xref: /freebsd/crypto/openssh/regress/test-exec.sh (revision 8e28d84935f2f0ee081d44f9803f3052b960e50b) 
1#	$OpenBSD: test-exec.sh,v 1.127 2025/03/28 05:41:15 dtucker Exp $
2#	Placed in the Public Domain.
3
4#SUDO=sudo
5
6if [ ! -z "$TEST_SSH_ELAPSED_TIMES" ]; then
7	STARTTIME=`date '+%s'`
8fi
9
10if [ ! -z "$TEST_SSH_PORT" ]; then
11	PORT="$TEST_SSH_PORT"
12else
13	PORT=4242
14fi
15
16OBJ=$1
17if [ "x$OBJ" = "x" ]; then
18	echo '$OBJ not defined'
19	exit 2
20fi
21if [ ! -d $OBJ ]; then
22	echo "not a directory: $OBJ"
23	exit 2
24fi
25SCRIPT=$2
26if [ "x$SCRIPT" = "x" ]; then
27	echo '$SCRIPT not defined'
28	exit 2
29fi
30if [ ! -f $SCRIPT ]; then
31	echo "not a file: $SCRIPT"
32	exit 2
33fi
34if $TEST_SHELL -n $SCRIPT; then
35	true
36else
37	echo "syntax error in $SCRIPT"
38	exit 2
39fi
40unset SSH_AUTH_SOCK
41
42# Portable-specific settings.
43
44if [ -x /usr/ucb/whoami ]; then
45	USER=`/usr/ucb/whoami`
46elif whoami >/dev/null 2>&1; then
47	USER=`whoami`
48elif logname >/dev/null 2>&1; then
49	USER=`logname`
50else
51	USER=`id -un`
52fi
53if test -z "$LOGNAME"; then
54	LOGNAME="${USER}"
55	export LOGNAME
56fi
57
58# Unbreak GNU head(1)
59_POSIX2_VERSION=199209
60export _POSIX2_VERSION
61
62case `uname -s 2>/dev/null` in
63OSF1*)
64	BIN_SH=xpg4
65	export BIN_SH
66	;;
67CYGWIN*)
68	os=cygwin
69	;;
70esac
71
72# If configure tells us to use a different egrep, create a wrapper function
73# to call it.  This means we don't need to change all the tests that depend
74# on a good implementation.
75if test "x${EGREP}" != "x"; then
76	egrep ()
77{
78	 ${EGREP} "$@"
79}
80fi
81
82SRC=`dirname ${SCRIPT}`
83
84# defaults
85SSH=ssh
86SSHD=sshd
87SSHAGENT=ssh-agent
88SSHADD=ssh-add
89SSHKEYGEN=ssh-keygen
90SSHKEYSCAN=ssh-keyscan
91SFTP=sftp
92SFTPSERVER=/usr/libexec/openssh/sftp-server
93SSHD_SESSION=/usr/libexec/sshd-session
94SSHD_AUTH=/usr/libexec/sshd-auth
95SCP=scp
96
97# Set by make_tmpdir() on demand (below).
98SSH_REGRESS_TMP=
99
100# Interop testing
101PLINK=/usr/local/bin/plink
102PUTTYGEN=/usr/local/bin/puttygen
103CONCH=/usr/local/bin/conch
104DROPBEAR=/usr/local/bin/dropbear
105DBCLIENT=/usr/local/bin/dbclient
106DROPBEARKEY=/usr/local/bin/dropbearkey
107DROPBEARCONVERT=/usr/local/bin/dropbearconvert
108
109# So we can override this in Portable.
110TEST_SHELL="${TEST_SHELL:-/bin/sh}"
111
112# Tools used by multiple tests
113NC=$OBJ/netcat
114# Always use the one configure tells us to, even if that's empty.
115#OPENSSL_BIN="${OPENSSL_BIN:-openssl}"
116
117if [ "x$TEST_SSH_SSH" != "x" ]; then
118	SSH="${TEST_SSH_SSH}"
119fi
120if [ "x$TEST_SSH_SSHD_SESSION" != "x" ]; then
121	SSHD_SESSION="${TEST_SSH_SSHD_SESSION}"
122fi
123if [ "x$TEST_SSH_SSHD_AUTH" != "x" ]; then
124	SSHD_AUTH="${TEST_SSH_SSHD_AUTH}"
125fi
126if [ "x$TEST_SSH_SSHD" != "x" ]; then
127	SSHD="${TEST_SSH_SSHD}"
128fi
129if [ "x$TEST_SSH_SSHAGENT" != "x" ]; then
130	SSHAGENT="${TEST_SSH_SSHAGENT}"
131fi
132if [ "x$TEST_SSH_SSHADD" != "x" ]; then
133	SSHADD="${TEST_SSH_SSHADD}"
134fi
135if [ "x$TEST_SSH_SSHKEYGEN" != "x" ]; then
136	SSHKEYGEN="${TEST_SSH_SSHKEYGEN}"
137fi
138if [ "x$TEST_SSH_SSHKEYSCAN" != "x" ]; then
139	SSHKEYSCAN="${TEST_SSH_SSHKEYSCAN}"
140fi
141if [ "x$TEST_SSH_SFTP" != "x" ]; then
142	SFTP="${TEST_SSH_SFTP}"
143fi
144if [ "x$TEST_SSH_SFTPSERVER" != "x" ]; then
145	SFTPSERVER="${TEST_SSH_SFTPSERVER}"
146fi
147if [ "x$TEST_SSH_SCP" != "x" ]; then
148	SCP="${TEST_SSH_SCP}"
149fi
150if [ "x$TEST_SSH_PLINK" != "x" ]; then
151	PLINK="${TEST_SSH_PLINK}"
