xref: /freebsd/crypto/openssh/regress/test-exec.sh (revision e68aa5ab80ab57bdbcbe94dd2922a018d675e7f0) 
1#	$OpenBSD: test-exec.sh,v 1.131 2025/07/26 01:53:31 djm Exp $
2#	Placed in the Public Domain.
3
4#SUDO=sudo
5
6if [ ! -z "$TEST_SSH_ELAPSED_TIMES" ]; then
7	STARTTIME=`date '+%s'`
8fi
9
10if [ ! -z "$TEST_SSH_PORT" ]; then
11	PORT="$TEST_SSH_PORT"
12else
13	PORT=4242
14fi
15
16OBJ=$1
17if [ "x$OBJ" = "x" ]; then
18	echo '$OBJ not defined'
19	exit 2
20fi
21if [ ! -d $OBJ ]; then
22	echo "not a directory: $OBJ"
23	exit 2
24fi
25SCRIPT=$2
26if [ "x$SCRIPT" = "x" ]; then
27	echo '$SCRIPT not defined'
28	exit 2
29fi
30if [ ! -f $SCRIPT ]; then
31	echo "not a file: $SCRIPT"
32	exit 2
33fi
34if $TEST_SHELL -n $SCRIPT; then
35	true
36else
37	echo "syntax error in $SCRIPT"
38	exit 2
39fi
40unset SSH_AUTH_SOCK
41
42# Portable-specific settings.
43
44if [ -x /usr/ucb/whoami ]; then
45	USER=`/usr/ucb/whoami`
46elif whoami >/dev/null 2>&1; then
47	USER=`whoami`
48elif logname >/dev/null 2>&1; then
49	USER=`logname`
50else
51	USER=`id -un`
52fi
53if test -z "$LOGNAME"; then
54	LOGNAME="${USER}"
55	export LOGNAME
56fi
57
58# Unbreak GNU head(1)
59_POSIX2_VERSION=199209
60export _POSIX2_VERSION
61
62case `uname -s 2>/dev/null` in
63OSF1*)
64	BIN_SH=xpg4
65	export BIN_SH
66	;;
67CYGWIN*)
68	os=cygwin
69	;;
70esac
71
72# If configure tells us to use a different egrep, create a wrapper function
73# to call it.  This means we don't need to change all the tests that depend
74# on a good implementation.
75if test "x${EGREP}" != "x"; then
76	egrep ()
77{
78	 ${EGREP} "$@"
79}
80fi
81
82SRC=`dirname ${SCRIPT}`
83
84# defaults
85SSH=ssh
86SSHD=sshd
87SSHAGENT=ssh-agent
88SSHADD=ssh-add
89SSHKEYGEN=ssh-keygen
90SSHKEYSCAN=ssh-keyscan
91SFTP=sftp
92SFTPSERVER=/usr/libexec/openssh/sftp-server
93SSHD_SESSION=/usr/libexec/sshd-session
94SSHD_AUTH=/usr/libexec/sshd-auth
95SCP=scp
96
97# Set by make_tmpdir() on demand (below).
98SSH_REGRESS_TMP=
99
100# Interop testing
101PLINK=/usr/local/bin/plink
102PUTTYGEN=/usr/local/bin/puttygen
103CONCH=/usr/local/bin/conch
104DROPBEAR=/usr/local/sbin/dropbear
105DBCLIENT=/usr/local/bin/dbclient
106DROPBEARKEY=/usr/local/bin/dropbearkey
107DROPBEARCONVERT=/usr/local/bin/dropbearconvert
108
109# So we can override this in Portable.
110TEST_SHELL="${TEST_SHELL:-/bin/sh}"
111
112# Tools used by multiple tests
113NC=$OBJ/netcat
114# Always use the one configure tells us to, even if that's empty.
115#OPENSSL_BIN="${OPENSSL_BIN:-openssl}"
116
117if [ "x$TEST_SSH_SSH" != "x" ]; then
118	SSH="${TEST_SSH_SSH}"
119fi
120if [ "x$TEST_SSH_SSHD_SESSION" != "x" ]; then
121	SSHD_SESSION="${TEST_SSH_SSHD_SESSION}"
122fi
123if [ "x$TEST_SSH_SSHD_AUTH" != "x" ]; then
124	SSHD_AUTH="${TEST_SSH_SSHD_AUTH}"
125fi
126if [ "x$TEST_SSH_SSHD" != "x" ]; then
127	SSHD="${TEST_SSH_SSHD}"
128fi
129if [ "x$TEST_SSH_SSHAGENT" != "x" ]; then
130	SSHAGENT="${TEST_SSH_SSHAGENT}"
131fi
132if [ "x$TEST_SSH_SSHADD" != "x" ]; then
133	SSHADD="${TEST_SSH_SSHADD}"
134fi
135if [ "x$TEST_SSH_SSHKEYGEN" != "x" ]; then
136	SSHKEYGEN="${TEST_SSH_SSHKEYGEN}"
137fi
138if [ "x$TEST_SSH_SSHKEYSCAN" != "x" ]; then
139	SSHKEYSCAN="${TEST_SSH_SSHKEYSCAN}"
140fi
141if [ "x$TEST_SSH_SFTP" != "x" ]; then
142	SFTP="${TEST_SSH_SFTP}"
143fi
144if [ "x$TEST_SSH_SFTPSERVER" != "x" ]; then
145	SFTPSERVER="${TEST_SSH_SFTPSERVER}"
146fi
147if [ "x$TEST_SSH_SCP" != "x" ]; then
148	SCP="${TEST_SSH_SCP}"
149fi
150if [ "x$TEST_SSH_PLINK" != "x" ]; then
151	PLINK="${TEST_SSH_PLINK}"
152fi
153if [ "x$TEST_SSH_PUTTYGEN" != "x" ]; then
154	PUTTYGEN="${TEST_SSH_PUTTYGEN}"
155fi
156if [ "x$TEST_SSH_CONCH" != "x" ]; then
157	CONCH="${TEST_SSH_CONCH}"
158fi
159if [ "x$TEST_SSH_DROPBEAR" != "x" ]; then
160	DROPBEAR="${TEST_SSH_DROPBEAR}"
161fi
162if [ "x$TEST_SSH_DBCLIENT" != "x" ]; then
163	DBCLIENT="${TEST_SSH_DBCLIENT}"
164fi
165if [ "x$TEST_SSH_DROPBEARKEY" != "x" ]; then
166	DROPBEARKEY="${TEST_SSH_DROPBEARKEY}"
167fi
168if [ "x$TEST_SSH_DROPBEARCONVERT" != "x" ]; then
169	DROPBEARCONVERT="${TEST_SSH_DROPBEARCONVERT}"
170fi
171if [ "x$TEST_SSH_PKCS11_HELPER" != "x" ]; then
172	SSH_PKCS11_HELPER="${TEST_SSH_PKCS11_HELPER}"
173fi
174if [ "x$TEST_SSH_SK_HELPER" != "x" ]; then
175	SSH_SK_HELPER="${TEST_SSH_SK_HELPER}"
176fi
177if [ "x$TEST_SSH_OPENSSL" != "x" ]; then
178	OPENSSL_BIN="${TEST_SSH_OPENSSL}"
179fi
180
181# Path to sshd must be absolute for rexec
182case "$SSHD" in
183/*) ;;
184*) SSHD=`which $SSHD` ;;
185esac
186
187case "$SSH" in
188/*) ;;
189*) SSH=`which $SSH` ;;
190esac
191
192case "$SSHAGENT" in
193/*) ;;
194*) SSHAGENT=`which $SSHAGENT` ;;
195esac
196
197# Record the actual binaries used.
