy
811	echo "HostName=127.0.0.1" >> ${OBJ}/.putty/sessions/localhost_proxy
812	echo "PortNumber=$PORT" >> ${OBJ}/.putty/sessions/localhost_proxy
813	echo "ProxyMethod=5" >> ${OBJ}/.putty/sessions/localhost_proxy
814	echo "ProxyTelnetCommand=${OBJ}/sshd-log-wrapper.sh -i -f $OBJ/sshd_proxy" >> ${OBJ}/.putty/sessions/localhost_proxy
815	echo "ProxyLocalhost=1" >> ${OBJ}/.putty/sessions/localhost_proxy
816
817	PUTTYVER="`${PLINK} --version | awk '/plink: Release/{print $3}'`"
818	PUTTYMAJORVER="`echo ${PUTTYVER} | cut -f1 -d.`"
819	PUTTYMINORVER="`echo ${PUTTYVER} | cut -f2 -d.`"
820	verbose "plink version ${PUTTYVER} major ${PUTTYMAJORVER} minor ${PUTTYMINORVER}"
821
822	# Re-enable ssh-rsa on older PuTTY versions since they don't do newer
823	# key types.
824	if [ "$PUTTYMAJORVER" -eq "0" ] && [ "$PUTTYMINORVER" -lt "76" ]; then
825		echo "HostKeyAlgorithms +ssh-rsa" >> ${OBJ}/sshd_proxy
826		echo "PubkeyAcceptedKeyTypes +ssh-rsa" >> ${OBJ}/sshd_proxy
827	fi
828
829	if [ "$PUTTYMAJORVER" -eq "0" ] && [ "$PUTTYMINORVER" -le "64" ]; then
830		echo "KexAlgorithms +diffie-hellman-group14-sha1" \
831		    >>${OBJ}/sshd_proxy
832	fi
833	PUTTYDIR=${OBJ}/.putty
834	export PUTTYDIR
835}
836
837REGRESS_INTEROP_DROPBEAR=no
838if test -x "$DROPBEARKEY" -a -x "$DBCLIENT" -a -x "$DROPBEARCONVERT"; then
839	REGRESS_INTEROP_DROPBEAR=yes
840fi
841case "$SCRIPT" in
842*dropbear*)	;;
843*)		REGRESS_INTEROP_DROPBEAR=no ;;
844esac
845
846if test "$REGRESS_INTEROP_DROPBEAR" = "yes" ; then
847	trace Create dropbear keys and add to authorized_keys
848	mkdir -p $OBJ/.dropbear
849	kt="ed25519"
850	for i in dss rsa ecdsa; do
851		if $SSH -Q key-plain | grep "$i" >/dev/null; then
852			kt="$kt $i"
853		else
854			rm -f "$OBJ/.dropbear/id_$i"
855		fi
856	done
857	for i in $kt; do
858		if [ ! -f "$OBJ/.dropbear/id_$i" ]; then
859			verbose Create dropbear key type $i
860			$DROPBEARKEY -t $i -f $OBJ/.dropbear/id_$i \
861			    >/dev/null 2>&1
862		fi
863		$DROPBEARCONVERT dropbear openssh $OBJ/.dropbear/id_$i \
864		    $OBJ/.dropbear/ossh.id_$i >/dev/null 2>&1
865		$SSHKEYGEN -y -f $OBJ/.dropbear/ossh.id_$i \
866		   >>$OBJ/authorized_keys_$USER
867		rm -f $OBJ/.dropbear/id_$i.pub $OBJ/.dropbear/ossh.id_$i
868	done
869fi
870
871# create a proxy version of the client config
872(
873	cat $OBJ/ssh_config
874	echo proxycommand ${SUDO} env SSH_SK_HELPER=\"$SSH_SK_HELPER\" ${OBJ}/sshd-log-wrapper.sh -i -f $OBJ/sshd_proxy
875) > $OBJ/ssh_proxy
876
877# check proxy config
878${SSHD} -t -f $OBJ/sshd_proxy	|| fatal "sshd_proxy broken"
879
880# extract proxycommand into separate shell script for use by Dropbear.
