xref: /freebsd/crypto/openssh/regress/Makefile (revision 3f0efe05432b1633991114ca4ca330102a561959) 
1#	$OpenBSD: Makefile,v 1.133 2024/01/11 04:50:28 djm Exp $
2
3tests:		prep file-tests t-exec unit
4
5REGRESS_TARGETS=	t1 t2 t3 t4 t5 t6 t7 t8 t9 t10 t11 t12
6
7# File based tests
8file-tests: $(REGRESS_TARGETS)
9
10# Interop tests are not run by default
11interop interop-tests: t-exec-interop
12
13extra extra-tests: t-extra
14
15prep:
16	test "x${USE_VALGRIND}" = "x" || mkdir -p $(OBJ)/valgrind-out
17
18clean:
19	for F in $(CLEANFILES); do rm -f $(OBJ)$$F; done
20	rm -rf $(OBJ).putty
21	rm -rf $(OBJ).dropbear
22
23distclean:	clean
24
25LTESTS= 	connect \
26		proxy-connect \
27		sshfp-connect \
28		connect-privsep \
29		connect-uri \
30		proto-version \
31		proto-mismatch \
32		exit-status \
33		exit-status-signal \
34		envpass \
35		transfer \
36		banner \
37		rekey \
38		dhgex \
39		stderr-data \
40		stderr-after-eof \
41		broken-pipe \
42		try-ciphers \
43		yes-head \
44		login-timeout \
45		agent \
46		agent-getpeereid \
47		agent-timeout \
48		agent-ptrace \
49		agent-subprocess \
50		keyscan \
51		keygen-change \
52		keygen-comment \
53		keygen-convert \
54		keygen-knownhosts \
55		keygen-moduli \
56		keygen-sshfp \
57		key-options \
58		scp \
59		scp3 \
60		scp-uri \
61		sftp \
62		sftp-chroot \
63		sftp-cmds \
64		sftp-badcmds \
65		sftp-batch \
66		sftp-glob \
67		sftp-perm \
68		sftp-uri \
69		reconfigure \
70		dynamic-forward \
71		forwarding \
72		multiplex \
73		reexec \
74		brokenkeys \
75		sshcfgparse \
76		cfgparse \
77		cfgmatch \
78		cfgmatchlisten \
79		percent \
80		addrmatch \
81		localcommand \
82		forcecommand \
83		portnum \
84		keytype \
85		kextype \
86		cert-hostkey \
87		cert-userkey \
88		host-expand \
89		keys-command \
90		forward-control \
91		integrity \
92		krl \
93		multipubkey \
94		limit-keytype \
95		hostkey-agent \
96		hostkey-rotate \
97		principals-command \
98		cert-file \
99		cfginclude \
100		servcfginclude \
101		allow-deny-users \
102		authinfo \
103		sshsig \
104		knownhosts \
105		knownhosts-command \
106		agent-restrict \
107		hostbased \
108		channel-timeout \
109		connection-timeout \
110		match-subsystem \
111		agent-pkcs11-restrict \
112		agent-pkcs11-cert
113
114INTEROP_TESTS=	putty-transfer putty-ciphers putty-kex conch-ciphers
115INTEROP_TESTS+=	dropbear-ciphers dropbear-kex
116#INTEROP_TESTS+=ssh-com ssh-com-client ssh-com-keygen ssh-com-sftp
117
118EXTRA_TESTS=	agent-pkcs11
119#EXTRA_TESTS+= 	cipher-speed
120
121USERNAME=		${LOGNAME}