198SSH_BIN=${SSH}
199SSHD_BIN=${SSHD}
200SSHAGENT_BIN=${SSHAGENT}
201SSHADD_BIN=${SSHADD}
202SSHKEYGEN_BIN=${SSHKEYGEN}
203SSHKEYSCAN_BIN=${SSHKEYSCAN}
204SFTP_BIN=${SFTP}
205SFTPSERVER_BIN=${SFTPSERVER}
206SCP_BIN=${SCP}
207
208if [ "x$USE_VALGRIND" != "x" ]; then
209	rm -rf $OBJ/valgrind-out $OBJ/valgrind-vgdb
210	mkdir -p $OBJ/valgrind-out $OBJ/valgrind-vgdb
211	# When using sudo ensure low-priv tests can write pipes and logs.
212	if [ "x$SUDO" != "x" ]; then
213		chmod 777 $OBJ/valgrind-out $OBJ/valgrind-vgdb
214	fi
215	VG_TEST=`basename $SCRIPT .sh`
216
217	# Some tests are difficult to fix.
218	case "$VG_TEST" in
219	reexec)
220		VG_SKIP=1 ;;
221	sftp-chroot)
222		if [ "x${SUDO}" != "x" ]; then
223			VG_SKIP=1
224		fi ;;
225	esac
226
227	if [ x"$VG_SKIP" = "x" ]; then
228		VG_LEAK="--leak-check=no"
229		if [ x"$VALGRIND_CHECK_LEAKS" != "x" ]; then
230			VG_LEAK="--leak-check=full"
231		fi
232		VG_IGNORE="/bin/*,/sbin/*,/usr/*,/var/*"
233		VG_LOG="$OBJ/valgrind-out/${VG_TEST}."
234		VG_OPTS="--track-origins=yes $VG_LEAK"
235		VG_OPTS="$VG_OPTS --trace-children=yes"
236		VG_OPTS="$VG_OPTS --trace-children-skip=${VG_IGNORE}"
237		VG_OPTS="$VG_OPTS --vgdb-prefix=$OBJ/valgrind-vgdb/"
238		VG_PATH="valgrind"
239		if [ "x$VALGRIND_PATH" != "x" ]; then
240			VG_PATH="$VALGRIND_PATH"
241		fi
242		VG="$VG_PATH $VG_OPTS"
243		SSH="$VG --log-file=${VG_LOG}ssh.%p $SSH"
244		SSHD="$VG --log-file=${VG_LOG}sshd.%p $SSHD"
245		SSHAGENT="$VG --log-file=${VG_LOG}ssh-agent.%p $SSHAGENT"
246		SSHADD="$VG --log-file=${VG_LOG}ssh-add.%p $SSHADD"
247		SSHKEYGEN="$VG --log-file=${VG_LOG}ssh-keygen.%p $SSHKEYGEN"
248		SSHKEYSCAN="$VG --log-file=${VG_LOG}ssh-keyscan.%p $SSHKEYSCAN"
249		SFTP="$VG --log-file=${VG_LOG}sftp.%p ${SFTP}"
250		SCP="$VG --log-file=${VG_LOG}scp.%p $SCP"
251		cat > $OBJ/valgrind-sftp-server.sh << EOF
252#!/bin/sh
253exec $VG --log-file=${VG_LOG}sftp-server.%p $SFTPSERVER "\$@"
254EOF
255		chmod a+rx $OBJ/valgrind-sftp-server.sh
256		SFTPSERVER="$OBJ/valgrind-sftp-server.sh"
257	fi
258fi
259
260# Logfiles.
261# SSH_LOGFILE should be the debug output of ssh(1) only
262# SSHD_LOGFILE should be the debug output of sshd(8) only
263# REGRESS_LOGFILE is the log of progress of the regress test itself.
264# TEST_SSH_LOGDIR will contain datestamped logs of all binaries run in
265# chronological order.
266if [ "x$TEST_SSH_LOGDIR" = "x" ]; then
267	TEST_SSH_LOGDIR=$OBJ/log
268	mkdir -p $TEST_SSH_LOGDIR
269fi
270if [ "x$TEST_SSH_LOGFILE" = "x" ]; then
271	TEST_SSH_LOGFILE=$OBJ/ssh.log
272fi
273if [ "x$TEST_SSHD_LOGFILE" = "x" ]; then
274	TEST_SSHD_LOGFILE=$OBJ/sshd.log
275fi
276if [ "x$TEST_REGRESS_LOGFILE" = "x" ]; then
277	TEST_REGRESS_LOGFILE=$OBJ/regress.log
278fi
279
280# If set, keep track of successful tests and skip them them if we've
281# previously completed that test.