152fi
153if [ "x$TEST_SSH_PUTTYGEN" != "x" ]; then
154	PUTTYGEN="${TEST_SSH_PUTTYGEN}"
155fi
156if [ "x$TEST_SSH_CONCH" != "x" ]; then
157	CONCH="${TEST_SSH_CONCH}"
158fi
159if [ "x$TEST_SSH_DROPBEAR" != "x" ]; then
160	DROPBEAR="${TEST_SSH_DROPBEAR}"
161fi
162if [ "x$TEST_SSH_DBCLIENT" != "x" ]; then
163	DBCLIENT="${TEST_SSH_DBCLIENT}"
164fi
165if [ "x$TEST_SSH_DROPBEARKEY" != "x" ]; then
166	DROPBEARKEY="${TEST_SSH_DROPBEARKEY}"
167fi
168if [ "x$TEST_SSH_DROPBEARCONVERT" != "x" ]; then
169	DROPBEARCONVERT="${TEST_SSH_DROPBEARCONVERT}"
170fi
171if [ "x$TEST_SSH_PKCS11_HELPER" != "x" ]; then
172	SSH_PKCS11_HELPER="${TEST_SSH_PKCS11_HELPER}"
173fi
174if [ "x$TEST_SSH_SK_HELPER" != "x" ]; then
175	SSH_SK_HELPER="${TEST_SSH_SK_HELPER}"
176fi
177if [ "x$TEST_SSH_OPENSSL" != "x" ]; then
178	OPENSSL_BIN="${TEST_SSH_OPENSSL}"
179fi
180
181# Path to sshd must be absolute for rexec
182case "$SSHD" in
183/*) ;;
184*) SSHD=`which $SSHD` ;;
185esac
186
187case "$SSH" in
188/*) ;;
189*) SSH=`which $SSH` ;;
190esac
191
192case "$SSHAGENT" in
193/*) ;;
194*) SSHAGENT=`which $SSHAGENT` ;;
195esac
196
197# Record the actual binaries used.
198SSH_BIN=${SSH}
199SSHD_BIN=${SSHD}
200SSHAGENT_BIN=${SSHAGENT}
201SSHADD_BIN=${SSHADD}
202SSHKEYGEN_BIN=${SSHKEYGEN}
203SSHKEYSCAN_BIN=${SSHKEYSCAN}
204SFTP_BIN=${SFTP}
205SFTPSERVER_BIN=${SFTPSERVER}
206SCP_BIN=${SCP}
207
208if [ "x$USE_VALGRIND" != "x" ]; then
209	rm -rf $OBJ/valgrind-out $OBJ/valgrind-vgdb
210	mkdir -p $OBJ/valgrind-out $OBJ/valgrind-vgdb
211	# When using sudo ensure low-priv tests can write pipes and logs.
212	if [ "x$SUDO" != "x" ]; then
213		chmod 777 $OBJ/valgrind-out $OBJ/valgrind-vgdb
214	fi
215	VG_TEST=`basename $SCRIPT .sh`
216
217	# Some tests are difficult to fix.
218	case "$VG_TEST" in
219	reexec)
220		VG_SKIP=1 ;;
221	sftp-chroot)
222		if [ "x${SUDO}" != "x" ]; then
223			VG_SKIP=1
224		fi ;;
225	esac
226
227	if [ x"$VG_SKIP" = "x" ]; then
228		VG_LEAK="--leak-check=no"
229		if [ x"$VALGRIND_CHECK_LEAKS" != "x" ]; then
230			VG_LEAK="--leak-check=full"
231		fi
232		VG_IGNORE="/bin/*,/sbin/*,/usr/*,/var/*"
233		VG_LOG="$OBJ/valgrind-out/${VG_TEST}."
234		VG_OPTS="--track-origins=yes $VG_LEAK"
235		VG_OPTS="$VG_OPTS --trace-children=yes"
236		VG_OPTS="$VG_OPTS --trace-children-skip=${VG_IGNORE}"
237		VG_OPTS="$VG_OPTS --vgdb-prefix=$OBJ/valgrind-vgdb/"
238		VG_PATH="valgrind"
239		if [ "x$VALGRIND_PATH" != "x" ]; then
240			VG_PATH="$VALGRIND_PATH"
241		fi
242		VG="$VG_PATH $VG_OPTS"
243		SSH="$VG --log-file=${VG_LOG}ssh.%p $SSH"
244		SSHD="$VG --log-file=${VG_LOG}sshd.%p $SSHD"
245		SSHAGENT="$VG --log-file=${VG_LOG}ssh-agent.%p $SSHAGENT"
246		SSHADD="$VG --log-file=${VG_LOG}ssh-add.%p $SSHADD"
247		SSHKEYGEN="$VG --log-file=${VG_LOG}ssh-keygen.%p $SSHKEYGEN"
248		SSHKEYSCAN="$VG --log-file=${VG_LOG}ssh-keyscan.%p $SSHKEYSCAN"
249		SFTP="$VG --log-file=${VG_LOG}sftp.%p ${SFTP}"
250		SCP="$VG --log-file=${VG_LOG}scp.%p $SCP"
251		cat > $OBJ/valgrind-sftp-server.sh << EOF
252#!/bin/sh
253exec $VG --log-file=${VG_LOG}sftp-server.%p $SFTPSERVER "\$@"
254EOF
255		chmod a+rx $OBJ/valgrind-sftp-server.sh
256		SFTPSERVER="$OBJ/valgrind-sftp-server.sh"
257	fi
258fi
259
260# Logfiles.
261# SSH_LOGFILE should be the debug output of ssh(1) only
262# SSHD_LOGFILE should be the debug output of sshd(8) only
263# REGRESS_LOGFILE is the log of progress of the regress test itself.
264# TEST_SSH_LOGDIR will contain datestamped logs of all binaries run in
265# chronological order.
