xref: /freebsd/crypto/openssh/regress/percent.sh (revision 8ddb146abcdf061be9f2c0db7e391697dafad85c) 
1#	$OpenBSD: percent.sh,v 1.14 2022/02/20 03:47:26 dtucker Exp $
2#	Placed in the Public Domain.
3
4tid="percent expansions"
5
6if [ -x "/usr/xpg4/bin/id" ]; then
7	PATH=/usr/xpg4/bin:$PATH
8	export PATH
9fi
10
11USER=`id -u -n`
12USERID=`id -u`
13HOST=`hostname | cut -f1 -d.`
14HOSTNAME=`hostname`
15
16# Localcommand is evaluated after connection because %T is not available
17# until then.  Because of this we use a different method of exercising it,
18# and we can't override the remote user otherwise authentication will fail.
19# We also have to explicitly enable it.
20echo "permitlocalcommand yes" >> $OBJ/ssh_proxy
21
22trial()
23{
24	opt="$1"; arg="$2"
25	expect=`echo "$3" | sed 's|^//|/|'` # approximate realpath
26
27	trace "test $opt=$arg $expect"
28	rm -f $OBJ/actual
29	got=""
30	case "$opt" in
31	localcommand)
32		${SSH} -F $OBJ/ssh_proxy -o $opt="echo '$arg' >$OBJ/actual" \
33		    somehost true
34		got=`cat $OBJ/actual`
35		;;
36	userknownhostsfile)
37		# Move the userknownhosts file to what the expansion says,
38		# make sure ssh works then put it back.
39		mv "$OBJ/known_hosts" "$OBJ/$expect"
40		${SSH} -F $OBJ/ssh_proxy -o $opt="$OBJ/$arg" somehost true && \
41			got="$expect"
42		mv "$OBJ/$expect" "$OBJ/known_hosts"
43		;;
44	matchexec)
45		(cat $OBJ/ssh_proxy && \
46		 echo "Match Exec \"echo '$arg' >$OBJ/actual\"") \
47		    >$OBJ/ssh_proxy_match
48		${SSH} -F $OBJ/ssh_proxy_match remuser@somehost true || true
49		got=`cat $OBJ/actual`
50		;;
51	*forward)
52		# LocalForward and RemoteForward take two args and only
53		# operate on Unix domain socket paths
54		got=`${SSH} -F $OBJ/ssh_proxy -o $opt="/$arg /$arg" -G \
55		    remuser@somehost | awk '$1=="'$opt'"{print $2" "$3}'`
56		expect="/$expect /$expect"
57		;;
58	*)
59		got=`${SSH} -F $OBJ/ssh_proxy -o $opt="$arg" -G \
60		    remuser@somehost | awk '$1=="'$opt'"{print $2}'`
61	esac
62	if [ "$got" != "$expect" ]; then
63		fail "$opt=$arg expect $expect got $got"
64	fi
65}
66
67for i in matchexec localcommand remotecommand controlpath identityagent \
68    forwardagent localforward remoteforward userknownhostsfile; do
69	verbose $tid $i percent
70	case "$i" in
71	localcommand|userknownhostsfile)
72		# Any test that's going to actually make a connection needs
73		# to use the real username.
74		REMUSER=$USER ;;
75	*)
76		REMUSER=remuser ;;
77	esac
78	if [ "$i" = "$localcommand" ]; then
79		trial $i '%T' NONE
80	fi
81	# Matches implementation in readconf.c:ssh_connection_hash()
82	HASH=`printf "${HOSTNAME}127.0.0.1${PORT}$REMUSER" |
83	    $OPENSSL_BIN sha1 | cut -f2 -d' '`
84	trial $i '%%' '%'
85	trial $i '%C' $HASH
86	trial $i '%i' $USERID
87	trial $i '%h' 127.0.0.1
88	trial $i '%L' $HOST
89	trial $i '%l' $HOSTNAME
90	trial $i '%n' somehost
91	trial $i '%k' localhost-with-alias
92	trial $i '%p' $PORT
93	trial $i '%r' $REMUSER
94	trial $i '%u' $USER
95	# We can't specify a full path outside the regress dir, so skip tests
96	# containing %d for UserKnownHostsFile
97	if [ "$i" != "userknownhostsfile" ]; then
98		trial $i '%d' $HOME
99		trial $i '%%/%C/%i/%h/%d/%L/%l/%n/%p/%r/%u' \
100		    "%/$HASH/$USERID/127.0.0.1/$HOME/$HOST/$HOSTNAME/somehost/$PORT/$REMUSER/$USER"
101	fi
102done
103
104# Subset of above since we don't expand shell-style variables on anything that
105# runs a command because the shell will expand those.
106for i in controlpath identityagent forwardagent localforward remoteforward \
107    userknownhostsfile; do
108	verbose $tid $i dollar
109	FOO=bar
110	export FOO
111	trial $i '${FOO}' $FOO
112done
113
114
115# A subset of options support tilde expansion
116for i in controlpath identityagent forwardagent; do
117	verbose $tid $i tilde
118	trial $i '~' $HOME/
119	trial $i '~/.ssh' $HOME/.ssh
120done
121