282if [ "x$TEST_REGRESS_CACHE_DIR" != "x" ]; then
283	if [ ! -d "$TEST_REGRESS_CACHE_DIR" ]; then
284		mkdir -p "$TEST_REGRESS_CACHE_DIR"
285	fi
286	TEST="`basename $SCRIPT .sh`"
287	CACHE="${TEST_REGRESS_CACHE_DIR}/${TEST}.cache"
288	for i in ${SSH} ${SSHD} ${SSHAGENT} ${SSHADD} ${SSHKEYGEN} ${SCP} \
289	    ${SFTP} ${SFTPSERVER} ${SSHKEYSCAN}; do
290		case $i in
291		/*)	bin="$i" ;;
292		*)	bin="`which $i`" ;;
293		esac
294		if [ "$bin" -nt "$CACHE" ]; then
295			rm -f "$CACHE"
296		fi
297	done
298	if [ -f "$CACHE" ]; then
299		echo ok cached $CACHE
300		exit 0
301	fi
302fi
303
304# truncate logfiles
305>$TEST_REGRESS_LOGFILE
306
307# Create ssh and sshd wrappers with logging.  These create a datestamped
308# unique file for every invocation so that we can retain all logs from a
309# given test no matter how many times it's invoked.  It also leaves a
310# symlink with the original name for tests (and people) who look for that.
311
312# For ssh, e can't just specify "SSH=ssh -E..." because sftp and scp don't
313# handle spaces in arguments.  scp and sftp like to use -q so we remove those
314# to preserve our debug logging.  In the rare instance where -q is desirable
315# -qq is equivalent and is not removed.
316SSHLOGWRAP=$OBJ/ssh-log-wrapper.sh
317rm -f ${SSHLOGWRAP}
318cat >$SSHLOGWRAP <<EOD
319#!/bin/sh
320timestamp="\`$OBJ/timestamp\`"
321logfile="${TEST_SSH_LOGDIR}/\${timestamp}.ssh.\$\$.log"
322echo "Executing: ${SSH} \$@" log \${logfile} >>$TEST_REGRESS_LOGFILE
323echo "Executing: ${SSH} \$@" >>\${logfile}
324for i in "\$@";do shift;case "\$i" in -q):;; *) set -- "\$@" "\$i";;esac;done
325rm -f $TEST_SSH_LOGFILE
326ln -f -s \${logfile} $TEST_SSH_LOGFILE
327exec ${SSH} -E\${logfile} "\$@"
328EOD
329
330chmod a+rx $OBJ/ssh-log-wrapper.sh
331REAL_SSH="$SSH"
332REAL_SSHD="$SSHD"
333SSH="$SSHLOGWRAP"
334
335SSHDLOGWRAP=$OBJ/sshd-log-wrapper.sh
336rm -f ${SSHDLOGWRAP}
337cat >$SSHDLOGWRAP <<EOD
338#!/bin/sh
339timestamp="\`$OBJ/timestamp\`"
340logfile="${TEST_SSH_LOGDIR}/\${timestamp}.sshd.\$\$.log"
341rm -f $TEST_SSHD_LOGFILE
342touch \$logfile
343test -z "$SUDO" || chown $USER \$logfile
344ln -f -s \${logfile} $TEST_SSHD_LOGFILE
345echo "Executing: ${SSHD} \$@" log \${logfile} >>$TEST_REGRESS_LOGFILE
346echo "Executing: ${SSHD} \$@" >>\${logfile}
347exec ${SSHD} -E\${logfile} "\$@"
348EOD
349chmod a+rx $OBJ/sshd-log-wrapper.sh
350
351ssh_logfile ()
352{
353	tool="$1"
354	timestamp="`$OBJ/timestamp`"
355	logfile="${TEST_SSH_LOGDIR}/${timestamp}.$tool.$$.log"
356	echo "Logging $tool to log \${logfile}" >>$TEST_REGRESS_LOGFILE
357	echo $logfile
358}
359
360# Some test data.  We make a copy because some tests will overwrite it.
361# The tests may assume that $DATA exists and is writable and $COPY does
362# not exist.  Tests requiring larger data files can call increase_datafile_size
363# [kbytes] to ensure the file is at least that large.
364DATANAME=data
365DATA=$OBJ/${DATANAME}
366cat ${SSH_BIN} >${DATA}
367chmod u+w ${DATA}
368COPY=$OBJ/copy
369rm -f ${COPY}
370
371increase_datafile_size()
372{
373	while [ `du -k ${DATA} | cut -f1` -lt $1 ]; do
374		cat ${SSH_BIN} >>${DATA}
375	done
376}
377
378# these should be used in tests
379export SSH SSHD SSHAGENT SSHADD SSHKEYGEN SSHKEYSCAN SFTP SFTPSERVER SCP
380export SSH_PKCS11_HELPER SSH_SK_HELPER
381#echo $SSH $SSHD $SSHAGENT $SSHADD $SSHKEYGEN $SSHKEYSCAN $SFTP $SFTPSERVER $SCP
382
383# Portable specific functions
384which()
385{
386	saved_IFS="$IFS"
387	IFS=":"
388	for i in $PATH
389	do
390		if [ -x $i/$1 ]; then
391			IFS="$saved_IFS"
392			echo "$i/$1"
393			return 0
394		fi
395	done
396	IFS="$saved_IFS"
397	echo "$i/$1"
398	return 1
399}
400
401have_prog()
402{
403	which "$1" >/dev/null 2>&1
404	return $?
405}
406
407jot() {
408	awk "BEGIN { for (i = $2; i < $2 + $1; i++) { printf \"%d\n\", i } exit }"
409}
410
411if [ ! -x "`which rev`" ]; then
412rev()
413{
414	awk '{for (i=length; i>0; i--) printf "%s", substr($0, i, 1); print ""}'
415}
416fi
417
418if [ -x "/usr/xpg4/bin/id" ]; then
419id()
420{
421	/usr/xpg4/bin/id $@
422}
423fi
424
425# Check whether preprocessor symbols are defined in config.h.
