1*19261079SEd Maste# $OpenBSD: forwarding.sh,v 1.24 2021/05/07 09:23:40 dtucker Exp $ 2ce3adf43SDag-Erling Smørgrav# Placed in the Public Domain. 3ce3adf43SDag-Erling Smørgrav 4ce3adf43SDag-Erling Smørgravtid="local and remote forwarding" 5ce3adf43SDag-Erling Smørgrav 6ce3adf43SDag-Erling SmørgravDATA=/bin/ls${EXEEXT} 7ce3adf43SDag-Erling Smørgrav 8ce3adf43SDag-Erling Smørgravstart_sshd 9ce3adf43SDag-Erling Smørgrav 10ce3adf43SDag-Erling Smørgravbase=33 11ce3adf43SDag-Erling Smørgravlast=$PORT 12ce3adf43SDag-Erling Smørgravfwd="" 13190cef3dSDag-Erling Smørgravmake_tmpdir 14190cef3dSDag-Erling SmørgravCTL=${SSH_REGRESS_TMP}/ctl-sock 15bc5531deSDag-Erling Smørgrav 16ce3adf43SDag-Erling Smørgravfor j in 0 1 2; do 17ce3adf43SDag-Erling Smørgrav for i in 0 1 2; do 18ce3adf43SDag-Erling Smørgrav a=$base$j$i 19ce3adf43SDag-Erling Smørgrav b=`expr $a + 50` 20ce3adf43SDag-Erling Smørgrav c=$last 21ce3adf43SDag-Erling Smørgrav # fwd chain: $a -> $b -> $c 22ce3adf43SDag-Erling Smørgrav fwd="$fwd -L$a:127.0.0.1:$b -R$b:127.0.0.1:$c" 23ce3adf43SDag-Erling Smørgrav last=$a 24ce3adf43SDag-Erling Smørgrav done 25ce3adf43SDag-Erling Smørgravdone 264f52dfbbSDag-Erling Smørgrav 27ce3adf43SDag-Erling Smørgravtrace "start forwarding, fork to background" 28d93a896eSDag-Erling Smørgravrm -f $CTL 29*19261079SEd Maste${SSH} -S $CTL -N -M -F $OBJ/ssh_config -f $fwd somehost 30ce3adf43SDag-Erling Smørgrav 31ce3adf43SDag-Erling Smørgravtrace "transfer over forwarded channels and check result" 32*19261079SEd Maste${SSH} -F $OBJ/ssh_config -p$last -o 'ConnectionAttempts=10' \ 33ce3adf43SDag-Erling Smørgrav somehost cat ${DATA} > ${COPY} 34a0ee8cc6SDag-Erling Smørgravtest -s ${COPY} || fail "failed copy of ${DATA}" 35ce3adf43SDag-Erling Smørgravcmp ${DATA} ${COPY} || fail "corrupted copy of ${DATA}" 36ce3adf43SDag-Erling Smørgrav 37*19261079SEd Maste${SSH} -F $OBJ/ssh_config -S $CTL -O exit somehost 2>/dev/null 38ce3adf43SDag-Erling Smørgrav 39ce3adf43SDag-Erling Smørgravfor d in L R; do 404f52dfbbSDag-Erling Smørgrav trace "exit on -$d forward failure" 41ce3adf43SDag-Erling Smørgrav 42ce3adf43SDag-Erling Smørgrav # this one should succeed 434f52dfbbSDag-Erling Smørgrav ${SSH} -F $OBJ/ssh_config \ 44ce3adf43SDag-Erling Smørgrav -$d ${base}01:127.0.0.1:$PORT \ 45ce3adf43SDag-Erling Smørgrav -$d ${base}02:127.0.0.1:$PORT \ 46ce3adf43SDag-Erling Smørgrav -$d ${base}03:127.0.0.1:$PORT \ 47ce3adf43SDag-Erling Smørgrav -$d ${base}04:127.0.0.1:$PORT \ 48ce3adf43SDag-Erling Smørgrav -oExitOnForwardFailure=yes somehost true 49ce3adf43SDag-Erling Smørgrav if [ $? != 0 ]; then 50d93a896eSDag-Erling Smørgrav fatal "connection failed, should not" 51ce3adf43SDag-Erling Smørgrav else 52ce3adf43SDag-Erling Smørgrav # this