xref: /freebsd/crypto/openssh/regress/percent.sh (revision 16e02ae401ebd9aa7d47f46dc4905f4f8add70a8)
1#	$OpenBSD: percent.sh,v 1.13 2021/07/25 12:13:03 dtucker Exp $
2#	Placed in the Public Domain.
3
4tid="percent expansions"
5
6if [ -x "/usr/xpg4/bin/id" ]; then
7	PATH=/usr/xpg4/bin:$PATH
8	export PATH
9fi
10
11USER=`id -u -n`
12USERID=`id -u`
13HOST=`hostname | cut -f1 -d.`
14HOSTNAME=`hostname`
15
16# Localcommand is evaluated after connection because %T is not available
17# until then.  Because of this we use a different method of exercising it,
18# and we can't override the remote user otherwise authentication will fail.
19# We also have to explicitly enable it.
20echo "permitlocalcommand yes" >> $OBJ/ssh_proxy
21
22trial()
23{
24	opt="$1"; arg="$2"; expect="$3"
25
26	trace "test $opt=$arg $expect"
27	rm -f $OBJ/actual
28	got=""
29	case "$opt" in
30	localcommand)
31		${SSH} -F $OBJ/ssh_proxy -o $opt="echo '$arg' >$OBJ/actual" \
32		    somehost true
33		got=`cat $OBJ/actual`
34		;;
35	userknownhostsfile)
36		# Move the userknownhosts file to what the expansion says,
37		# make sure ssh works then put it back.
38		mv "$OBJ/known_hosts" "$OBJ/$expect"
39		${SSH} -F $OBJ/ssh_proxy -o $opt="$OBJ/$arg" somehost true && \
40			got="$expect"
41		mv "$OBJ/$expect" "$OBJ/known_hosts"
42		;;
43	matchexec)
44		(cat $OBJ/ssh_proxy && \
45		 echo "Match Exec \"echo '$arg' >$OBJ/actual\"") \
46		    >$OBJ/ssh_proxy_match
47		${SSH} -F $OBJ/ssh_proxy_match remuser@somehost true || true
48		got=`cat $OBJ/actual`
49		;;
50	*forward)
51		# LocalForward and RemoteForward take two args and only
52		# operate on Unix domain socket paths
53		got=`${SSH} -F $OBJ/ssh_proxy -o $opt="/$arg /$arg" -G \
54		    remuser@somehost | awk '$1=="'$opt'"{print $2" "$3}'`
55		expect="/$expect /$expect"
56		;;
57	*)
58		got=`${SSH} -F $OBJ/ssh_proxy -o $opt="$arg" -G \
59		    remuser@somehost | awk '$1=="'$opt'"{print $2}'`
60	esac
61	if [ "$got" != "$expect" ]; then
62		fail "$opt=$arg expect $expect got $got"
63	fi
64}
65
66for i in matchexec localcommand remotecommand controlpath identityagent \
67    forwardagent localforward remoteforward userknownhostsfile; do
68	verbose $tid $i percent
69	case "$i" in
70	localcommand|userknownhostsfile)
71		# Any test that's going to actually make a connection needs
72		# to use the real username.
73		REMUSER=$USER ;;
74	*)
75		REMUSER=remuser ;;
76	esac
77	if [ "$i" = "$localcommand" ]; then
78		trial $i '%T' NONE
79	fi
80	# Matches implementation in readconf.c:ssh_connection_hash()
81	HASH=`printf "${HOSTNAME}127.0.0.1${PORT}$REMUSER" |
82	    $OPENSSL_BIN sha1 | cut -f2 -d' '`
83	trial $i '%%' '%'
84	trial $i '%C' $HASH
85	trial $i '%i' $USERID
86	trial $i '%h' 127.0.0.1
87	trial $i '%L' $HOST
88	trial $i '%l' $HOSTNAME
89	trial $i '%n' somehost
90	trial $i '%k' localhost-with-alias
91	trial $i '%p' $PORT
92	trial $i '%r' $REMUSER
93	trial $i '%u' $USER
94	# We can't specify a full path outside the regress dir, so skip tests
95	# containing %d for UserKnownHostsFile
96	if [ "$i" != "userknownhostsfile" ]; then
97		trial $i '%d' $HOME
98		trial $i '%%/%C/%i/%h/%d/%L/%l/%n/%p/%r/%u' \
99		    "%/$HASH/$USERID/127.0.0.1/$HOME/$HOST/$HOSTNAME/somehost/$PORT/$REMUSER/$USER"
100	fi
101done
102
103# Subset of above since we don't expand shell-style variables on anything that
104# runs a command because the shell will expand those.
105for i in controlpath identityagent forwardagent localforward remoteforward \
106    userknownhostsfile; do
107	verbose $tid $i dollar
108	FOO=bar
109	export FOO
110	trial $i '${FOO}' $FOO
111done
112
113
114# A subset of options support tilde expansion
115for i in controlpath identityagent forwardagent; do
116	verbose $tid $i tilde
117	trial $i '~' $HOME/
118	trial $i '~/.ssh' $HOME/.ssh
119done
120