426config_defined ()
427{
428	str=$1
429	while test "x$2" != "x" ; do
430		str="$str|$2"
431		shift
432	done
433	egrep "^#define.*($str)" ${BUILDDIR}/config.h >/dev/null 2>&1
434}
435
436md5 () {
437	if have_prog md5sum; then
438		md5sum
439	elif have_prog openssl; then
440		openssl md5
441	elif have_prog cksum; then
442		cksum
443	elif have_prog sum; then
444		sum
445	elif [ -x ${OPENSSL_BIN} ]; then
446		${OPENSSL_BIN} md5
447	else
448		wc -c
449	fi
450}
451
452# Some platforms don't have hostname at all, but on others uname -n doesn't
453# provide the fully qualified name we need, so in the former case we create
454# our own hostname function.
455if ! have_prog hostname; then
456	hostname() {
457		uname -n
458	}
459fi
460
461make_tmpdir ()
462{
463	SSH_REGRESS_TMP="$($OBJ/mkdtemp openssh-XXXXXXXX)" || \
464	    fatal "failed to create temporary directory"
465}
466# End of portable specific functions
467
468stop_sshd ()
469{
470	[ -z $PIDFILE ] && return
471	[ -f $PIDFILE ] || return
472	pid=`$SUDO cat $PIDFILE`
473	if [ "X$pid" = "X" ]; then
474		echo "no sshd running" 1>&2
475		return
476	elif [ $pid -lt 2 ]; then
477		echo "bad pid for sshd: $pid" 1>&2
478		return
479	fi
480	$SUDO kill $pid
481	trace "wait for sshd to exit"
482	i=0;
483	while [ -f $PIDFILE -a $i -lt 5 ]; do
484		i=`expr $i + 1`
485		sleep $i
486	done
487	if test -f $PIDFILE; then
488		if $SUDO kill -0 $pid; then
489			echo "sshd didn't exit port $PORT pid $pid" 1>&2
490		else
491			echo "sshd died without cleanup" 1>&2
492		fi
493		exit 1
494	fi
495	PIDFILE=""
496}
497
498# helper
499cleanup ()
500{
501	if [ "x$SSH_PID" != "x" ]; then
502		if [ $SSH_PID -lt 2 ]; then
503			echo bad pid for ssh: $SSH_PID
504		else
505			kill $SSH_PID
506		fi
507	fi
508	if [ "x$SSH_REGRESS_TMP" != "x" ]; then
509		rm -rf "$SSH_REGRESS_TMP"
510	fi
511	stop_sshd
512	if [ ! -z "$TEST_SSH_ELAPSED_TIMES" ]; then
513		now=`date '+%s'`
514		elapsed=$(($now - $STARTTIME))
515		echo elapsed $elapsed `basename $SCRIPT .sh`
516	fi
517}
518
519start_debug_log ()
520{
521	echo "trace: $@" >>$TEST_REGRESS_LOGFILE
522	if [ -d "$TEST_SSH_LOGDIR" ]; then
523		rm -f $TEST_SSH_LOGDIR/*
524	fi
525}
526
527save_debug_log ()
528{
529	testname=`echo $tid | tr ' ' _`
530	tarname="$OBJ/failed-$testname-logs.tar"
531
532	for logfile in $TEST_SSH_LOGDIR $TEST_REGRESS_LOGFILE \
533	    $TEST_SSH_LOGFILE $TEST_SSHD_LOGFILE; do
534		if [ ! -z "$SUDO" ] && [ -e "$logfile" ]; then
535			$SUDO chown -R $USER $logfile
536		fi
537	done
538	test -z "$SUDO" || $SUDO chmod ug+rw $TEST_SSHD_LOGFILE
539	echo $@ >>$TEST_REGRESS_LOGFILE
540	echo $@ >>$TEST_SSH_LOGFILE
541	echo $@ >>$TEST_SSHD_LOGFILE
542	echo "Saving debug logs to $tarname" >>$TEST_REGRESS_LOGFILE
543	(cat $TEST_REGRESS_LOGFILE; echo) >>$OBJ/failed-regress.log
544	(cat $TEST_SSH_LOGFILE; echo) >>$OBJ/failed-ssh.log
545	(cat $TEST_SSHD_LOGFILE; echo) >>$OBJ/failed-sshd.log
546}
547
548trace ()
549{
550	start_debug_log $@
551	if [ "X$TEST_SSH_TRACE" = "Xyes" ]; then
552		echo "$@"
553	fi
554}
555
556verbose ()
557{
558	start_debug_log $@
559	if [ "X$TEST_SSH_QUIET" != "Xyes" ]; then
560		echo "$@"
561	fi
562}
563
564fail ()
565{
566	save_debug_log "FAIL: $@"
567	RESULT=1
568	echo "$@"
569	if test "x$TEST_SSH_FAIL_FATAL" != "x" ; then
570		cleanup
571		exit $RESULT
572	fi
573}
574
575fatal ()
576{
577	save_debug_log "FATAL: $@"
578	printf "FATAL: "
579	fail "$@"
580	cleanup
581	exit $RESULT
582}
583
584# Skip remaining tests in script.
585skip ()
586{
587	echo "SKIPPED: $@"
588	cleanup
589	exit $RESULT
590}
591
592maybe_add_scp_path_to_sshd ()
593{
594	# If we're testing a non-installed scp, add its directory to sshd's
595	# PATH so we can test it.  We don't do this for all tests as it
596	# breaks the SetEnv tests.
