1# $OpenBSD: Makefile,v 1.136 2025/03/11 07:50:20 dtucker Exp $ 2 3tests: prep file-tests t-exec unit 4 5REGRESS_TARGETS= t1 t2 t3 t4 t5 t6 t7 t8 t9 t10 t11 t12 6 7# File based tests 8file-tests: $(REGRESS_TARGETS) 9 10# Interop tests are not run by default 11interop interop-tests: t-exec-interop 12 13extra extra-tests: t-extra 14 15prep: 16 test "x${USE_VALGRIND}" = "x" || mkdir -p $(OBJ)/valgrind-out 17 18clean: 19 for F in $(CLEANFILES); do rm -f $(OBJ)$$F; done 20 rm -rf $(OBJ).putty 21 rm -rf $(OBJ).dropbear 22 23distclean: clean 24 25LTESTS= connect \ 26 proxy-connect \ 27 sshfp-connect \ 28 connect-privsep \ 29 connect-uri \ 30 proto-version \ 31 proto-mismatch \ 32 exit-status \ 33 exit-status-signal \ 34 envpass \ 35 transfer \ 36 banner \ 37 rekey \ 38 dhgex \ 39 stderr-data \ 40 stderr-after-eof \ 41 broken-pipe \ 42 try-ciphers \ 43 yes-head \ 44 login-timeout \ 45 agent \ 46 agent-getpeereid \ 47 agent-timeout \ 48 agent-ptrace \ 49 agent-subprocess \ 50 keyscan \ 51 keygen-change \ 52 keygen-comment \ 53 keygen-convert \ 54 keygen-knownhosts \ 55 keygen-moduli \ 56 keygen-sshfp \ 57 key-options \ 58 scp \ 59 scp3 \ 60 scp-uri \ 61 sftp \ 62 sftp-chroot \ 63 sftp-cmds \ 64 sftp-badcmds \ 65 sftp-batch \ 66 sftp-glob \ 67 sftp-perm \ 68 sftp-resume \ 69 sftp-uri \ 70 reconfigure \ 71 dynamic-forward \ 72 forwarding \ 73 multiplex \ 74 reexec \ 75 brokenkeys \ 76 sshcfgparse \ 77 cfgparse \ 78 cfgmatch \ 79 cfgmatchlisten \ 80 percent \ 81 addrmatch \ 82 localcommand \ 83 forcecommand \ 84 portnum \ 85 keytype \ 86 kextype \ 87 cert-hostkey \ 88 cert-userkey \ 89 host-expand \ 90 keys-command \ 91 forward-control \ 92 integrity \ 93 krl \ 94 multipubkey \ 95 limit-keytype \ 96 hostkey-agent \ 97 hostkey-rotate \ 98 principals-command \ 99 cert-file \ 100 cfginclude \ 101 servcfginclude \ 102 allow-deny-users \ 103 authinfo \ 104 sshsig \ 105 knownhosts \ 106 knownhosts-command \ 107 agent-restrict \ 108 hostbased \ 109 channel-timeout \ 110 connection-timeout \ 111 match-subsystem \ 112 agent-pkcs11-restrict \ 113 agent-pkcs11-cert \ 114 penalty \ 115 penalty-expire 116 117INTEROP_TESTS= putty-transfer putty-ciphers putty-kex conch-ciphers 118INTEROP_TESTS+= dropbear-ciphers dropbear-kex 119#INTEROP_TESTS+=ssh-com ssh-com-client ssh-com-keygen ssh-com-sftp 120 121EXTRA_TESTS= agent-pkcs11 122#EXTRA_TESTS+= cipher-speed 123 124USERNAME= ${LOGNAME} 125CLEANFILES= *.core actual agent-key.* authorized_keys_${USERNAME} \ 126 authorized_keys_${USERNAME}.