1# $OpenBSD: forwarding.sh,v 1.24 2021/05/07 09:23:40 dtucker Exp $ 2# Placed in the Public Domain. 3 4tid="local and remote forwarding" 5 6DATA=/bin/ls${EXEEXT} 7 8start_sshd 9 10base=33 11last=$PORT 12fwd="" 13make_tmpdir 14CTL=${SSH_REGRESS_TMP}/ctl-sock 15 16for j in 0 1 2; do 17 for i in 0 1 2; do 18 a=$base$j$i 19 b=`expr $a + 50` 20 c=$last 21 # fwd chain: $a -> $b -> $c 22 fwd="$fwd -L$a:127.0.0.1:$b -R$b:127.0.0.1:$c" 23 last=$a 24 done 25done 26 27trace "start forwarding, fork to background" 28rm -f $CTL 29${SSH} -S $CTL -N -M -F $OBJ/ssh_config -f $fwd somehost 30 31trace "transfer over forwarded channels and check result" 32${SSH} -F $OBJ/ssh_config -p$last -o 'ConnectionAttempts=10' \ 33 somehost cat ${DATA} > ${COPY} 34test -s ${COPY} || fail "failed copy of ${DATA}" 35cmp ${DATA} ${COPY} || fail "corrupted copy of ${DATA}" 36 37${SSH} -F $OBJ/ssh_config -S $CTL -O exit somehost 2>/dev/null 38 39for d in L R; do 40 trace "exit on -$d forward failure" 41 42 # this one should succeed 43 ${SSH} -F $OBJ/ssh_config \ 44 -$d ${base}01:127.0.0.1:$PORT \ 45 -$d ${base}02:127.0.0.1:$PORT \ 46 -$d ${base}03:127.0.0.1:$PORT \ 47 -$d ${base}04:127.0.0.1:$PORT \ 48 -oExitOnForwardFailure=yes somehost true 49 if [ $? != 0 ]; then 50 fatal "connection failed, should not" 51 else 52 # this one should fail 53 ${SSH} -q -F $OBJ/ssh_config \ 54 -$d ${base}01:127.0.0.1:$PORT \ 55 -$d ${base}02:127.0.0.1:$PORT \ 56 -$d ${base}03:127.0.0.1:$PORT \ 57 -$d ${base}01:localhost:$PORT \ 58 -$d ${base}04:127.0.0.1:$PORT \ 59 -oExitOnForwardFailure=yes somehost true 60 r=$? 61 if [ $r != 255 ]; then 62 fail "connection not termintated, but should ($r)" 63 fi 64 fi 65done 66 67trace "simple clear forwarding" 68${SSH} -F $OBJ/ssh_config -oClearAllForwardings=yes somehost true 69 70trace "clear local forward" 71rm -f $CTL 72${SSH} -S $CTL -N -M -f -F $OBJ/ssh_config -L ${base}01:127.0.0.1:$PORT \ 73 -oClearAllForwardings=yes somehost 74if [ $? != 0 ]; then 75 fail "connection failed with cleared local forwarding" 76else 77 # this one should fail 78 ${SSH} -F $OBJ/ssh_config -p ${base}01 somehost true \ 79 >>$TEST_REGRESS_LOGFILE 2>&1 && \ 80 fail "local forwarding not cleared" 81fi 82${SSH} -F $OBJ/ssh_config -S $CTL -O exit somehost 2>/dev/null 83 84trace "clear remote forward" 85rm -f $CTL 86${SSH} -S $CTL -N -M -f -F $OBJ/ssh_config -R ${base}01:127.0.0.1:$PORT \ 87 -oClearAllForwardings=yes somehost 88if [ $? != 0 ]; then 89 fail "connection failed with cleared remote forwarding" 90else 91 # this one should fail 92 ${SSH} -F $OBJ/ssh_config -p ${base}01 somehost true \ 93 >>$TEST_REGRESS_LOGFILE 2>&1 && \ 94 fail "remote forwarding not cleared" 95fi 96${SSH} -F $OBJ/ssh_config -S $CTL -O exit somehost 2>/dev/null 97 98trace "stdio forwarding" 99cmd="${SSH} -F $OBJ/ssh_config" 100$cmd -o "ProxyCommand $cmd -q -W localhost:$PORT somehost" somehost true 101if [ $? != 0 ]; then 102 fail "stdio forwarding" 103fi 104 105echo "LocalForward ${base}01 127.0.0.1:$PORT" >> $OBJ/ssh_config 106echo "RemoteForward ${base}02 127.0.0.1:${base}01" >> $OBJ/ssh_config 107 108trace "config file: start forwarding, fork to background" 109rm -f $CTL 110${SSH} -S $CTL -N -M -F $OBJ/ssh_config -f somehost 111 112trace "config file: transfer over forwarded channels and check result" 113${SSH} -F $OBJ/ssh_config -p${base}02 -o 'ConnectionAttempts=10' \ 114 somehost cat ${DATA} > ${COPY} 115test -s ${COPY} || fail "failed copy of ${DATA}" 116cmp ${DATA} ${COPY} || fail "corrupted copy of ${DATA}" 117 118${SSH} -F $OBJ/ssh_config -S $CTL -O exit somehost 2>/dev/null 119 120trace "transfer over chained unix domain socket forwards and check result" 121rm -f $OBJ/unix-[123].fwd 122rm -f $CTL $CTL.[123] 123${SSH} -S $CTL -N -M -f -F $OBJ/ssh_config -R${base}01:[$OBJ/unix-1.fwd] somehost 124${SSH} -S $CTL.1 -N -M -f -F $OBJ/ssh_config -L[$OBJ/unix-1.fwd]:[$OBJ/unix-2.fwd] somehost 125${SSH} -S $CTL.2 -N -M -f -F $OBJ/ssh_config -R[$OBJ/unix-2.fwd]:[$OBJ/unix-3.fwd] somehost 126${SSH} -S $CTL.3 -N -M -f -F $OBJ/ssh_config -L[$OBJ/unix-3.fwd]:127.0.0.1:$PORT somehost 127${SSH} -F $OBJ/ssh_config -p${base}01 -o 'ConnectionAttempts=10' \ 128 somehost cat ${DATA} > ${COPY} 129test -s ${COPY} || fail "failed copy ${DATA}" 130cmp ${DATA} ${COPY} || fail "corrupted copy of ${DATA}" 131 132${SSH} -F $OBJ/ssh_config -S $CTL -O exit somehost 2>/dev/null 133${SSH} -F $OBJ/ssh_config -S $CTL.1 -O exit somehost 2>/dev/null 134${SSH} -F $OBJ/ssh_config -S $CTL.2 -O exit somehost 2>/dev/null 135${SSH} -F $OBJ/ssh_config -S $CTL.3 -O exit somehost 2>/dev/null 136 137