597	case "$SCP" in
598	/*)	PATH_WITH_SCP="`dirname $SCP`:$PATH"
599		echo "	SetEnv PATH='$PATH_WITH_SCP'" >>$OBJ/sshd_config
600		echo "	SetEnv PATH='$PATH_WITH_SCP'" >>$OBJ/sshd_proxy ;;
601	esac
602}
603
604RESULT=0
605PIDFILE=$OBJ/pidfile
606
607trap fatal 3 2
608
609# create server config
610cat << EOF > $OBJ/sshd_config
611	StrictModes		no
612	Port			$PORT
613	AddressFamily		inet
614	ListenAddress		127.0.0.1
615	#ListenAddress		::1
616	PidFile			$PIDFILE
617	AuthorizedKeysFile	$OBJ/authorized_keys_%u
618	LogLevel		DEBUG3
619	AcceptEnv		_XXX_TEST_*
620	AcceptEnv		_XXX_TEST
621	Subsystem	sftp	$SFTPSERVER
622	SshdSessionPath		$SSHD_SESSION
623	SshdAuthPath		$SSHD_AUTH
624	PerSourcePenalties	no
625EOF
626
627# This may be necessary if /usr/src and/or /usr/obj are group-writable,
628# but if you aren't careful with permissions then the unit tests could
629# be abused to locally escalate privileges.
630if [ ! -z "$TEST_SSH_UNSAFE_PERMISSIONS" ]; then
631	echo "	StrictModes no" >> $OBJ/sshd_config
632else
633	# check and warn if excessive permissions are likely to cause failures.
634	unsafe=""
635	dir="${OBJ}"
636	while test ${dir} != "/"; do
637		if test -d "${dir}" && ! test -h "${dir}"; then
638			perms=`ls -ld ${dir}`
639			case "${perms}" in
640			?????w????*|????????w?*) unsafe="${unsafe} ${dir}" ;;
641			esac
642		fi
643		dir=`dirname ${dir}`
644	done
645	if ! test  -z "${unsafe}"; then
646		cat <<EOD
647
648WARNING: Unsafe (group or world writable) directory permissions found:
649${unsafe}
650
651These could be abused to locally escalate privileges.  If you are
652sure that this is not a risk (eg there are no other users), you can
653bypass this check by setting TEST_SSH_UNSAFE_PERMISSIONS=1
654
655EOD
656	fi
657fi
658
659if [ ! -z "$TEST_SSH_MODULI_FILE" ]; then
660	trace "adding modulifile='$TEST_SSH_MODULI_FILE' to sshd_config"
661	echo "	ModuliFile '$TEST_SSH_MODULI_FILE'" >> $OBJ/sshd_config
662fi
663
664if [ ! -z "$TEST_SSH_SSHD_CONFOPTS" ]; then
665	trace "adding sshd_config option $TEST_SSH_SSHD_CONFOPTS"
666	echo "$TEST_SSH_SSHD_CONFOPTS" >> $OBJ/sshd_config
667fi
668
669# server config for proxy connects
670cp $OBJ/sshd_config $OBJ/sshd_proxy
671
672# allow group-writable directories in proxy-mode
673echo 'StrictModes no' >> $OBJ/sshd_proxy
674
675# create client config
676cat << EOF > $OBJ/ssh_config
677Host *
678	Hostname		127.0.0.1
679	HostKeyAlias		localhost-with-alias
680	Port			$PORT
681	User			$USER
682	GlobalKnownHostsFile	$OBJ/known_hosts
683	UserKnownHostsFile	$OBJ/known_hosts
684	PubkeyAuthentication	yes
685	ChallengeResponseAuthentication	no
686	PasswordAuthentication	no
687	BatchMode		yes
688	StrictHostKeyChecking	yes
689	LogLevel		DEBUG3
690EOF
691
692if [ ! -z "$TEST_SSH_SSH_CONFOPTS" ]; then
693	trace "adding ssh_config option $TEST_SSH_SSH_CONFOPTS"
694	echo "$TEST_SSH_SSH_CONFOPTS" >> $OBJ/ssh_config
695fi
696
697rm -f $OBJ/known_hosts $OBJ/authorized_keys_$USER
698
699SSH_SK_PROVIDER=
700if ! config_defined ENABLE_SK; then
701	trace skipping sk-dummy
702elif [ -f "${SRC}/misc/sk-dummy/obj/sk-dummy.so" ] ; then
703	SSH_SK_PROVIDER="${SRC}/misc/sk-dummy/obj/sk-dummy.so"
704elif [ -f "${OBJ}/misc/sk-dummy/sk-dummy.so" ] ; then
705	SSH_SK_PROVIDER="${OBJ}/misc/sk-dummy/sk-dummy.so"
706elif [ -f "${SRC}/misc/sk-dummy/sk-dummy.so" ] ; then
707	SSH_SK_PROVIDER="${SRC}/misc/sk-dummy/sk-dummy.so"
708fi
709export SSH_SK_PROVIDER
710
711if ! test -z "$SSH_SK_PROVIDER"; then
712	EXTRA_AGENT_ARGS='-P/*' # XXX want realpath(1)...
713	echo "SecurityKeyProvider $SSH_SK_PROVIDER" >> $OBJ/ssh_config
714	echo "SecurityKeyProvider $SSH_SK_PROVIDER" >> $OBJ/sshd_config
715	echo "SecurityKeyProvider $SSH_SK_PROVIDER" >> $OBJ/sshd_proxy
716fi
717export EXTRA_AGENT_ARGS
718
719maybe_filter_sk() {
720	if test -z "$SSH_SK_PROVIDER" ; then
721		grep -v ^sk
722	else
723		cat
724	fi
725}
726
727SSH_KEYTYPES=`$SSH -Q key-plain | maybe_filter_sk`
728SSH_HOSTKEY_TYPES=`$SSH -Q key-plain | maybe_filter_sk`
729
730for t in ${SSH_KEYTYPES}; do
731	# generate user key
732	if [ ! -f $OBJ/$t ] || [ ${SSHKEYGEN_BIN} -nt $OBJ/$t ]; then
733		trace "generating key type $t"
734		rm -f $OBJ/$t
735		${SSHKEYGEN} -q -N '' -t $t  -f $OBJ/$t ||\
736			fail "ssh-keygen for $t failed"
737	else
738		trace "using cached key type $t"
739	fi
740
741	# setup authorized keys
742	cat $OBJ/$t.pub >> $OBJ/authorized_keys_$USER
743	echo IdentityFile $OBJ/$t >> $OBJ/ssh_config
744done
745
746for t in ${SSH_HOSTKEY_TYPES}; do
747	# known hosts file for client
748	(
749		printf 'localhost-with-alias,127.0.0.1,::1 '
750		cat $OBJ/$t.pub
751	) >> $OBJ/known_hosts
752
753	# use key as host key, too
754	(umask 077; $SUDO cp $OBJ/$t $OBJ/host.$t)
755	echo HostKey $OBJ/host.$t >> $OBJ/sshd_config
756
757	# don't use SUDO for proxy connect
758	echo HostKey $OBJ/$t >> $OBJ/sshd_proxy
759done
760chmod 644 $OBJ/authorized_keys_$USER
761
762# Activate Twisted Conch tests if the binary is present
763REGRESS_INTEROP_CONCH=no
764if test -x "$CONCH" ; then
765	REGRESS_INTEROP_CONCH=yes
766fi
767
768# If PuTTY is present, new enough and we are running a PuTTY test, prepare
769# keys and configuration.