one should fail 534f52dfbbSDag-Erling Smørgrav ${SSH} -q -F $OBJ/ssh_config \ 54ce3adf43SDag-Erling Smørgrav -$d ${base}01:127.0.0.1:$PORT \ 55ce3adf43SDag-Erling Smørgrav -$d ${base}02:127.0.0.1:$PORT \ 56ce3adf43SDag-Erling Smørgrav -$d ${base}03:127.0.0.1:$PORT \ 57076ad2f8SDag-Erling Smørgrav -$d ${base}01:localhost:$PORT \ 58ce3adf43SDag-Erling Smørgrav -$d ${base}04:127.0.0.1:$PORT \ 59ce3adf43SDag-Erling Smørgrav -oExitOnForwardFailure=yes somehost true 60ce3adf43SDag-Erling Smørgrav r=$? 61ce3adf43SDag-Erling Smørgrav if [ $r != 255 ]; then 62ce3adf43SDag-Erling Smørgrav fail "connection not termintated, but should ($r)" 63ce3adf43SDag-Erling Smørgrav fi 64ce3adf43SDag-Erling Smørgrav fi 65ce3adf43SDag-Erling Smørgravdone 66ce3adf43SDag-Erling Smørgrav 674f52dfbbSDag-Erling Smørgravtrace "simple clear forwarding" 684f52dfbbSDag-Erling Smørgrav${SSH} -F $OBJ/ssh_config -oClearAllForwardings=yes somehost true 69ce3adf43SDag-Erling Smørgrav 704f52dfbbSDag-Erling Smørgravtrace "clear local forward" 71d93a896eSDag-Erling Smørgravrm -f $CTL 72*19261079SEd Maste${SSH} -S $CTL -N -M -f -F $OBJ/ssh_config -L ${base}01:127.0.0.1:$PORT \ 73*19261079SEd Maste -oClearAllForwardings=yes somehost 74ce3adf43SDag-Erling Smørgravif [ $? != 0 ]; then 75ce3adf43SDag-Erling Smørgrav fail "connection failed with cleared local forwarding" 76ce3adf43SDag-Erling Smørgravelse 77ce3adf43SDag-Erling Smørgrav # this one should fail 784f52dfbbSDag-Erling Smørgrav ${SSH} -F $OBJ/ssh_config -p ${base}01 somehost true \ 79ce3adf43SDag-Erling Smørgrav >>$TEST_REGRESS_LOGFILE 2>&1 && \ 80ce3adf43SDag-Erling Smørgrav fail "local forwarding not cleared" 81ce3adf43SDag-Erling Smørgravfi 82*19261079SEd Maste${SSH} -F $OBJ/ssh_config -S $CTL -O exit somehost 2>/dev/null 83ce3adf43SDag-Erling Smørgrav 844f52dfbbSDag-Erling Smørgravtrace "clear remote forward" 85d93a896eSDag-Erling Smørgravrm -f $CTL 86*19261079SEd Maste${SSH} -S $CTL -N -M -f -F $OBJ/ssh_config -R ${base}01:127.0.0.1:$PORT \ 87*19261079SEd Maste -oClearAllForwardings=yes somehost 88ce3adf43SDag-Erling Smørgravif [ $? != 0 ]; then 89ce3adf43SDag-Erling Smørgrav fail "connection failed with cleared remote forwarding" 90ce3adf43SDag-Erling Smørgravelse 91ce3adf43SDag-Erling Smørgrav # this one should fail 924f52dfbbSDag-Erling Smørgrav ${SSH} -F $OBJ/ssh_config -p ${base}01 somehost true \ 93ce3adf43SDag-Erling Smørgrav >>$TEST_REGRESS_LOGFILE 2>&1 && \ 94ce3adf43SDag-Erling Smørgrav fail "remote forwarding not cleared" 95ce3adf43SDag-Erling Smørgravfi 96*19261079SEd Maste${SSH} -F $OBJ/ssh_config -S $CTL -O exit somehost 2>/dev/null 97ce3adf43SDag-Erling Smørgrav 984f52dfbbSDag-Erling Smørgravtrace "stdio forwarding" 994f52dfbbSDag-Erling