122CLEANFILES=	*.core actual agent-key.* authorized_keys_${USERNAME} \
123		authorized_keys_${USERNAME}.* \
124		authorized_principals_${USERNAME} \
125		banner.in banner.out cert_host_key* cert_user_key* \
126		copy.1 copy.2 data ed25519-agent ed25519-agent* \
127		ed25519-agent.pub ed25519 ed25519.pub empty.in \
128		expect failed-regress.log failed-ssh.log failed-sshd.log \
129		hkr.* host.ecdsa-sha2-nistp256 host.ecdsa-sha2-nistp384 \
130		host.ecdsa-sha2-nistp521 host.ssh-dss host.ssh-ed25519 \
131		host.ssh-rsa host_ca_key* host_krl_* host_revoked_* key.* \
132		key.dsa-* key.ecdsa-* key.ed25519-512 \
133		key.ed25519-512.pub key.rsa-* keys-command-args kh.* askpass \
134		known_hosts known_hosts-cert known_hosts.* krl-* ls.copy \
135		modpipe netcat no_identity_config \
136		pidfile putty.rsa2 ready regress.log remote_pid \
137		revoked-* rsa rsa-agent rsa-agent.pub rsa.pub rsa_ssh2_cr.prv \
138		rsa_ssh2_crnl.prv scp-ssh-wrapper.exe \
139		scp-ssh-wrapper.scp setuid-allowed sftp-server.log \
140		sftp-server.sh sftp.log ssh-log-wrapper.sh ssh.log \
141		ssh-agent.log ssh-add.log slow-sftp-server.sh \
142		ssh-rsa_oldfmt knownhosts_command \
143		ssh_config ssh_config.* ssh_proxy ssh_proxy_bak \
144		ssh_proxy_* sshd.log sshd_config sshd_config.* \
145		sshd_config.* sshd_proxy sshd_proxy.* sshd_proxy_bak \
146		sshd_proxy_orig t10.out t10.out.pub t12.out t12.out.pub \
147		t2.out t3.out t6.out1 t6.out2 t7.out t7.out.pub \
148		t8.out t8.out.pub t9.out t9.out.pub \
149		timestamp testdata user_*key* user_ca* user_key*
150
151# Enable all malloc(3) randomisations and checks
152TEST_ENV=      "MALLOC_OPTIONS=CFGJRSUX"
153
154TEST_SSH_SSHKEYGEN?=ssh-keygen
155
156CPPFLAGS=-I..
157
158t1:
159	set -xe ; if ${TEST_SSH_SSH} -Q key | grep -q "^ssh-rsa" ; then \
160		${TEST_SSH_SSHKEYGEN} -if ${.CURDIR}/rsa_ssh2.prv | diff - ${.CURDIR}/rsa_openssh.prv ; \
161		tr '\n' '\r' <${.CURDIR}/rsa_ssh2.prv > ${.OBJDIR}/rsa_ssh2_cr.prv ; \
162		${TEST_SSH_SSHKEYGEN} -if ${.OBJDIR}/rsa_ssh2_cr.prv | diff - ${.CURDIR}/rsa_openssh.prv ; \
163		awk '{print $$0 "\r"}' ${.CURDIR}/rsa_ssh2.prv > ${.OBJDIR}/rsa_ssh2_crnl.prv ; \
164		${TEST_SSH_SSHKEYGEN} -if ${.OBJDIR}/rsa_ssh2_crnl.prv | diff - ${.CURDIR}/rsa_openssh.prv ; \
165	fi
166
167t2:
168	set -xe ; if ${TEST_SSH_SSH} -Q key | grep -q "^ssh-rsa" ; then \
169		cat ${.CURDIR}/rsa_openssh.prv > $(OBJ)/t2.out ; \
170		chmod 600 $(OBJ)/t2.out ; \
171		${TEST_SSH_SSHKEYGEN} -yf $(OBJ)/t2.out | diff - ${.CURDIR}/rsa_openssh.pub ; \
172	fi
173
174t3:
175	set -xe ; if ${TEST_SSH_SSH} -Q key | grep -q "^ssh-rsa" ; then \