770REGRESS_INTEROP_PUTTY=no
771if test -x "$PUTTYGEN" -a -x "$PLINK" &&
772    "$PUTTYGEN" --help 2>&1 | grep -- --new-passphrase >/dev/null; then
773	REGRESS_INTEROP_PUTTY=yes
774fi
775case "$SCRIPT" in
776*putty*)	;;
777*)		REGRESS_INTEROP_PUTTY=no ;;
778esac
779
780puttysetup() {
781	if test "x$REGRESS_INTEROP_PUTTY" != "xyes" ; then
782		skip "putty interop tests not enabled"
783	fi
784
785	mkdir -p ${OBJ}/.putty
786
787	# Add a PuTTY key to authorized_keys
788	rm -f ${OBJ}/putty.rsa2
789	if ! "$PUTTYGEN" -t rsa -o ${OBJ}/putty.rsa2 \
790	    --random-device=/dev/urandom \
791	    --new-passphrase /dev/null < /dev/null > /dev/null; then
792		echo "Your installed version of PuTTY is too old to support --new-passphrase, skipping test" >&2
793		exit 1
794	fi
795	"$PUTTYGEN" -O public-openssh ${OBJ}/putty.rsa2 \
796	    >> $OBJ/authorized_keys_$USER
797
798	# Convert rsa2 host key to PuTTY format
799	cp $OBJ/ssh-rsa $OBJ/ssh-rsa_oldfmt
800	${SSHKEYGEN} -p -N '' -m PEM -f $OBJ/ssh-rsa_oldfmt >/dev/null
801	${SRC}/ssh2putty.sh 127.0.0.1 $PORT $OBJ/ssh-rsa_oldfmt > \
802	    ${OBJ}/.putty/sshhostkeys
803	${SRC}/ssh2putty.sh 127.0.0.1 22 $OBJ/ssh-rsa_oldfmt >> \
804	    ${OBJ}/.putty/sshhostkeys
805	rm -f $OBJ/ssh-rsa_oldfmt
806
807	# Setup proxied session
808	mkdir -p ${OBJ}/.putty/sessions
809	rm -f ${OBJ}/.putty/sessions/localhost_proxy
810	echo "Protocol=ssh" >> ${OBJ}/.putty/sessions/localhost_proxy
811	echo "HostName=127.0.0.1" >> ${OBJ}/.putty/sessions/localhost_proxy
812	echo "PortNumber=$PORT" >> ${OBJ}/.putty/sessions/localhost_proxy
813	echo "ProxyMethod=5" >> ${OBJ}/.putty/sessions/localhost_proxy
814	echo "ProxyTelnetCommand=${OBJ}/sshd-log-wrapper.sh -i -f $OBJ/sshd_proxy" >> ${OBJ}/.putty/sessions/localhost_proxy
815	echo "ProxyLocalhost=1" >> ${OBJ}/.putty/sessions/localhost_proxy
816
817	PUTTYVER="`${PLINK} --version | awk '/plink: Release/{print $3}'`"
818	PUTTYMAJORVER="`echo ${PUTTYVER} | cut -f1 -d.`"
819	PUTTYMINORVER="`echo ${PUTTYVER} | cut -f2 -d.`"
820	verbose "plink version ${PUTTYVER} major ${PUTTYMAJORVER} minor ${PUTTYMINORVER}"
821
822	# Re-enable ssh-rsa on older PuTTY versions since they don't do newer
823	# key types.
824	if [ "$PUTTYMAJORVER" -eq "0" ] && [ "$PUTTYMINORVER" -lt "76" ]; then
825		echo "HostKeyAlgorithms +ssh-rsa" >> ${OBJ}/sshd_proxy
826		echo "PubkeyAcceptedKeyTypes +ssh-rsa" >> ${OBJ}/sshd_proxy
827	fi
828
829	if [ "$PUTTYMAJORVER" -eq "0" ] && [ "$PUTTYMINORVER" -le "64" ]; then
830		echo "KexAlgorithms +diffie-hellman-group14-sha1" \
831		    >>${OBJ}/sshd_proxy
832	fi
833	PUTTYDIR=${OBJ}/.putty
834	export PUTTYDIR
835}
836
837REGRESS_INTEROP_DROPBEAR=no
838if test -x "$DROPBEARKEY" -a -x "$DBCLIENT" -a -x "$DROPBEARCONVERT"; then
839	REGRESS_INTEROP_DROPBEAR=yes
840fi
841case "$SCRIPT" in
842*dropbear*)	;;
843*)		REGRESS_INTEROP_DROPBEAR=no ;;
844esac
845
846if test "$REGRESS_INTEROP_DROPBEAR" = "yes" ; then
847	trace Create dropbear keys and add to authorized_keys
848	mkdir -p $OBJ/.dropbear $OBJ/.ssh
849	awk '{print "somehost "$2" "$3}' $OBJ/known_hosts >$OBJ/.ssh/known_hosts
850	kt="ed25519"
851	for i in dss rsa ecdsa; do
852		if $SSH -Q key-plain | grep "$i" >/dev/null; then
853			kt="$kt $i"
854		else
855			rm -f "$OBJ/.dropbear/id_$i"
856		fi
857	done
858	for i in $kt; do
859		if [ ! -f "$OBJ/.dropbear/id_$i" ]; then
860			verbose Create dropbear key type $i
861			$DROPBEARKEY -t $i -f $OBJ/.dropbear/id_$i \
862			    >/dev/null 2>&1
863		fi
864		$DROPBEARCONVERT dropbear openssh $OBJ/.dropbear/id_$i \
865		    $OBJ/.dropbear/ossh.id_$i >/dev/null 2>&1
866		$SSHKEYGEN -y -f $OBJ/.dropbear/ossh.id_$i \
867		   >>$OBJ/authorized_keys_$USER
868		rm -f $OBJ/.dropbear/id_$i.pub $OBJ/.dropbear/ossh.id_$i
869	done
870fi
871
872# create a proxy version of the client config
873(
874	cat $OBJ/ssh_config
875	echo proxycommand ${SUDO} env SSH_SK_HELPER=\"$SSH_SK_HELPER\" ${TEST_SSH_SSHD_ENV} ${OBJ}/sshd-log-wrapper.sh -i -f $OBJ/sshd_proxy
876) > $OBJ/ssh_proxy
877
878# check proxy config
879${SSHD} -t -f $OBJ/sshd_proxy	|| fatal "sshd_proxy broken"
880
881# extract proxycommand into separate shell script for use by Dropbear.