266if [ "x$TEST_SSH_LOGDIR" = "x" ]; then
267	TEST_SSH_LOGDIR=$OBJ/log
268	mkdir -p $TEST_SSH_LOGDIR
269fi
270if [ "x$TEST_SSH_LOGFILE" = "x" ]; then
271	TEST_SSH_LOGFILE=$OBJ/ssh.log
272fi
273if [ "x$TEST_SSHD_LOGFILE" = "x" ]; then
274	TEST_SSHD_LOGFILE=$OBJ/sshd.log
275fi
276if [ "x$TEST_REGRESS_LOGFILE" = "x" ]; then
277	TEST_REGRESS_LOGFILE=$OBJ/regress.log
278fi
279
280# If set, keep track of successful tests and skip them them if we've
281# previously completed that test.
282if [ "x$TEST_REGRESS_CACHE_DIR" != "x" ]; then
283	if [ ! -d "$TEST_REGRESS_CACHE_DIR" ]; then
284		mkdir -p "$TEST_REGRESS_CACHE_DIR"
285	fi
286	TEST="`basename $SCRIPT .sh`"
287	CACHE="${TEST_REGRESS_CACHE_DIR}/${TEST}.cache"
288	for i in ${SSH} ${SSHD} ${SSHAGENT} ${SSHADD} ${SSHKEYGEN} ${SCP} \
289	    ${SFTP} ${SFTPSERVER} ${SSHKEYSCAN}; do
290		case $i in
291		/*)	bin="$i" ;;
292		*)	bin="`which $i`" ;;
293		esac
294		if [ "$bin" -nt "$CACHE" ]; then
295			rm -f "$CACHE"
296		fi
297	done
298	if [ -f "$CACHE" ]; then
299		echo ok cached $CACHE
300		exit 0
301	fi
302fi
303
304# truncate logfiles
305>$TEST_REGRESS_LOGFILE
306
307# Create ssh and sshd wrappers with logging.  These create a datestamped
308# unique file for every invocation so that we can retain all logs from a
309# given test no matter how many times it's invoked.  It also leaves a
310# symlink with the original name for tests (and people) who look for that.
311
312# For ssh, e can't just specify "SSH=ssh -E..." because sftp and scp don't
313# handle spaces in arguments.  scp and sftp like to use -q so we remove those
314# to preserve our debug logging.  In the rare instance where -q is desirable
315# -qq is equivalent and is not removed.
316SSHLOGWRAP=$OBJ/ssh-log-wrapper.sh
317rm -f ${SSHLOGWRAP}
318cat >$SSHLOGWRAP <<EOD
319#!/bin/sh
320timestamp="\`$OBJ/timestamp\`"
321logfile="${TEST_SSH_LOGDIR}/\${timestamp}.ssh.\$\$.log"
322echo "Executing: ${SSH} \$@" log \${logfile} >>$TEST_REGRESS_LOGFILE
323echo "Executing: ${SSH} \$@" >>\${logfile}
324for i in "\$@";do shift;case "\$i" in -q):;; *) set -- "\$@" "\$i";;esac;done
325rm -f $TEST_SSH_LOGFILE
326ln -f -s \${logfile} $TEST_SSH_LOGFILE
327exec ${SSH} -E\${logfile} "\$@"
328EOD
329
330chmod a+rx $OBJ/ssh-log-wrapper.sh
331REAL_SSH="$SSH"
332REAL_SSHD="$SSHD"
333SSH="$SSHLOGWRAP"
334
335SSHDLOGWRAP=$OBJ/sshd-log-wrapper.sh
336rm -f ${SSHDLOGWRAP}
337cat >$SSHDLOGWRAP <<EOD
338#!/bin/sh
339timestamp="\`$OBJ/timestamp\`"
340logfile="${TEST_SSH_LOGDIR}/\${timestamp}.sshd.\$\$.log"
341rm -f $TEST_SSHD_LOGFILE
342touch \$logfile
343test -z "$SUDO" || chown $USER \$logfile
344ln -f -s \${logfile} $TEST_SSHD_LOGFILE
345echo "Executing: ${SSHD} \$@" log \${logfile} >>$TEST_REGRESS_LOGFILE
346echo "Executing: ${SSHD} \$@" >>\${logfile}
347exec ${SSHD} -E\${logfile} "\$@"
348EOD
349chmod a+rx $OBJ/sshd-log-wrapper.sh
350
351ssh_logfile ()
352{
353	tool="$1"
354	timestamp="`$OBJ/timestamp`"
355	logfile="${TEST_SSH_LOGDIR}/${timestamp}.$tool.$$.log"
356	echo "Logging $tool to log \${logfile}" >>$TEST_REGRESS_LOGFILE
357	echo $logfile
358}
359
360# Some test data.  We make a copy because some tests will overwrite it.
361# The tests may assume that $DATA exists and is writable and $COPY does
362# not exist.  Tests requiring larger data files can call increase_datafile_size
363# [kbytes] to ensure the file is at least that large.
364DATANAME=data
365DATA=$OBJ/${DATANAME}
366cat ${SSH_BIN} >${DATA}
367chmod u+w ${DATA}
368COPY=$OBJ/copy
369rm -f ${COPY}
370
371increase_datafile_size()
372{
373	while [ `du -k ${DATA} | cut -f1` -lt $1 ]; do
374		cat ${SSH_BIN} >>${DATA}
375	done
376}
377
378# these should be used in tests
379export SSH SSHD SSHAGENT SSHADD SSHKEYGEN SSHKEYSCAN SFTP SFTPSERVER SCP
380export SSH_PKCS11_HELPER SSH_SK_HELPER
381#echo $SSH $SSHD $SSHAGENT $SSHADD $SSHKEYGEN $SSHKEYSCAN $SFTP $SFTPSERVER $SCP
382
383# Portable specific functions
384which()
385{
386	saved_IFS="$IFS"
387	IFS=":"
388	for i in $PATH
389	do
390		if [ -x $i/$1 ]; then
391			IFS="$saved_IFS"
392			echo "$i/$1"
393			return 0
394		fi
395	done
396	IFS="$saved_IFS"
397	echo "$i/$1"
398	return 1
399}
400
401have_prog()
402{
403	which "$1" >/dev/null 2>&1
404	return $?
