1# $OpenBSD: integrity.sh,v 1.19 2016/11/25 02:56:49 dtucker Exp $ 2# Placed in the Public Domain. 3 4tid="integrity" 5cp $OBJ/sshd_proxy $OBJ/sshd_proxy_bak 6 7# start at byte 2900 (i.e. after kex) and corrupt at different offsets 8# XXX the test hangs if we modify the low bytes of the packet length 9# XXX and ssh tries to read... 10tries=10 11startoffset=2900 12macs=`${SSH} -Q mac` 13# The following are not MACs, but ciphers with integrated integrity. They are 14# handled specially below. 15macs="$macs `${SSH} -Q cipher-auth`" 16 17# avoid DH group exchange as the extra traffic makes it harder to get the 18# offset into the stream right. 19echo "KexAlgorithms diffie-hellman-group14-sha1,diffie-hellman-group1-sha1" \ 20 >> $OBJ/ssh_proxy 21 22# sshd-command for proxy (see test-exec.sh) 23cmd="$SUDO sh ${SRC}/sshd-log-wrapper.sh ${TEST_SSHD_LOGFILE} ${SSHD} -i -f $OBJ/sshd_proxy" 24 25for m in $macs; do 26 trace "test $tid: mac $m" 27 elen=0 28 epad=0 29 emac=0 30 ecnt=0 31 skip=0 32 for off in `jot $tries $startoffset`; do 33 skip=`expr $skip - 1` 34 if [ $skip -gt 0 ]; then 35 # avoid modifying the high bytes of the length 36 continue 37 fi 38 cp $OBJ/sshd_proxy_bak $OBJ/sshd_proxy 39 # modify output from sshd at offset $off 40 pxy="proxycommand=$cmd | $OBJ/modpipe -wm xor:$off:1" 41 if ${SSH} -Q cipher-auth | grep "^${m}\$" >/dev/null 2>&1 ; then 42 echo "Ciphers=$m" >> $OBJ/sshd_proxy 43 macopt="-c $m" 44 else 45 echo "Ciphers=aes128-ctr" >> $OBJ/sshd_proxy 46 echo "MACs=$m" >> $OBJ/sshd_proxy 47 macopt="-m $m -c aes128-ctr" 48 fi 49 verbose "test $tid: $m @$off" 50 ${SSH} $macopt -2F $OBJ/ssh_proxy -o "$pxy" \ 51 -oServerAliveInterval=1 -oServerAliveCountMax=30 \ 52 999.999.999.999 'printf "%4096s" " "' >/dev/null 53 if [ $? -eq 0 ]; then 54 fail "ssh -m $m succeeds with bit-flip at $off" 55 fi 56 ecnt=`expr $ecnt + 1` 57 out=$(egrep -v "^debug" $TEST_SSH_LOGFILE | tail -2 | \ 58 tr -s '\r\n' '.') 59 case "$out" in 60 Bad?packet*) elen=`expr $elen + 1`; skip=3;; 61 Corrupted?MAC* | *message?authentication?code?incorrect*) 62 emac=`expr $emac + 1`; skip=0;; 63 padding*) epad=`expr $epad + 1`; skip=0;; 64 *) fail "unexpected error mac $m at $off: $out";; 65 esac 66 done 67 verbose "test $tid: $ecnt errors: mac $emac padding $epad length $elen" 68 if [ $emac -eq 0 ]; then 69 fail "$m: no mac errors" 70 fi 71 expect=`expr $ecnt - $epad - $elen` 72 if [ $emac -ne $expect ]; then 73 fail "$m: expected $expect mac errors, got $emac" 74 fi 75done 76