882echo '#!/bin/sh' >$OBJ/ssh_proxy.sh
883awk '/^proxycommand/' $OBJ/ssh_proxy | sed 's/^proxycommand//' \
884   >>$OBJ/ssh_proxy.sh
885chmod a+x $OBJ/ssh_proxy.sh
886
887start_sshd ()
888{
889	PIDFILE=$OBJ/pidfile
890	# start sshd
891	logfile="${TEST_SSH_LOGDIR}/sshd.`$OBJ/timestamp`.$$.log"
892	$SUDO env SSH_SK_HELPER="$SSH_SK_HELPER" ${TEST_SSH_SSHD_ENV} \
893	    ${SSHD} -f $OBJ/sshd_config "$@" -t || fatal "sshd_config broken"
894	$SUDO env SSH_SK_HELPER="$SSH_SK_HELPER" ${TEST_SSH_SSHD_ENV} \
895	    ${SSHD} -f $OBJ/sshd_config "$@" -E$TEST_SSHD_LOGFILE
896
897	trace "wait for sshd"
898	i=0;
899	while [ ! -f $PIDFILE -a $i -lt 10 ]; do
900		i=`expr $i + 1`
901		sleep $i
902	done
903	rm -f ${TEST_SSHD_LOGFILE}
904	ln -f -s ${logfile} $TEST_SSHD_LOGFILE
905
906	test -f $PIDFILE || fatal "no sshd running on port $PORT"
907}
908
909# Find a PKCS#11 library.
910p11_find_lib() {
911	TEST_SSH_PKCS11=""
912	for _lib in "$@" ; do
913		if test -f "$_lib" ; then
914			TEST_SSH_PKCS11="$_lib"
915			return
916		fi
917	done
918}
919
920# Perform PKCS#11 setup: prepares a softhsm2 token configuration, generated
921# keys and loads them into the virtual token.
922PKCS11_OK=
923export PKCS11_OK
924p11_setup() {
925	p11_find_lib \
926		/usr/local/lib/softhsm/libsofthsm2.so \
927		/usr/lib64/pkcs11/libsofthsm2.so \
928		/usr/lib/x86_64-linux-gnu/softhsm/libsofthsm2.so
929	test -z "$TEST_SSH_PKCS11" && return 1
930	trace "using token library $TEST_SSH_PKCS11"
931	TEST_SSH_PIN=1234
932	TEST_SSH_SOPIN=12345678
933	if [ "x$TEST_SSH_SSHPKCS11HELPER" != "x" ]; then
934		SSH_PKCS11_HELPER="${TEST_SSH_SSHPKCS11HELPER}"
935		export SSH_PKCS11_HELPER
936	fi
937
938	# setup environment for softhsm2 token
939	SSH_SOFTHSM_DIR=$OBJ/SOFTHSM
940	export SSH_SOFTHSM_DIR
941	rm -rf $SSH_SOFTHSM_DIR
942	TOKEN=$SSH_SOFTHSM_DIR/tokendir
943	mkdir -p $TOKEN
944	SOFTHSM2_CONF=$SSH_SOFTHSM_DIR/softhsm2.conf
945	export SOFTHSM2_CONF
946	cat > $SOFTHSM2_CONF << EOF
947# SoftHSM v2 configuration file
948directories.tokendir = ${TOKEN}
949objectstore.backend = file
950# ERROR, WARNING, INFO, DEBUG
951log.level = DEBUG
952# If CKF_REMOVABLE_DEVICE flag should be set
953slots.removable = false
954EOF
955	out=$(softhsm2-util --init-token --free --label token-slot-0 --pin "$TEST_SSH_PIN" --so-pin "$TEST_SSH_SOPIN")
956	slot=$(echo -- $out | sed 's/.* //')
957	trace "generating keys"
958	# RSA key
959	RSA=${SSH_SOFTHSM_DIR}/RSA
960	RSAP8=${SSH_SOFTHSM_DIR}/RSAP8
961	$OPENSSL_BIN genpkey -algorithm rsa > $RSA 2>/dev/null || \
962	    fatal "genpkey RSA fail"
963	$OPENSSL_BIN pkcs8 -nocrypt -in $RSA > $RSAP8 || fatal "pkcs8 RSA fail"
964	softhsm2-util --slot "$slot" --label 01 --id 01 --pin "$TEST_SSH_PIN" \
965	    --import $RSAP8 >/dev/null || fatal "softhsm import RSA fail"
966	chmod 600 $RSA
967	${SSHKEYGEN} -y -f $RSA > ${RSA}.pub
968	# ECDSA key
969	ECPARAM=${SSH_SOFTHSM_DIR}/ECPARAM
970	EC=${SSH_SOFTHSM_DIR}/EC
971	ECP8=${SSH_SOFTHSM_DIR}/ECP8
972	$OPENSSL_BIN genpkey -genparam -algorithm ec \
973	    -pkeyopt ec_paramgen_curve:prime256v1 > $ECPARAM || \
974	    fatal "param EC fail"
975	$OPENSSL_BIN genpkey -paramfile $ECPARAM > $EC || \
976	    fatal "genpkey EC fail"
977	$OPENSSL_BIN pkcs8 -nocrypt -in $EC > $ECP8 || fatal "pkcs8 EC fail"
978	softhsm2-util --slot "$slot" --label 02 --id 02 --pin "$TEST_SSH_PIN" \
979	    --import $ECP8 >/dev/null || fatal "softhsm import EC fail"
980	chmod 600 $EC
981	${SSHKEYGEN} -y -f $EC > ${EC}.pub