405}
406
407jot() {
408	awk "BEGIN { for (i = $2; i < $2 + $1; i++) { printf \"%d\n\", i } exit }"
409}
410
411if [ ! -x "`which rev`" ]; then
412rev()
413{
414	awk '{for (i=length; i>0; i--) printf "%s", substr($0, i, 1); print ""}'
415}
416fi
417
418if [ -x "/usr/xpg4/bin/id" ]; then
419id()
420{
421	/usr/xpg4/bin/id $@
422}
423fi
424
425# Check whether preprocessor symbols are defined in config.h.
426config_defined ()
427{
428	str=$1
429	while test "x$2" != "x" ; do
430		str="$str|$2"
431		shift
432	done
433	egrep "^#define.*($str)" ${BUILDDIR}/config.h >/dev/null 2>&1
434}
435
436md5 () {
437	if have_prog md5sum; then
438		md5sum
439	elif have_prog openssl; then
440		openssl md5
441	elif have_prog cksum; then
442		cksum
443	elif have_prog sum; then
444		sum
445	elif [ -x ${OPENSSL_BIN} ]; then
446		${OPENSSL_BIN} md5
447	else
448		wc -c
449	fi
450}
451
452# Some platforms don't have hostname at all, but on others uname -n doesn't
453# provide the fully qualified name we need, so in the former case we create
454# our own hostname function.
455if ! have_prog hostname; then
456	hostname() {
457		uname -n
458	}
459fi
460
461make_tmpdir ()
462{
463	SSH_REGRESS_TMP="$($OBJ/mkdtemp openssh-XXXXXXXX)" || \
464	    fatal "failed to create temporary directory"
465}
466# End of portable specific functions
467
468stop_sshd ()
469{
470	[ -z $PIDFILE ] && return
471	[ -f $PIDFILE ] || return
472	pid=`$SUDO cat $PIDFILE`
473	if [ "X$pid" = "X" ]; then
474		echo "no sshd running" 1>&2
475		return
476	elif [ $pid -lt 2 ]; then
477		echo "bad pid for sshd: $pid" 1>&2
478		return
479	fi
480	$SUDO kill $pid
481	trace "wait for sshd to exit"
482	i=0;
483	while [ -f $PIDFILE -a $i -lt 5 ]; do
484		i=`expr $i + 1`
485		sleep $i
486	done
487	if test -f $PIDFILE; then
488		if $SUDO kill -0 $pid; then
489			echo "sshd didn't exit port $PORT pid $pid" 1>&2
490		else
491			echo "sshd died without cleanup" 1>&2
492		fi
493		exit 1
494	fi
495	PIDFILE=""
496}
497
498# helper
499cleanup ()
500{
501	if [ "x$SSH_PID" != "x" ]; then
502		if [ $SSH_PID -lt 2 ]; then
503			echo bad pid for ssh: $SSH_PID
504		else
505			kill $SSH_PID
506		fi
507	fi
508	if [ "x$SSH_REGRESS_TMP" != "x" ]; then
509		rm -rf "$SSH_REGRESS_TMP"
510	fi
511	stop_sshd
512	if [ ! -z "$TEST_SSH_ELAPSED_TIMES" ]; then
513		now=`date '+%s'`
514		elapsed=$(($now - $STARTTIME))
515		echo elapsed $elapsed `basename $SCRIPT .sh`
516	fi
517}
518
519start_debug_log ()
520{
521	echo "trace: $@" >>$TEST_REGRESS_LOGFILE
522	if [ -d "$TEST_SSH_LOGDIR" ]; then
523		rm -f $TEST_SSH_LOGDIR/*
524	fi
525}
526
527save_debug_log ()
528{
529	testname=`echo $tid | tr ' ' _`
530	tarname="$OBJ/failed-$testname-logs.tar"
531
532	for logfile in $TEST_SSH_LOGDIR $TEST_REGRESS_LOGFILE \
533	    $TEST_SSH_LOGFILE $TEST_SSHD_LOGFILE; do
534		if [ ! -z "$SUDO" ] && [ -e "$logfile" ]; then
535			$SUDO chown -R $USER $logfile
536		fi
537	done
538	echo $@ >>$TEST_REGRESS_LOGFILE
539	echo $@ >>$TEST_SSH_LOGFILE
540	echo $@ >>$TEST_SSHD_LOGFILE
541	echo "Saving debug logs to $tarname" >>$TEST_REGRESS_LOGFILE
542	(cat $TEST_REGRESS_LOGFILE; echo) >>$OBJ/failed-regress.log
543	(cat $TEST_SSH_LOGFILE; echo) >>$OBJ/failed-ssh.log
544	(cat $TEST_SSHD_LOGFILE; echo) >>$OBJ/failed-sshd.log
545
546	# Save all logfiles in a tarball.
547	(cd $OBJ &&
548	  logfiles=""
549	  for i in $TEST_REGRESS_LOGFILE $TEST_SSH_LOGFILE $TEST_SSHD_LOGFILE \
550	    $TEST_SSH_LOGDIR; do
551		if [ -e "`basename $i`" ]; then
552			logfiles="$logfiles `basename $i`"
553		else
554			logfiles="$logfiles $i"
555		fi
556	  done
557	  tar cf "$tarname" $logfiles)
558}
559
560trace ()
561{
562	start_debug_log $@
563	if [ "X$TEST_SSH_TRACE" = "Xyes" ]; then
564		echo "$@"
565	fi
566}
567
568verbose ()
569{
570	start_debug_log $@
571	if [ "X$TEST_SSH_QUIET" != "Xyes" ]; then
572		echo "$@"
573	fi
574}
575
576fail ()
577{
578	save_debug_log "FAIL: $@"
579	RESULT=1
580	echo "$@"
581	if test "x$TEST_SSH_FAIL_FATAL" != "x" ; then
582		cleanup
583		exit $RESULT
584	fi
585}
586
587fatal ()
588{
589	save_debug_log "FATAL: $@"
590	printf "FATAL: "
591	fail "$@"
592	cleanup
593	exit $RESULT
594}
595
596# Skip remaining tests in script.