881echo '#!/bin/sh' >$OBJ/ssh_proxy.sh
882awk '/^proxycommand/' $OBJ/ssh_proxy | sed 's/^proxycommand//' \
883   >>$OBJ/ssh_proxy.sh
884chmod a+x $OBJ/ssh_proxy.sh
885
886start_sshd ()
887{
888	PIDFILE=$OBJ/pidfile
889	# start sshd
890	logfile="${TEST_SSH_LOGDIR}/sshd.`$OBJ/timestamp`.$$.log"
891	$SUDO ${SSHD} -f $OBJ/sshd_config "$@" -t || fatal "sshd_config broken"
892	$SUDO env SSH_SK_HELPER="$SSH_SK_HELPER" \
893	    ${SSHD} -f $OBJ/sshd_config "$@" -E$TEST_SSHD_LOGFILE
894
895	trace "wait for sshd"
896	i=0;
897	while [ ! -f $PIDFILE -a $i -lt 10 ]; do
898		i=`expr $i + 1`
899		sleep $i
900	done
901	ln -f -s ${logfile} $TEST_SSHD_LOGFILE
902
903	test -f $PIDFILE || fatal "no sshd running on port $PORT"
904}
905
906# Find a PKCS#11 library.
907p11_find_lib() {
908	TEST_SSH_PKCS11=""
909	for _lib in "$@" ; do
910		if test -f "$_lib" ; then
911			TEST_SSH_PKCS11="$_lib"
912			return
913		fi
914	done
915}
916
917# Perform PKCS#11 setup: prepares a softhsm2 token configuration, generated
918# keys and loads them into the virtual token.
919PKCS11_OK=
920export PKCS11_OK
921p11_setup() {
922	p11_find_lib \
923		/usr/local/lib/softhsm/libsofthsm2.so \
924		/usr/lib64/pkcs11/libsofthsm2.so \
925		/usr/lib/x86_64-linux-gnu/softhsm/libsofthsm2.so
926	test -z "$TEST_SSH_PKCS11" && return 1
927	verbose "using token library $TEST_SSH_PKCS11"
928	TEST_SSH_PIN=1234
929	TEST_SSH_SOPIN=12345678
930	if [ "x$TEST_SSH_SSHPKCS11HELPER" != "x" ]; then
931		SSH_PKCS11_HELPER="${TEST_SSH_SSHPKCS11HELPER}"
932		export SSH_PKCS11_HELPER
933	fi
934
935	# setup environment for softhsm2 token
936	SSH_SOFTHSM_DIR=$OBJ/SOFTHSM
937	export SSH_SOFTHSM_DIR
938	rm -rf $SSH_SOFTHSM_DIR
939	TOKEN=$SSH_SOFTHSM_DIR/tokendir
940	mkdir -p $TOKEN
941	SOFTHSM2_CONF=$SSH_SOFTHSM_DIR/softhsm2.conf
942	export SOFTHSM2_CONF
943	cat > $SOFTHSM2_CONF << EOF
944# SoftHSM v2 configuration file
945directories.tokendir = ${TOKEN}
946objectstore.backend = file
947# ERROR, WARNING, INFO, DEBUG
948log.level = DEBUG
949# If CKF_REMOVABLE_DEVICE flag should be set
950slots.removable = false
951EOF
952	out=$(softhsm2-util --init-token --free --label token-slot-0 --pin "$TEST_SSH_PIN" --so-pin "$TEST_SSH_SOPIN")
953	slot=$(echo -- $out | sed 's/.* //')
954	trace "generating keys"
955	# RSA key
956	RSA=${SSH_SOFTHSM_DIR}/RSA
957	RSAP8=${SSH_SOFTHSM_DIR}/RSAP8
958	$OPENSSL_BIN genpkey -algorithm rsa > $RSA 2>/dev/null || \
959	    fatal "genpkey RSA fail"
960	$OPENSSL_BIN pkcs8 -nocrypt -in $RSA > $RSAP8 || fatal "pkcs8 RSA fail"
961	softhsm2-util --slot "$slot" --label 01 --id 01 --pin "$TEST_SSH_PIN" \
962	    --import $RSAP8 >/dev/null || fatal "softhsm import RSA fail"
963	chmod 600 $RSA
964	ssh-keygen -y -f $RSA > ${RSA}.pub
965	# ECDSA key
966	ECPARAM=${SSH_SOFTHSM_DIR}/ECPARAM
967	EC=${SSH_SOFTHSM_DIR}/EC
968	ECP8=${SSH_SOFTHSM_DIR}/ECP8
969	$OPENSSL_BIN genpkey -genparam -algorithm ec \
970	    -pkeyopt ec_paramgen_curve:prime256v1 > $ECPARAM || \
971	    fatal "param EC fail"
972	$OPENSSL_BIN genpkey -paramfile $ECPARAM > $EC || \
973	    fatal "genpkey EC fail"
974	$OPENSSL_BIN pkcs8 -nocrypt -in $EC > $ECP8 || fatal "pkcs8 EC fail"
975	softhsm2-util --slot "$slot" --label 02 --id 02 --pin "$TEST_SSH_PIN" \
976	    --import $ECP8 >/dev/null || fatal "softhsm import EC fail"
977	chmod 600 $EC
978	ssh-keygen -y -f $EC > ${EC}.pub
979	# Prepare askpass script to load PIN.