982	# Ed25519 key
983	ED25519=${SSH_SOFTHSM_DIR}/ED25519
984	ED25519P8=${SSH_SOFTHSM_DIR}/ED25519P8
985	$OPENSSL_BIN genpkey -algorithm ed25519 > $ED25519 || \
986	    fatal "genpkey Ed25519 fail"
987	$OPENSSL_BIN pkcs8 -nocrypt -in $ED25519 > $ED25519P8 || \
988		fatal "pkcs8 Ed25519 fail"
989	softhsm2-util --slot "$slot" --label 03 --id 03 --pin "$TEST_SSH_PIN" \
990	    --import $ED25519P8 >/dev/null || \
991		fatal "softhsm import ed25519 fail"
992	chmod 600 $ED25519
993	${SSHKEYGEN} -y -f $ED25519 > ${ED25519}.pub
994	# Prepare askpass script to load PIN.
995	PIN_SH=$SSH_SOFTHSM_DIR/pin.sh
996	cat > $PIN_SH << EOF
997#!/bin/sh
998echo "${TEST_SSH_PIN}"
999EOF
1000	chmod 0700 "$PIN_SH"
1001	PKCS11_OK=yes
1002	if env SSH_ASKPASS="$PIN_SH" SSH_ASKPASS_REQUIRE=force \
1003	    ${SSHKEYGEN} -D ${TEST_SSH_PKCS11} >/dev/null 2>&1 ; then
1004		return 0
1005	fi
1006	return 1
1007}
1008
1009# Peforms ssh-add with the right token PIN.
1010p11_ssh_add() {
1011	env SSH_ASKPASS="$PIN_SH" SSH_ASKPASS_REQUIRE=force ${SSHADD} "$@"
1012}
1013
1014start_ssh_agent() {
1015	EXTRA_AGENT_ARGS="$1"
1016	SSH_AUTH_SOCK="$OBJ/agent.sock"
1017	export SSH_AUTH_SOCK
1018	rm -f $SSH_AUTH_SOCK $OBJ/agent.log
1019	trace "start agent"
1020	${SSHAGENT} ${EXTRA_AGENT_ARGS} -d -a $SSH_AUTH_SOCK \
1021	    > $OBJ/agent.log 2>&1 &
1022	AGENT_PID=$!
1023	trap "kill $AGENT_PID" EXIT
1024	for x in 0 1 2 3 4 ; do
1025		# Give it a chance to start
1026		${SSHADD} -l > /dev/null 2>&1
1027		r=$?
1028		test $r -eq 1 && break
1029		sleep 1
1030	done
1031	if [ $r -ne 1 ]; then
1032		fatal "ssh-add -l did not fail with exit code 1 (got $r)"
1033	fi
1034}
1035
1036# source test body
1037. $SCRIPT
1038
1039# kill sshd
1040cleanup
1041
1042if [ "x$USE_VALGRIND" != "x" ]; then
1043	# If there is an EXIT trap handler, invoke it now.
1044	# Some tests set these to clean up processes such as ssh-agent.  We
1045	# need to wait for all valgrind processes to complete so we can check
1046	# their logs, but since the EXIT traps are not invoked until
1047	# test-exec.sh exits, waiting here will deadlock.
1048	# This is not very portable but then neither is valgrind itself.
1049	# As a bonus, dash (as used on the runners) has a "trap" that doesn't
1050	# work in a pipeline (hence the temp file) or a subshell.
1051	exithandler=""
1052	trap >/tmp/trap.$$ && exithandler=$(cat /tmp/trap.$$ | \
1053	    awk -F "'" '/EXIT$/{print $2}')
1054	rm -f /tmp/trap.$$
1055	if [ "x${exithandler}" != "x" ]; then
1056		verbose invoking EXIT trap handler early: ${exithandler}
1057		eval "${exithandler}"
1058		trap '' EXIT
1059	fi
1060
1061	# wait for any running process to complete
1062	wait; sleep 1
1063	VG_RESULTS=$(find $OBJ/valgrind-out -type f -print)
1064	VG_RESULT_COUNT=0
1065	VG_FAIL_COUNT=0
1066	for i in $VG_RESULTS; do
1067		if grep "ERROR SUMMARY" $i >/dev/null; then
1068			VG_RESULT_COUNT=$(($VG_RESULT_COUNT + 1))
1069			if ! grep "ERROR SUMMARY: 0 errors" $i >/dev/null; then
1070				VG_FAIL_COUNT=$(($VG_FAIL_COUNT + 1))
1071				RESULT=1
1072				verbose valgrind failure $i
1073				cat $i
1074			fi
1075		fi
1076	done
1077	if [ x"$VG_SKIP" != "x" ]; then
1078		verbose valgrind skipped
1079	else
1080		verbose valgrind results $VG_RESULT_COUNT failures $VG_FAIL_COUNT
1081	fi
1082fi
1083
1084if [ $RESULT -eq 0 ]; then
1085	verbose ok $tid
1086	if [ "x$CACHE" != "x" ]; then
1087		touch "$CACHE"
1088	fi
1089else
1090	echo failed $tid
1091fi
1092exit $RESULT
1093