597skip ()
598{
599	echo "SKIPPED: $@"
600	cleanup
601	exit $RESULT
602}
603
604maybe_add_scp_path_to_sshd ()
605{
606	# If we're testing a non-installed scp, add its directory to sshd's
607	# PATH so we can test it.  We don't do this for all tests as it
608	# breaks the SetEnv tests.
609	case "$SCP" in
610	/*)	PATH_WITH_SCP="`dirname $SCP`:$PATH"
611		echo "	SetEnv PATH='$PATH_WITH_SCP'" >>$OBJ/sshd_config
612		echo "	SetEnv PATH='$PATH_WITH_SCP'" >>$OBJ/sshd_proxy ;;
613	esac
614}
615
616RESULT=0
617PIDFILE=$OBJ/pidfile
618
619trap fatal 3 2
620
621# create server config
622cat << EOF > $OBJ/sshd_config
623	StrictModes		no
624	Port			$PORT
625	AddressFamily		inet
626	ListenAddress		127.0.0.1
627	#ListenAddress		::1
628	PidFile			$PIDFILE
629	AuthorizedKeysFile	$OBJ/authorized_keys_%u
630	LogLevel		DEBUG3
631	AcceptEnv		_XXX_TEST_*
632	AcceptEnv		_XXX_TEST
633	Subsystem	sftp	$SFTPSERVER
634	SshdSessionPath		$SSHD_SESSION
635	SshdAuthPath		$SSHD_AUTH
636	PerSourcePenalties	no
637EOF
638
639# This may be necessary if /usr/src and/or /usr/obj are group-writable,
640# but if you aren't careful with permissions then the unit tests could
641# be abused to locally escalate privileges.
642if [ ! -z "$TEST_SSH_UNSAFE_PERMISSIONS" ]; then
643	echo "	StrictModes no" >> $OBJ/sshd_config
644else
645	# check and warn if excessive permissions are likely to cause failures.
646	unsafe=""
647	dir="${OBJ}"
648	while test ${dir} != "/"; do
649		if test -d "${dir}" && ! test -h "${dir}"; then
650			perms=`ls -ld ${dir}`
651			case "${perms}" in
652			?????w????*|????????w?*) unsafe="${unsafe} ${dir}" ;;
653			esac
654		fi
655		dir=`dirname ${dir}`
656	done
657	if ! test  -z "${unsafe}"; then
658		cat <<EOD
659
660WARNING: Unsafe (group or world writable) directory permissions found:
661${unsafe}
662
663These could be abused to locally escalate privileges.  If you are
664sure that this is not a risk (eg there are no other users), you can
665bypass this check by setting TEST_SSH_UNSAFE_PERMISSIONS=1
666
667EOD
668	fi
669fi
670
671if [ ! -z "$TEST_SSH_MODULI_FILE" ]; then
672	trace "adding modulifile='$TEST_SSH_MODULI_FILE' to sshd_config"
673	echo "	ModuliFile '$TEST_SSH_MODULI_FILE'" >> $OBJ/sshd_config
674fi
675
676if [ ! -z "$TEST_SSH_SSHD_CONFOPTS" ]; then
677	trace "adding sshd_config option $TEST_SSH_SSHD_CONFOPTS"
678	echo "$TEST_SSH_SSHD_CONFOPTS" >> $OBJ/sshd_config
679fi
680
681# server config for proxy connects
682cp $OBJ/sshd_config $OBJ/sshd_proxy
683
684# allow group-writable directories in proxy-mode
685echo 'StrictModes no' >> $OBJ/sshd_proxy
686
687# create client config
688cat << EOF > $OBJ/ssh_config
689Host *
690	Hostname		127.0.0.1
691	HostKeyAlias		localhost-with-alias
692	Port			$PORT
693	User			$USER
694	GlobalKnownHostsFile	$OBJ/known_hosts
695	UserKnownHostsFile	$OBJ/known_hosts
696	PubkeyAuthentication	yes
697	ChallengeResponseAuthentication	no
698	PasswordAuthentication	no
699	BatchMode		yes
700	StrictHostKeyChecking	yes
701	LogLevel		DEBUG3
702EOF
703
704if [ ! -z "$TEST_SSH_SSH_CONFOPTS" ]; then
705	trace "adding ssh_config option $TEST_SSH_SSH_CONFOPTS"