980	PIN_SH=$SSH_SOFTHSM_DIR/pin.sh
981	cat > $PIN_SH << EOF
982#!/bin/sh
983echo "${TEST_SSH_PIN}"
984EOF
985	chmod 0700 "$PIN_SH"
986	PKCS11_OK=yes
987	return 0
988}
989
990# Peforms ssh-add with the right token PIN.
991p11_ssh_add() {
992	env SSH_ASKPASS="$PIN_SH" SSH_ASKPASS_REQUIRE=force ${SSHADD} "$@"
993}
994
995# source test body
996. $SCRIPT
997
998# kill sshd
999cleanup
1000
1001if [ "x$USE_VALGRIND" != "x" ]; then
1002	# If there is an EXIT trap handler, invoke it now.
1003	# Some tests set these to clean up processes such as ssh-agent.  We
1004	# need to wait for all valgrind processes to complete so we can check
1005	# their logs, but since the EXIT traps are not invoked until
1006	# test-exec.sh exits, waiting here will deadlock.
1007	# This is not very portable but then neither is valgrind itself.
1008	# As a bonus, dash (as used on the runners) has a "trap" that doesn't
1009	# work in a pipeline (hence the temp file) or a subshell.
1010	exithandler=""
1011	trap >/tmp/trap.$$ && exithandler=$(cat /tmp/trap.$$ | \
1012	    awk -F "'" '/EXIT$/{print $2}')
1013	rm -f /tmp/trap.$$
1014	if [ "x${exithandler}" != "x" ]; then
1015		verbose invoking EXIT trap handler early: ${exithandler}
1016		eval "${exithandler}"
1017		trap '' EXIT
1018	fi
1019
1020	# wait for any running process to complete
1021	wait; sleep 1
1022	VG_RESULTS=$(find $OBJ/valgrind-out -type f -print)
1023	VG_RESULT_COUNT=0
1024	VG_FAIL_COUNT=0
1025	for i in $VG_RESULTS; do
1026		if grep "ERROR SUMMARY" $i >/dev/null; then
1027			VG_RESULT_COUNT=$(($VG_RESULT_COUNT + 1))
1028			if ! grep "ERROR SUMMARY: 0 errors" $i >/dev/null; then
1029				VG_FAIL_COUNT=$(($VG_FAIL_COUNT + 1))
1030				RESULT=1
1031				verbose valgrind failure $i
1032				cat $i
1033			fi
1034		fi
1035	done
1036	if [ x"$VG_SKIP" != "x" ]; then
1037		verbose valgrind skipped
1038	else
1039		verbose valgrind results $VG_RESULT_COUNT failures $VG_FAIL_COUNT
1040	fi
1041fi
1042
1043if [ $RESULT -eq 0 ]; then
1044	verbose ok $tid
1045	if [ "x$CACHE" != "x" ]; then
1046		touch "$CACHE"
1047	fi
1048else
1049	echo failed $tid
1050fi
1051exit $RESULT
1052