* \ 127 authorized_principals_${USERNAME} \ 128 banner.in banner.out cert_host_key* cert_user_key* \ 129 copy.1 copy.2 data ed25519-agent ed25519-agent* \ 130 ed25519-agent.pub ed25519 ed25519.pub empty.in \ 131 expect failed-regress.log failed-ssh.log failed-sshd.log \ 132 hkr.* host.ecdsa-sha2-nistp256 host.ecdsa-sha2-nistp384 \ 133 host.ecdsa-sha2-nistp521 host.ssh-dss host.ssh-ed25519 \ 134 host.ssh-rsa host_ca_key* host_krl_* host_revoked_* key.* \ 135 key.dsa-* key.ecdsa-* key.ed25519-512 \ 136 key.ed25519-512.pub key.rsa-* keys-command-args kh.* askpass \ 137 known_hosts known_hosts-cert known_hosts.* krl-* ls.copy \ 138 modpipe netcat no_identity_config \ 139 pidfile putty.rsa2 ready regress.log remote_pid \ 140 revoked-* rsa rsa-agent rsa-agent.pub rsa.pub rsa_ssh2_cr.prv \ 141 rsa_ssh2_crnl.prv scp-ssh-wrapper.exe \ 142 scp-ssh-wrapper.scp setuid-allowed sftp-server.log \ 143 sftp-server.sh sftp.log ssh-log-wrapper.sh ssh.log \ 144 ssh-agent.log ssh-add.log slow-sftp-server.sh \ 145 ssh-rsa_oldfmt knownhosts_command \ 146 ssh_config ssh_config.* ssh_proxy ssh_proxy_bak \ 147 ssh_proxy_* sshd.log sshd_config sshd_config.* \ 148 sshd_config.* sshd_proxy sshd_proxy.* sshd_proxy_bak \ 149 sshd_proxy_orig t10.out t10.out.pub t12.out t12.out.pub \ 150 t2.out t3.out t6.out1 t6.out2 t7.out t7.out.pub \ 151 t8.out t8.out.pub t9.out t9.out.pub \ 152 timestamp testdata user_*key* user_ca* user_key* 153 154# Enable all malloc(3) randomisations and checks 155TEST_ENV= "MALLOC_OPTIONS=CFGJRSUX" 156 157TEST_SSH_SSHKEYGEN?=ssh-keygen 158 159CPPFLAGS=-I.. 160 161t1: 162 set -xe ; if ${TEST_SSH_SSH} -Q key | grep -q "^ssh-rsa" ; then \ 163 ${TEST_SSH_SSHKEYGEN} -if ${.CURDIR}/rsa_ssh2.prv | diff - ${.CURDIR}/rsa_openssh.prv ; \ 164 tr '\n' '\r' <${.CURDIR}/rsa_ssh2.prv > ${.OBJDIR}/rsa_ssh2_cr.prv ; \ 165 ${TEST_SSH_SSHKEYGEN} -if ${.OBJDIR}/rsa_ssh2_cr.prv | diff - ${.CURDIR}/rsa_openssh.prv ; \ 166 awk '{print $$0 "\r"}' ${.CURDIR}/rsa_ssh2.prv > ${.OBJDIR}/rsa_ssh2_crnl.prv ; \ 167 ${TEST_SSH_SSHKEYGEN} -if ${.OBJDIR}/rsa_ssh2_crnl.prv | diff - ${.CURDIR}/rsa_openssh.prv ; \ 168 fi 169 170t2: 171 set -xe ; if ${TEST_SSH_SSH} -Q key | grep -q "^ssh-rsa" ; then \ 172 cat ${.CURDIR}/rsa_openssh.prv > $(OBJ)/t2.out ; \ 173 chmod 600 $(OBJ)/t2.out ; \ 174 ${TEST_SSH_SSHKEYGEN} -yf $(OBJ)/t2.out | diff - ${.CURDIR}/rsa_openssh.pub ; \ 175 fi 176 177t3: 178 set -xe ; if ${TEST_SSH_SSH} -Q key | grep -q "^ssh-rsa" ; then \ 179 ${TEST_SSH_SSHKEYGEN} -ef ${.CURDIR}/rsa_openssh.pub >$(OBJ)/t3.out ; \ 180 ${TEST_SSH_SSHKEYGEN} -if $(OBJ)/t3.out | diff - ${.CURDIR}/rsa_openssh.pub ; \ 181 fi 182 183t4: 184 set -xe ; if ${TEST_SSH_SSH} -Q key | grep -q "^ssh-rsa" ; then \ 185 ${TEST_SSH_SSHKEYGEN} -E md5 -lf ${.CURDIR}/rsa_openssh.pub |\ 186 awk '{print $$2}' | diff - ${.CURDIR}/t4.ok ; \ 187 fi 188 189t5: 190 set -xe ; if ${TEST_SSH_SSH} -Q key | grep -q "^ssh-rsa" ; then \ 191 ${TEST_SSH_SSHKEYGEN} -Bf ${.CURDIR}/rsa_openssh.pub |\ 192 awk '{print $$2}' | diff - ${.CURDIR}/t5.ok ; \ 193 fi 194t6: 195 set -xe ; if ${TEST_SSH_SSH} -Q key | grep -q "^ssh-dss" ; then \ 196 ${TEST_SSH_SSHKEYGEN} -if ${.CURDIR}/dsa_ssh2.prv > $(OBJ)/t6.out1 ; \ 197 ${TEST_SSH_SSHKEYGEN} -if ${.CURDIR}/dsa_ssh2.pub > $(OBJ)/t6.out2 ; \ 198 chmod 600 $(OBJ)/t6.out1 ; \ 199 ${TEST_SSH_SSHKEYGEN} -yf $(OBJ)/t6.out1 | diff - $(OBJ)/t6.out2 ; \ 200 fi 201 202$(OBJ)/t7.out: 203 set -xe ; if ${TEST_SSH_SSH} -Q key | grep -q "^ssh-dss" ; then \ 204 ${TEST_SSH_SSHKEYGEN} -q -t rsa -N '' -f $@ ; \ 205 fi 206 207t7: $(OBJ)/t7.out 208 set -xe ; if ${TEST_SSH_SSH} -Q key | grep -q "^ssh-dss" ; then \ 209 ${TEST_SSH_SSHKEYGEN} -lf $(OBJ)/t7.out > /dev/null ; \ 210 ${TEST_SSH_SSHKEYGEN} -Bf $(OBJ)/t7.out > /dev/null ; \ 211 fi 212 213$(OBJ)/t8.out: 214 set -xe ; if ssh -Q key | grep -q "^ssh-dss" ; then \ 215 ${TEST_SSH_SSHKEYGEN} -q -t dsa -N '' -f $@ ; \ 216 fi 217 218t8: $(OBJ)/t8.out 219 set -xe ; if ssh -Q key | grep -q "^ssh-dss" ; then \ 220 ${TEST_SSH_SSHKEYGEN} -lf $(OBJ)/t8.out > /dev/null ; \ 221 ${TEST_SSH_SSHKEYGEN} -Bf $(OBJ)/t8.out > /dev/null ; \ 222 fi 223 224$(OBJ)/t9.out: 225 ! ${TEST_SSH_SSH} -Q key-plain | grep ecdsa >/dev/null || \ 226 ${TEST_SSH_SSHKEYGEN} -q -t ecdsa -N '' -f $@ 227 228t9: $(OBJ)/t9.out 229 ! ${TEST_SSH_SSH} -Q key-plain | grep ecdsa >/dev/null || \ 230 ${TEST_SSH_SSHKEYGEN} -lf $(OBJ)/t9.out > /dev/null 231 ! ${TEST_SSH_SSH} -Q key-plain | grep ecdsa >/dev/null || \ 232 ${TEST_SSH_SSHKEYGEN} -Bf $(OBJ)/t9.out > /dev/null 233 234 235$(OBJ)/t10.out: 236 ${TEST_SSH_SSHKEYGEN} -q -t ed25519 -N '' -f $@ 237 238t10: $(OBJ)/t10.out 239 ${TEST_SSH_SSHKEYGEN} -lf $(OBJ)/t10.out > /dev/null 240 ${TEST_SSH_SSHKEYGEN} -Bf $(OBJ)/t10.out > /dev/null 241 242t11: 243 set -xe ; if ${TEST_SSH_SSH} -Q key | grep -q "^ssh-dss" ; then \ 244 ${TEST_SSH_SSHKEYGEN} -E sha256 -lf ${.CURDIR}/rsa_openssh.pub |\ 245 awk '{print $$2}' | diff - ${.CURDIR}/t11.ok ; \ 246 fi 247 248$(OBJ)/t12.out: 249 ${TEST_SSH_SSHKEYGEN} -q -t ed25519 -N '' -C 'test-comment-1234' -f $@ 250 251t12: $(OBJ)/t12.out 252 ${TEST_SSH_SSHKEYGEN} -lf $(OBJ)/t12.out.pub | grep test-comment-1234 >/dev/null 253 254t-exec: ${LTESTS:=.sh} 255 @if [ "x$?" = "x" ]; then exit 0; fi; \ 256 _started=""; test -z "${LTESTS_FROM}" && _started=1 ;\ 257 for TEST in ""$?; do \ 258 if [ -z "$$_started" ] ; then \ 259 if [ "x$$TEST" = "x${LTESTS_FROM}.sh" ]; then \ 260 _started=1; \ 261 else \ 262 continue; \ 263 fi ; \ 264 fi ; \ 265 skip=no; \ 266 for t in ""$${SKIP_LTESTS}; do \ 267 if [ "x$${t}.sh" = "x$${TEST}" ]; then skip=yes; fi; \ 268 done; \ 269 if [ "x$${skip}" = "xno" ]; then \ 270 echo "run test $${TEST}" ... 1>&2; \ 271 (env SUDO="${SUDO}" TEST_ENV=${TEST_ENV} ${TEST_SHELL} ${.CURDIR}/test-exec.sh ${.OBJDIR} ${.CURDIR}/$${TEST}) || exit $$?; \ 272 else \ 273 echo skip test $${TEST} 1>&2; \ 274 fi; \ 275 done 276 277t-exec-interop: ${INTEROP_TESTS:=.sh} 278 @if [ "x$?" = "x" ]; then exit 0; fi; \ 279 for TEST in ""$?; do \ 280 echo "run test $${TEST}" ... 1>&2; \ 281 (env SUDO="${SUDO}" TEST_ENV=${TEST_ENV} ${TEST_SHELL} ${.CURDIR}/test-exec.sh ${.OBJDIR} ${.CURDIR}/$${TEST}) || exit $$?; \ 282 done 283 284t-extra: ${EXTRA_TESTS:=.sh} 285 @if [ "x$?" = "x" ]; then exit 0; fi; \ 286 for TEST in ""$?; do \ 287 echo "run test $${TEST}" ... 1>&2; \ 288 (env SUDO="${SUDO}" TEST_ENV=${TEST_ENV} ${TEST_SHELL} ${.CURDIR}/test-exec.sh ${.OBJDIR} ${.CURDIR}/$${TEST}) || exit $$?; \ 289 done 290 291# Not run by default 292interop: ${INTEROP_TARGETS} 293 294# Unit tests, built by top-level Makefile 295unit: 296 set -e ; if test -z "${SKIP_UNIT}" ; then \ 297 V="" ; \ 298 test "x${USE_VALGRIND}" = "x" || \ 299 V=${.CURDIR}/valgrind-unit.sh ; \ 300 $$V ${.OBJDIR}/unittests/sshbuf/test_sshbuf ; \ 301 $$V ${.OBJDIR}/unittests/sshkey/test_sshkey \ 302 -d ${.CURDIR}/unittests/sshkey/testdata ; \ 303 $$V ${.OBJDIR}/unittests/sshsig/test_sshsig \ 304 -d ${.CURDIR}/unittests/sshsig/testdata ; \ 305 $$V ${.OBJDIR}/unittests/authopt/test_authopt \ 306 -d ${.CURDIR}/unittests/authopt/testdata ; \ 307 $$V ${.OBJDIR}/unittests/bitmap/test_bitmap ; \ 308 $$V ${.OBJDIR}/unittests/conversion/test_conversion ; \ 309 $$V ${.OBJDIR}/unittests/kex/test_kex ; \ 310 $$V ${.OBJDIR}/unittests/hostkeys/test_hostkeys \ 311 -d ${.CURDIR}/unittests/hostkeys/testdata ; \ 312 $$V ${.OBJDIR}/unittests/match/test_match ; \ 313 $$V ${.OBJDIR}/unittests/misc/test_misc ; \ 314 if test "x${TEST_SSH_UTF8}" = "xyes" ; then \ 315 $$V ${.OBJDIR}/unittests/utf8/test_utf8 ; \ 316 fi \ 317 fi 318