Smørgravcmd="${SSH} -F $OBJ/ssh_config" 1004f52dfbbSDag-Erling Smørgrav$cmd -o "ProxyCommand $cmd -q -W localhost:$PORT somehost" somehost true 101ce3adf43SDag-Erling Smørgravif [ $? != 0 ]; then 1024f52dfbbSDag-Erling Smørgrav fail "stdio forwarding" 103ce3adf43SDag-Erling Smørgravfi 104ce3adf43SDag-Erling Smørgrav 105ce3adf43SDag-Erling Smørgravecho "LocalForward ${base}01 127.0.0.1:$PORT" >> $OBJ/ssh_config 106ce3adf43SDag-Erling Smørgravecho "RemoteForward ${base}02 127.0.0.1:${base}01" >> $OBJ/ssh_config 1074f52dfbbSDag-Erling Smørgrav 108ce3adf43SDag-Erling Smørgravtrace "config file: start forwarding, fork to background" 109d93a896eSDag-Erling Smørgravrm -f $CTL 110*19261079SEd Maste${SSH} -S $CTL -N -M -F $OBJ/ssh_config -f somehost 111ce3adf43SDag-Erling Smørgrav 112ce3adf43SDag-Erling Smørgravtrace "config file: transfer over forwarded channels and check result" 113*19261079SEd Maste${SSH} -F $OBJ/ssh_config -p${base}02 -o 'ConnectionAttempts=10' \ 114ce3adf43SDag-Erling Smørgrav somehost cat ${DATA} > ${COPY} 115a0ee8cc6SDag-Erling Smørgravtest -s ${COPY} || fail "failed copy of ${DATA}" 116ce3adf43SDag-Erling Smørgravcmp ${DATA} ${COPY} || fail "corrupted copy of ${DATA}" 117ce3adf43SDag-Erling Smørgrav 118*19261079SEd Maste${SSH} -F $OBJ/ssh_config -S $CTL -O exit somehost 2>/dev/null 119a0ee8cc6SDag-Erling Smørgrav 120a0ee8cc6SDag-Erling Smørgravtrace "transfer over chained unix domain socket forwards and check result" 121a0ee8cc6SDag-Erling Smørgravrm -f $OBJ/unix-[123].fwd 122d93a896eSDag-Erling Smørgravrm -f $CTL $CTL.[123] 123*19261079SEd Maste${SSH} -S $CTL -N -M -f -F $OBJ/ssh_config -R${base}01:[$OBJ/unix-1.fwd] somehost 124*19261079SEd Maste${SSH} -S $CTL.1 -N -M -f -F $OBJ/ssh_config -L[$OBJ/unix-1.fwd]:[$OBJ/unix-2.fwd] somehost 125*19261079SEd Maste${SSH} -S $CTL.2 -N -M -f -F $OBJ/ssh_config -R[$OBJ/unix-2.fwd]:[$OBJ/unix-3.fwd] somehost 126*19261079SEd Maste${SSH} -S $CTL.3 -N -M -f -F $OBJ/ssh_config -L[$OBJ/unix-3.fwd]:127.0.0.1:$PORT somehost 127*19261079SEd Maste${SSH} -F $OBJ/ssh_config -p${base}01 -o 'ConnectionAttempts=10' \ 128a0ee8cc6SDag-Erling Smørgrav somehost cat ${DATA} > ${COPY} 129a0ee8cc6SDag-Erling Smørgravtest -s ${COPY} || fail "failed copy ${DATA}" 130a0ee8cc6SDag-Erling Smørgravcmp ${DATA} ${COPY} || fail "corrupted copy of ${DATA}" 131a0ee8cc6SDag-Erling Smørgrav 132*19261079SEd Maste${SSH} -F $OBJ/ssh_config -S $CTL -O exit somehost 2>/dev/null 133*19261079SEd Maste${SSH} -F $OBJ/ssh_config -S $CTL.1 -O exit somehost 2>/dev/null 134*19261079SEd Maste${SSH} -F $OBJ/ssh_config -S $CTL.2 -O exit somehost 2>/dev/null 135*19261079SEd Maste${SSH} -F $OBJ/ssh_config -S $CTL.3 -O exit somehost 2>/dev/null 1364f52dfbbSDag-Erling Smørgrav 137