176		${TEST_SSH_SSHKEYGEN} -ef ${.CURDIR}/rsa_openssh.pub >$(OBJ)/t3.out ; \
177		${TEST_SSH_SSHKEYGEN} -if $(OBJ)/t3.out | diff - ${.CURDIR}/rsa_openssh.pub ; \
178	fi
179
180t4:
181	set -xe ; if ${TEST_SSH_SSH} -Q key | grep -q "^ssh-rsa" ; then \
182		${TEST_SSH_SSHKEYGEN} -E md5 -lf ${.CURDIR}/rsa_openssh.pub |\
183			awk '{print $$2}' | diff - ${.CURDIR}/t4.ok ; \
184	fi
185
186t5:
187	set -xe ; if ${TEST_SSH_SSH} -Q key | grep -q "^ssh-rsa" ; then \
188		${TEST_SSH_SSHKEYGEN} -Bf ${.CURDIR}/rsa_openssh.pub |\
189			awk '{print $$2}' | diff - ${.CURDIR}/t5.ok ; \
190	fi
191t6:
192	set -xe ; if ${TEST_SSH_SSH} -Q key | grep -q "^ssh-dss" ; then \
193		${TEST_SSH_SSHKEYGEN} -if ${.CURDIR}/dsa_ssh2.prv > $(OBJ)/t6.out1 ; \
194		${TEST_SSH_SSHKEYGEN} -if ${.CURDIR}/dsa_ssh2.pub > $(OBJ)/t6.out2 ; \
195		chmod 600 $(OBJ)/t6.out1 ; \
196		${TEST_SSH_SSHKEYGEN} -yf $(OBJ)/t6.out1 | diff - $(OBJ)/t6.out2 ; \
197	fi
198
199$(OBJ)/t7.out:
200	set -xe ; if ${TEST_SSH_SSH} -Q key | grep -q "^ssh-dss" ; then \
201		${TEST_SSH_SSHKEYGEN} -q -t rsa -N '' -f $@ ; \
202	fi
203
204t7: $(OBJ)/t7.out
205	set -xe ; if ${TEST_SSH_SSH} -Q key | grep -q "^ssh-dss" ; then \
206		${TEST_SSH_SSHKEYGEN} -lf $(OBJ)/t7.out > /dev/null ; \
207		${TEST_SSH_SSHKEYGEN} -Bf $(OBJ)/t7.out > /dev/null ; \
208	fi
209
210$(OBJ)/t8.out:
211	set -xe ; if ssh -Q key | grep -q "^ssh-dss" ; then \
212		${TEST_SSH_SSHKEYGEN} -q -t dsa -N '' -f $@ ; \
213	fi
214
215t8: $(OBJ)/t8.out
216	set -xe ; if ssh -Q key | grep -q "^ssh-dss" ; then \
217		${TEST_SSH_SSHKEYGEN} -lf $(OBJ)/t8.out > /dev/null ; \
218		${TEST_SSH_SSHKEYGEN} -Bf $(OBJ)/t8.out > /dev/null ; \
219	fi
220
221$(OBJ)/t9.out:
222	! ${TEST_SSH_SSH} -Q key-plain | grep ecdsa >/dev/null || \
223	${TEST_SSH_SSHKEYGEN} -q -t ecdsa -N '' -f $@
224
225t9: $(OBJ)/t9.out
226	! ${TEST_SSH_SSH} -Q key-plain | grep ecdsa >/dev/null || \
227	${TEST_SSH_SSHKEYGEN} -lf $(OBJ)/t9.out > /dev/null
228	! ${TEST_SSH_SSH} -Q key-plain | grep ecdsa >/dev/null || \
229	${TEST_SSH_SSHKEYGEN} -Bf $(OBJ)/t9.out > /dev/null
230
231
232$(OBJ)/t10.out:
233	${TEST_SSH_SSHKEYGEN} -q -t ed25519 -N '' -f $@
234
235t10: $(OBJ)/t10.out
236	${TEST_SSH_SSHKEYGEN} -lf $(OBJ)/t10.out > /dev/null
237	${TEST_SSH_SSHKEYGEN} -Bf $(OBJ)/t10.out > /dev/null
238
239t11:
240	set -xe ; if ${TEST_SSH_SSH} -Q key | grep -q "^ssh-dss" ; then \
241		${TEST_SSH_SSHKEYGEN} -E sha256 -lf ${.CURDIR}/rsa_openssh.pub |\
242			awk '{print $$2}' | diff - ${.CURDIR}/t11.ok ; \
243	fi
244
245$(OBJ)/t12.out:
246	${TEST_SSH_SSHKEYGEN} -q -t ed25519 -N '' -C 'test-comment-1234' -f $@
