xref: /freebsd/crypto/openssh/regress/forwarding.sh (revision a2aef24aa3c8458e4036735dd6928b4ef77294e5)
1#	$OpenBSD: forwarding.sh,v 1.19 2017/01/30 05:22:14 djm Exp $
2#	Placed in the Public Domain.
3
4tid="local and remote forwarding"
5
6DATA=/bin/ls${EXEEXT}
7
8start_sshd
9
10base=33
11last=$PORT
12fwd=""
13CTL=/tmp/openssh.regress.ctl-sock.$$
14
15for j in 0 1 2; do
16	for i in 0 1 2; do
17		a=$base$j$i
18		b=`expr $a + 50`
19		c=$last
20		# fwd chain: $a -> $b -> $c
21		fwd="$fwd -L$a:127.0.0.1:$b -R$b:127.0.0.1:$c"
22		last=$a
23	done
24done
25for p in ${SSH_PROTOCOLS}; do
26	q=`expr 3 - $p`
27	if ! ssh_version $q; then
28		q=$p
29	fi
30	trace "start forwarding, fork to background"
31	rm -f $CTL
32	${SSH} -S $CTL -M -$p -F $OBJ/ssh_config -f $fwd somehost sleep 10
33
34	trace "transfer over forwarded channels and check result"
35	${SSH} -$q -F $OBJ/ssh_config -p$last -o 'ConnectionAttempts=4' \
36		somehost cat ${DATA} > ${COPY}
37	test -s ${COPY}		|| fail "failed copy of ${DATA}"
38	cmp ${DATA} ${COPY}	|| fail "corrupted copy of ${DATA}"
39
40	${SSH} -F $OBJ/ssh_config -S $CTL -O exit somehost
41done
42
43for p in ${SSH_PROTOCOLS}; do
44for d in L R; do
45	trace "exit on -$d forward failure, proto $p"
46
47	# this one should succeed
48	${SSH} -$p -F $OBJ/ssh_config \
49	    -$d ${base}01:127.0.0.1:$PORT \
50	    -$d ${base}02:127.0.0.1:$PORT \
51	    -$d ${base}03:127.0.0.1:$PORT \
52	    -$d ${base}04:127.0.0.1:$PORT \
53	    -oExitOnForwardFailure=yes somehost true
54	if [ $? != 0 ]; then
55		fatal "connection failed, should not"
56	else
57		# this one should fail
58		${SSH} -q -$p -F $OBJ/ssh_config \
59		    -$d ${base}01:127.0.0.1:$PORT \
60		    -$d ${base}02:127.0.0.1:$PORT \
61		    -$d ${base}03:127.0.0.1:$PORT \
62		    -$d ${base}01:localhost:$PORT \
63		    -$d ${base}04:127.0.0.1:$PORT \
64		    -oExitOnForwardFailure=yes somehost true
65		r=$?
66		if [ $r != 255 ]; then
67			fail "connection not termintated, but should ($r)"
68		fi
69	fi
70done
71done
72
73for p in ${SSH_PROTOCOLS}; do
74	trace "simple clear forwarding proto $p"
75	${SSH} -$p -F $OBJ/ssh_config -oClearAllForwardings=yes somehost true
76
77	trace "clear local forward proto $p"
78	rm -f $CTL
79	${SSH} -S $CTL -M -$p -f -F $OBJ/ssh_config -L ${base}01:127.0.0.1:$PORT \
80	    -oClearAllForwardings=yes somehost sleep 10
81	if [ $? != 0 ]; then
82		fail "connection failed with cleared local forwarding"
83	else
84		# this one should fail
85		${SSH} -$p -F $OBJ/ssh_config -p ${base}01 somehost true \
86		     >>$TEST_REGRESS_LOGFILE 2>&1 && \
87			fail "local forwarding not cleared"
88	fi
89	${SSH} -F $OBJ/ssh_config -S $CTL -O exit somehost
90
91	trace "clear remote forward proto $p"
92	rm -f $CTL
93	${SSH} -S $CTL -M -$p -f -F $OBJ/ssh_config -R ${base}01:127.0.0.1:$PORT \
94	    -oClearAllForwardings=yes somehost sleep 10
95	if [ $? != 0 ]; then
96		fail "connection failed with cleared remote forwarding"
97	else
98		# this one should fail
99		${SSH} -$p -F $OBJ/ssh_config -p ${base}01 somehost true \
100		     >>$TEST_REGRESS_LOGFILE 2>&1 && \
101			fail "remote forwarding not cleared"
102	fi
103	${SSH} -F $OBJ/ssh_config -S $CTL -O exit somehost
104done
105
106for p in 2; do
107	trace "stdio forwarding proto $p"
108	cmd="${SSH} -$p -F $OBJ/ssh_config"
109	$cmd -o "ProxyCommand $cmd -q -W localhost:$PORT somehost" \
110		somehost true
111	if [ $? != 0 ]; then
112		fail "stdio forwarding proto $p"
113	fi
114done
115
116echo "LocalForward ${base}01 127.0.0.1:$PORT" >> $OBJ/ssh_config
117echo "RemoteForward ${base}02 127.0.0.1:${base}01" >> $OBJ/ssh_config
118for p in ${SSH_PROTOCOLS}; do
119	trace "config file: start forwarding, fork to background"
120	rm -f $CTL
121	${SSH} -S $CTL -M -$p -F $OBJ/ssh_config -f somehost sleep 10
122
123	trace "config file: transfer over forwarded channels and check result"
124	${SSH} -F $OBJ/ssh_config -p${base}02 -o 'ConnectionAttempts=4' \
125		somehost cat ${DATA} > ${COPY}
126	test -s ${COPY}		|| fail "failed copy of ${DATA}"
127	cmp ${DATA} ${COPY}	|| fail "corrupted copy of ${DATA}"
128
129	${SSH} -F $OBJ/ssh_config -S $CTL -O exit somehost
130done
131
132for p in 2; do
133	trace "transfer over chained unix domain socket forwards and check result"
134	rm -f $OBJ/unix-[123].fwd
135	rm -f $CTL $CTL.[123]
136	${SSH} -S $CTL -M -f -F $OBJ/ssh_config -R${base}01:[$OBJ/unix-1.fwd] somehost sleep 10
137	${SSH} -S $CTL.1 -M -f -F $OBJ/ssh_config -L[$OBJ/unix-1.fwd]:[$OBJ/unix-2.fwd] somehost sleep 10
138	${SSH} -S $CTL.2 -M -f -F $OBJ/ssh_config -R[$OBJ/unix-2.fwd]:[$OBJ/unix-3.fwd] somehost sleep 10
139	${SSH} -S $CTL.3 -M -f -F $OBJ/ssh_config -L[$OBJ/unix-3.fwd]:127.0.0.1:$PORT somehost sleep 10
140	${SSH} -F $OBJ/ssh_config -p${base}01 -o 'ConnectionAttempts=4' \
141		somehost cat ${DATA} > ${COPY}
142	test -s ${COPY}			|| fail "failed copy ${DATA}"
143	cmp ${DATA} ${COPY}		|| fail "corrupted copy of ${DATA}"
144
145	${SSH} -F $OBJ/ssh_config -S $CTL -O exit somehost
146	${SSH} -F $OBJ/ssh_config -S $CTL.1 -O exit somehost
147	${SSH} -F $OBJ/ssh_config -S $CTL.2 -O exit somehost
148	${SSH} -F $OBJ/ssh_config -S $CTL.3 -O exit somehost
149done
150