706	echo "$TEST_SSH_SSH_CONFOPTS" >> $OBJ/ssh_config
707fi
708
709rm -f $OBJ/known_hosts $OBJ/authorized_keys_$USER
710
711SSH_SK_PROVIDER=
712if ! config_defined ENABLE_SK; then
713	trace skipping sk-dummy
714elif [ -f "${SRC}/misc/sk-dummy/obj/sk-dummy.so" ] ; then
715	SSH_SK_PROVIDER="${SRC}/misc/sk-dummy/obj/sk-dummy.so"
716elif [ -f "${OBJ}/misc/sk-dummy/sk-dummy.so" ] ; then
717	SSH_SK_PROVIDER="${OBJ}/misc/sk-dummy/sk-dummy.so"
718elif [ -f "${SRC}/misc/sk-dummy/sk-dummy.so" ] ; then
719	SSH_SK_PROVIDER="${SRC}/misc/sk-dummy/sk-dummy.so"
720fi
721export SSH_SK_PROVIDER
722
723if ! test -z "$SSH_SK_PROVIDER"; then
724	EXTRA_AGENT_ARGS='-P/*' # XXX want realpath(1)...
725	echo "SecurityKeyProvider $SSH_SK_PROVIDER" >> $OBJ/ssh_config
726	echo "SecurityKeyProvider $SSH_SK_PROVIDER" >> $OBJ/sshd_config
727	echo "SecurityKeyProvider $SSH_SK_PROVIDER" >> $OBJ/sshd_proxy
728fi
729export EXTRA_AGENT_ARGS
730
731maybe_filter_sk() {
732	if test -z "$SSH_SK_PROVIDER" ; then
733		grep -v ^sk
734	else
735		cat
736	fi
737}
738
739SSH_KEYTYPES=`$SSH -Q key-plain | maybe_filter_sk`
740SSH_HOSTKEY_TYPES=`$SSH -Q key-plain | maybe_filter_sk`
741
742for t in ${SSH_KEYTYPES}; do
743	# generate user key
744	if [ ! -f $OBJ/$t ] || [ ${SSHKEYGEN_BIN} -nt $OBJ/$t ]; then
745		trace "generating key type $t"
746		rm -f $OBJ/$t
747		${SSHKEYGEN} -q -N '' -t $t  -f $OBJ/$t ||\
748			fail "ssh-keygen for $t failed"
749	else
750		trace "using cached key type $t"
751	fi
752
753	# setup authorized keys
754	cat $OBJ/$t.pub >> $OBJ/authorized_keys_$USER
755	echo IdentityFile $OBJ/$t >> $OBJ/ssh_config
756done
757
758for t in ${SSH_HOSTKEY_TYPES}; do
759	# known hosts file for client
760	(
761		printf 'localhost-with-alias,127.0.0.1,::1 '
762		cat $OBJ/$t.pub
763	) >> $OBJ/known_hosts
764
765	# use key as host key, too
766	(umask 077; $SUDO cp $OBJ/$t $OBJ/host.$t)
767	echo HostKey $OBJ/host.$t >> $OBJ/sshd_config
768
769	# don't use SUDO for proxy connect
770	echo HostKey $OBJ/$t >> $OBJ/sshd_proxy
771done
772chmod 644 $OBJ/authorized_keys_$USER
773
774# Activate Twisted Conch tests if the binary is present
775REGRESS_INTEROP_CONCH=no
776if test -x "$CONCH" ; then
777	REGRESS_INTEROP_CONCH=yes
778fi
779
780# If PuTTY is present, new enough and we are running a PuTTY test, prepare
781# keys and configuration.
782REGRESS_INTEROP_PUTTY=no
783if test -x "$PUTTYGEN" -a -x "$PLINK" &&
784    "$PUTTYGEN" --help 2>&1 | grep -- --new-passphrase >/dev/null; then
785	REGRESS_INTEROP_PUTTY=yes
786fi
787case "$SCRIPT" in
788*putty*)	;;
789*)		REGRESS_INTEROP_PUTTY=no ;;
790esac
791
792puttysetup() {
793	if test "x$REGRESS_INTEROP_PUTTY" != "xyes" ; then
794		skip "putty interop tests not enabled"
795	fi
796
797	mkdir -p ${OBJ}/.putty
798
799	# Add a PuTTY key to authorized_keys
800	rm -f ${OBJ}/putty.rsa2
801	if ! "$PUTTYGEN" -t rsa -o ${OBJ}/putty.rsa2 \
802	    --random-device=/dev/urandom \
803	    --new-passphrase /dev/null < /dev/null > /dev/null; then
804		echo "Your installed version of PuTTY is too old to support --new-passphrase, skipping test" >&2
805		exit 1
806	fi
807	"$PUTTYGEN" -O public-openssh ${OBJ}/putty.rsa2 \
808	    >> $OBJ/authorized_keys_$USER
809
810	# Convert rsa2 host key to PuTTY format
811	cp $OBJ/ssh-rsa $OBJ/ssh-rsa_oldfmt
812	${SSHKEYGEN} -p -N '' -m PEM -f $OBJ/ssh-rsa_oldfmt >/dev/null
813	${SRC}/ssh2putty.sh 127.0.0.1 $PORT $OBJ/ssh-rsa_oldfmt > \
814	    ${OBJ}/.putty/sshhostkeys
815	${SRC}/ssh2putty.sh 127.0.0.1 22 $OBJ/ssh-rsa_oldfmt >> \
816	    ${OBJ}/.putty/sshhostkeys
817	rm -f $OBJ/ssh-rsa_oldfmt
818
819	# Setup proxied session
820	mkdir -p ${OBJ}/.putty/sessions
821	rm -f ${OBJ}/.putty/sessions/localhost_proxy
822	echo "Protocol=ssh" >> ${OBJ}/.putty/sessions/localhost_proxy
823	echo "HostName=127.0.0.1" >> ${OBJ}/.putty/sessions/localhost_proxy
824	echo "PortNumber=$PORT" >> ${OBJ}/.putty/sessions/localhost_proxy
825	echo "ProxyMethod=5" >> ${OBJ}/.putty/sessions/localhost_proxy
826	echo "ProxyTelnetCommand=${OBJ}/sshd-log-wrapper.sh -i -f $OBJ/sshd_proxy" >> ${OBJ}/.putty/sessions/localhost_proxy
827	echo "ProxyLocalhost=1" >> ${OBJ}/.putty/sessions/localhost_proxy
828
829	PUTTYVER="`${PLINK} --version | awk '/plink: Release/{print $3}'`"
830	PUTTYMAJORVER="`echo ${PUTTYVER} | cut -f1 -d.`"
831	PUTTYMINORVER="`echo ${PUTTYVER} | cut -f2 -d.`"
832	verbose "plink version ${PUTTYVER} major ${PUTTYMAJORVER} minor ${PUTTYMINORVER}"
833
834	# Re-enable ssh-rsa on older PuTTY versions since they don't do newer
835	# key types.