247
248t12: $(OBJ)/t12.out
249	${TEST_SSH_SSHKEYGEN} -lf $(OBJ)/t12.out.pub | grep test-comment-1234 >/dev/null
250
251t-exec:	${LTESTS:=.sh}
252	@if [ "x$?" = "x" ]; then exit 0; fi; \
253	_started=""; test -z "${LTESTS_FROM}" && _started=1 ;\
254	for TEST in ""$?; do \
255		if [ -z "$$_started" ] ; then \
256			if [ "x$$TEST" = "x${LTESTS_FROM}.sh" ]; then \
257				_started=1; \
258			else \
259				continue; \
260			fi ; \
261		fi ; \
262		skip=no; \
263		for t in ""$${SKIP_LTESTS}; do \
264			if [ "x$${t}.sh" = "x$${TEST}" ]; then skip=yes; fi; \
265		done; \
266		if [ "x$${skip}" = "xno" ]; then \
267			echo "run test $${TEST}" ... 1>&2; \
268			(env SUDO="${SUDO}" TEST_ENV=${TEST_ENV} ${TEST_SHELL} ${.CURDIR}/test-exec.sh ${.OBJDIR} ${.CURDIR}/$${TEST}) || exit $$?; \
269		else \
270			echo skip test $${TEST} 1>&2; \
271		fi; \
272	done
273
274t-exec-interop:	${INTEROP_TESTS:=.sh}
275	@if [ "x$?" = "x" ]; then exit 0; fi; \
276	for TEST in ""$?; do \
277		echo "run test $${TEST}" ... 1>&2; \
278		(env SUDO="${SUDO}" TEST_ENV=${TEST_ENV} ${TEST_SHELL} ${.CURDIR}/test-exec.sh ${.OBJDIR} ${.CURDIR}/$${TEST}) || exit $$?; \
279	done
280
281t-extra:	${EXTRA_TESTS:=.sh}
282	@if [ "x$?" = "x" ]; then exit 0; fi; \
283	for TEST in ""$?; do \
284		echo "run test $${TEST}" ... 1>&2; \
285		(env SUDO="${SUDO}" TEST_ENV=${TEST_ENV} ${TEST_SHELL} ${.CURDIR}/test-exec.sh ${.OBJDIR} ${.CURDIR}/$${TEST}) || exit $$?; \
286	done
287
288# Not run by default
289interop: ${INTEROP_TARGETS}
290
291# Unit tests, built by top-level Makefile
292unit:
293	set -e ; if test -z "${SKIP_UNIT}" ; then \
294		V="" ; \
295		test "x${USE_VALGRIND}" = "x" || \
296		    V=${.CURDIR}/valgrind-unit.sh ; \
297		 $$V ${.OBJDIR}/unittests/sshbuf/test_sshbuf ; \
298		 $$V ${.OBJDIR}/unittests/sshkey/test_sshkey \
299			-d ${.CURDIR}/unittests/sshkey/testdata ; \
300		$$V ${.OBJDIR}/unittests/sshsig/test_sshsig \
301			-d ${.CURDIR}/unittests/sshsig/testdata ; \
302		$$V ${.OBJDIR}/unittests/authopt/test_authopt \
303			-d ${.CURDIR}/unittests/authopt/testdata ; \
304		$$V ${.OBJDIR}/unittests/bitmap/test_bitmap ; \
305		$$V ${.OBJDIR}/unittests/conversion/test_conversion ; \
306		$$V ${.OBJDIR}/unittests/kex/test_kex ; \
307		$$V ${.OBJDIR}/unittests/hostkeys/test_hostkeys \
308			-d ${.CURDIR}/unittests/hostkeys/testdata ; \
309		$$V ${.OBJDIR}/unittests/match/test_match ; \
310		$$V ${.OBJDIR}/unittests/misc/test_misc ; \
311		if test "x${TEST_SSH_UTF8}" = "xyes"  ; then \
312			$$V ${.OBJDIR}/unittests/utf8/test_utf8 ; \
313		fi \
314	fi
315