836	if [ "$PUTTYMAJORVER" -eq "0" ] && [ "$PUTTYMINORVER" -lt "76" ]; then
837		echo "HostKeyAlgorithms +ssh-rsa" >> ${OBJ}/sshd_proxy
838		echo "PubkeyAcceptedKeyTypes +ssh-rsa" >> ${OBJ}/sshd_proxy
839	fi
840
841	if [ "$PUTTYMAJORVER" -eq "0" ] && [ "$PUTTYMINORVER" -le "64" ]; then
842		echo "KexAlgorithms +diffie-hellman-group14-sha1" \
843		    >>${OBJ}/sshd_proxy
844	fi
845	PUTTYDIR=${OBJ}/.putty
846	export PUTTYDIR
847}
848
849REGRESS_INTEROP_DROPBEAR=no
850if test -x "$DROPBEARKEY" -a -x "$DBCLIENT" -a -x "$DROPBEARCONVERT"; then
851	REGRESS_INTEROP_DROPBEAR=yes
852fi
853case "$SCRIPT" in
854*dropbear*)	;;
855*)		REGRESS_INTEROP_DROPBEAR=no ;;
856esac
857
858if test "$REGRESS_INTEROP_DROPBEAR" = "yes" ; then
859	trace Create dropbear keys and add to authorized_keys
860	mkdir -p $OBJ/.dropbear $OBJ/.ssh
861	awk '{print "somehost "$2" "$3}' $OBJ/known_hosts >$OBJ/.ssh/known_hosts
862	kt="ed25519"
863	for i in dss rsa ecdsa; do
864		if $SSH -Q key-plain | grep "$i" >/dev/null; then
865			kt="$kt $i"
866		else
867			rm -f "$OBJ/.dropbear/id_$i"
868		fi
869	done
870	for i in $kt; do
871		if [ ! -f "$OBJ/.dropbear/id_$i" ]; then
872			verbose Create dropbear key type $i
873			$DROPBEARKEY -t $i -f $OBJ/.dropbear/id_$i \
874			    >/dev/null 2>&1
875		fi
876		$DROPBEARCONVERT dropbear openssh $OBJ/.dropbear/id_$i \
877		    $OBJ/.dropbear/ossh.id_$i >/dev/null 2>&1
878		$SSHKEYGEN -y -f $OBJ/.dropbear/ossh.id_$i \
879		   >>$OBJ/authorized_keys_$USER
880		rm -f $OBJ/.dropbear/id_$i.pub $OBJ/.dropbear/ossh.id_$i
881	done
882fi
883
884# create a proxy version of the client config
885(
886	cat $OBJ/ssh_config
887	echo proxycommand ${SUDO} env SSH_SK_HELPER=\"$SSH_SK_HELPER\" ${TEST_SSH_SSHD_ENV} ${OBJ}/sshd-log-wrapper.sh -i -f $OBJ/sshd_proxy
888) > $OBJ/ssh_proxy
889
890# check proxy config
891${SSHD} -t -f $OBJ/sshd_proxy	|| fatal "sshd_proxy broken"
892
893# extract proxycommand into separate shell script for use by Dropbear.
894echo '#!/bin/sh' >$OBJ/ssh_proxy.sh
895awk '/^proxycommand/' $OBJ/ssh_proxy | sed 's/^proxycommand//' \
896   >>$OBJ/ssh_proxy.sh
897chmod a+x $OBJ/ssh_proxy.sh
898
899start_sshd ()
900{
901	PIDFILE=$OBJ/pidfile
902	# start sshd
903	logfile="${TEST_SSH_LOGDIR}/sshd.`$OBJ/timestamp`.$$.log"
904	$SUDO env SSH_SK_HELPER="$SSH_SK_HELPER" ${TEST_SSH_SSHD_ENV} \
905	    ${SSHD} -f $OBJ/sshd_config "$@" -t || fatal "sshd_config broken"
906	$SUDO env SSH_SK_HELPER="$SSH_SK_HELPER" ${TEST_SSH_SSHD_ENV} \
907	    ${SSHD} -f $OBJ/sshd_config "$@" -E$TEST_SSHD_LOGFILE
908
909	trace "wait for sshd"
910	i=0;
911	while [ ! -f $PIDFILE -a $i -lt 10 ]; do
912		i=`expr $i + 1`
913		sleep $i
914	done
915	rm -f ${TEST_SSHD_LOGFILE}
916	ln -f -s ${logfile} $TEST_SSHD_LOGFILE
917
918	test -f $PIDFILE || fatal "no sshd running on port $PORT"
919}
920
921# Find a PKCS#11 library.
922p11_find_lib() {
923	TEST_SSH_PKCS11=""
924	for _lib in "$@" ; do
925		if test -f "$_lib" ; then
926			TEST_SSH_PKCS11="$_lib"
927			return
928		fi
929	done
930}
931
932# Perform PKCS#11 setup: prepares a softhsm2 token configuration, generated
933# keys and loads them into the virtual token.
934PKCS11_OK=
935export PKCS11_OK
936p11_setup() {
937	p11_find_lib \
938		/usr/local/lib/softhsm/libsofthsm2.so \
939		/usr/lib64/pkcs11/libsofthsm2.so \
940		/usr/lib/x86_64-linux-gnu/softhsm/libsofthsm2.so
941	test -z "$TEST_SSH_PKCS11" && return 1
942	verbose "using token library $TEST_SSH_PKCS11"
943	TEST_SSH_PIN=1234
944	TEST_SSH_SOPIN=12345678
945	if [ "x$TEST_SSH_SSHPKCS11HELPER" != "x" ]; then
946		SSH_PKCS11_HELPER="${TEST_SSH_SSHPKCS11HELPER}"
947		export SSH_PKCS11_HELPER
948	fi
949
950	# setup environment for softhsm2 token
951	SSH_SOFTHSM_DIR=$OBJ/SOFTHSM
952	export SSH_SOFTHSM_DIR
953	rm -rf $SSH_SOFTHSM_DIR
954	TOKEN=$SSH_SOFTHSM_DIR/tokendir
955	mkdir -p $TOKEN
956	SOFTHSM2_CONF=$SSH_SOFTHSM_DIR/softhsm2.conf
957	export SOFTHSM2_CONF
958	cat > $SOFTHSM2_CONF << EOF
959# SoftHSM v2 configuration file
960directories.tokendir = ${TOKEN}
961objectstore.backend = file
962# ERROR, WARNING, INFO, DEBUG
963log.level = DEBUG
964# If CKF_REMOVABLE_DEVICE flag should be set
965slots.removable = false
966EOF
967	out=$(softhsm2-util --init-token --free --label token-slot-0 --pin "$TEST_SSH_PIN" --so-pin "$TEST_SSH_SOPIN")
968	slot=$(echo -- $out | sed 's/.* //')
969	trace "generating keys"
970	# RSA key
971	RSA=${SSH_SOFTHSM_DIR}/RSA
972	RSAP8=${SSH_SOFTHSM_DIR}/RSAP8
973	$OPENSSL_BIN genpkey -algorithm rsa > $RSA 2>/dev/null || \
974	    fatal "genpkey RSA fail"
975	$OPENSSL_BIN pkcs8 -nocrypt -in $RSA > $RSAP8 || fatal "pkcs8 RSA fail"
976	softhsm2-util --slot "$slot" --label 01 --id 01 --pin "$TEST_SSH_PIN" \
977	    --import $RSAP8 >/dev/null || fatal "softhsm import RSA fail"
978	chmod 600 $RSA
979	ssh-keygen -y -f $RSA > ${RSA}.pub
980	# ECDSA key
981	ECPARAM=${SSH_SOFTHSM_DIR}/ECPARAM
982	EC=${SSH_SOFTHSM_DIR}/EC
983	ECP8=${SSH_SOFTHSM_DIR}/ECP8
984	$OPENSSL_BIN genpkey -genparam -algorithm ec \
985	    -pkeyopt ec_paramgen_curve:prime256v1 > $ECPARAM || \
986	    fatal "param EC fail"
987	$OPENSSL_BIN genpkey -paramfile $ECPARAM > $EC || \
988	    fatal "genpkey EC fail"
989	$OPENSSL_BIN pkcs8 -nocrypt -in $EC > $ECP8 || fatal "pkcs8 EC fail"
990	softhsm2-util --slot "$slot" --label 02 --id 02 --pin "$TEST_SSH_PIN" \
991	    --import $ECP8 >/dev/null || fatal "softhsm import EC fail"
992	chmod 600 $EC
993	ssh-keygen -y -f $EC > ${EC}.pub
994	# Prepare askpass script to load PIN.
995	PIN_SH=$SSH_SOFTHSM_DIR/pin.sh
996	cat > $PIN_SH << EOF
997#!/bin/sh
998echo "${TEST_SSH_PIN}"
999EOF
1000	chmod 0700 "$PIN_SH"
1001	PKCS11_OK=yes
1002	return 0
1003}
1004
1005# Peforms ssh-add with the right token PIN.
1006p11_ssh_add() {
1007	env SSH_ASKPASS="$PIN_SH" SSH_ASKPASS_REQUIRE=force ${SSHADD} "$@"
1008}
1009
1010# source test body
1011. $SCRIPT
1012
1013# kill sshd
1014cleanup
1015
1016if [ "x$USE_VALGRIND" != "x" ]; then
1017	# If there is an EXIT trap handler, invoke it now.
1018	# Some tests set these to clean up processes such as ssh-agent.  We
1019	# need to wait for all valgrind processes to complete so we can check
1020	# their logs, but since the EXIT traps are not invoked until
1021	# test-exec.sh exits, waiting here will deadlock.
1022	# This is not very portable but then neither is valgrind itself.
1023	# As a bonus, dash (as used on the runners) has a "trap" that doesn't
1024	# work in a pipeline (hence the temp file) or a subshell.
1025	exithandler=""
1026	trap >/tmp/trap.$$ && exithandler=$(cat /tmp/trap.$$ | \
1027	    awk -F "'" '/EXIT$/{print $2}')
1028	rm -f /tmp/trap.$$
1029	if [ "x${exithandler}" != "x" ]; then
1030		verbose invoking EXIT trap handler early: ${exithandler}
1031		eval "${exithandler}"
1032		trap '' EXIT
1033	fi
1034
1035	# wait for any running process to complete
1036	wait; sleep 1
1037	VG_RESULTS=$(find $OBJ/valgrind-out -type f -print)
1038	VG_RESULT_COUNT=0
1039	VG_FAIL_COUNT=0
1040	for i in $VG_RESULTS; do
1041		if grep "ERROR SUMMARY" $i >/dev/null; then
1042			VG_RESULT_COUNT=$(($VG_RESULT_COUNT + 1))
1043			if ! grep "ERROR SUMMARY: 0 errors" $i >/dev/null; then
1044				VG_FAIL_COUNT=$(($VG_FAIL_COUNT + 1))
1045				RESULT=1
1046				verbose valgrind failure $i
1047				cat $i
1048			fi
1049		fi
1050	done
1051	if [ x"$VG_SKIP" != "x" ]; then
1052		verbose valgrind skipped
1053	else
1054		verbose valgrind results $VG_RESULT_COUNT failures $VG_FAIL_COUNT
1055	fi
1056fi
1057
1058if [ $RESULT -eq 0 ]; then
1059	verbose ok $tid
1060	if [ "x$CACHE" != "x" ]; then
1061		touch "$CACHE"
1062	fi
1063else
1064	echo failed $tid
1065fi
1066exit $RESULT
1067