xref: /freebsd/crypto/openssh/regress/test-exec.sh (revision 6af83ee0d2941d18880b6aaa2b4facd1d30c6106) 
1#	$OpenBSD: test-exec.sh,v 1.23 2004/06/25 01:25:12 djm Exp $
2#	Placed in the Public Domain.
3
4#SUDO=sudo
5
6if [ ! -z "$TEST_SSH_PORT" ]; then
7	PORT="$TEST_SSH_PORT"
8else
9	PORT=4242
10fi
11
12if [ -x /usr/ucb/whoami ]; then
13	USER=`/usr/ucb/whoami`
14elif whoami >/dev/null 2>&1; then
15	USER=`whoami`
16else
17	USER=`id -un`
18fi
19
20OBJ=$1
21if [ "x$OBJ" = "x" ]; then
22	echo '$OBJ not defined'
23	exit 2
24fi
25if [ ! -d $OBJ ]; then
26	echo "not a directory: $OBJ"
27	exit 2
28fi
29SCRIPT=$2
30if [ "x$SCRIPT" = "x" ]; then
31	echo '$SCRIPT not defined'
32	exit 2
33fi
34if [ ! -f $SCRIPT ]; then
35	echo "not a file: $SCRIPT"
36	exit 2
37fi
38if $TEST_SHELL -n $SCRIPT; then
39	true
40else
41	echo "syntax error in $SCRIPT"
42	exit 2
43fi
44unset SSH_AUTH_SOCK
45
46# defaults
47SSH=ssh
48SSHD=sshd
49SSHAGENT=ssh-agent
50SSHADD=ssh-add
51SSHKEYGEN=ssh-keygen
52SSHKEYSCAN=ssh-keyscan
53SFTP=sftp
54SFTPSERVER=/usr/libexec/openssh/sftp-server
55SCP=scp
56
57if [ "x$TEST_SSH_SSH" != "x" ]; then
58	SSH="${TEST_SSH_SSH}"
59fi
60if [ "x$TEST_SSH_SSHD" != "x" ]; then
61	SSHD="${TEST_SSH_SSHD}"
62fi
63if [ "x$TEST_SSH_SSHAGENT" != "x" ]; then
64	SSHAGENT="${TEST_SSH_SSHAGENT}"
65fi
66if [ "x$TEST_SSH_SSHADD" != "x" ]; then
67	SSHADD="${TEST_SSH_SSHADD}"
68fi
69if [ "x$TEST_SSH_SSHKEYGEN" != "x" ]; then
70	SSHKEYGEN="${TEST_SSH_SSHKEYGEN}"
71fi
72if [ "x$TEST_SSH_SSHKEYSCAN" != "x" ]; then
73	SSHKEYSCAN="${TEST_SSH_SSHKEYSCAN}"
74fi
75if [ "x$TEST_SSH_SFTP" != "x" ]; then
76	SFTP="${TEST_SSH_SFTP}"
77fi
78if [ "x$TEST_SSH_SFTPSERVER" != "x" ]; then
79	SFTPSERVER="${TEST_SSH_SFTPSERVER}"
80fi
81if [ "x$TEST_SSH_SCP" != "x" ]; then
82	SCP="${TEST_SSH_SCP}"
83fi
84
85# Path to sshd must be absolute for rexec
86SSHD=`which sshd`
87
88# these should be used in tests
89export SSH SSHD SSHAGENT SSHADD SSHKEYGEN SSHKEYSCAN SFTP SFTPSERVER SCP
90#echo $SSH $SSHD $SSHAGENT $SSHADD $SSHKEYGEN $SSHKEYSCAN $SFTP $SFTPSERVER $SCP
91
92# helper
93echon()
94{
95       if [ "x`echo -n`" = "x" ]; then
96               echo -n "$@"
97       elif [ "x`echo '\c'`" = "x" ]; then
98               echo "$@\c"
99       else
100               fatal "Don't know how to echo without newline."
101       fi
102}
103
104have_prog()
105{
106	saved_IFS="$IFS"
107	IFS=":"
108	for i in $PATH
109	do
110		if [ -x $i/$1 ]; then
111			IFS="$saved_IFS"
112			return 0
113		fi
114	done
115	IFS="$saved_IFS"
116	return 1
117}
118
119cleanup ()
120{
121	if [ -f $PIDFILE ]; then
122		pid=`cat $PIDFILE`
123		if [ "X$pid" = "X" ]; then
124			echo no sshd running
125		else
126			if [ $pid -lt 2 ]; then
127				echo bad pid for ssd: $pid
128			else
129				$SUDO kill $pid
130			fi
131		fi
132	fi
133}
134
135trace ()
136{
137	if [ "X$TEST_SSH_TRACE" = "Xyes" ]; then
138		echo "$@"
139	fi
140}
141
142verbose ()
143{
144	if [ "X$TEST_SSH_QUIET" != "Xyes" ]; then
145		echo "$@"
146	fi
147}
148
149
150fail ()
151{
152	RESULT=1
153	echo "$@"
154}
155
156fatal ()
157{
158	echon "FATAL: "
159	fail "$@"
160	cleanup
161	exit $RESULT
162}
163
164RESULT=0
165PIDFILE=$OBJ/pidfile
166
167trap fatal 3 2
168
169# create server config
170cat << EOF > $OBJ/sshd_config
171	StrictModes		no
172	Port			$PORT
173	ListenAddress		127.0.0.1
174	#ListenAddress		::1
175	PidFile			$PIDFILE
176	AuthorizedKeysFile	$OBJ/authorized_keys_%u
177	LogLevel		QUIET
178	AcceptEnv		_XXX_TEST_*
179	AcceptEnv		_XXX_TEST
180	Subsystem	sftp	$SFTPSERVER
181EOF
182
183if [ ! -z "$TEST_SSH_SSHD_CONFOPTS" ]; then
184	trace "adding sshd_config option $TEST_SSH_SSHD_CONFOPTS"
185	echo "$TEST_SSH_SSHD_CONFOPTS" >> $OBJ/sshd_config
186fi
187
188# server config for proxy connects
189cp $OBJ/sshd_config $OBJ/sshd_proxy
190
191# allow group-writable directories in proxy-mode
192echo 'StrictModes no' >> $OBJ/sshd_proxy
193
194# create client config
195cat << EOF > $OBJ/ssh_config
196Host *
197	Hostname		127.0.0.1
198	HostKeyAlias		localhost-with-alias
199	Port			$PORT
200	User			$USER
201	GlobalKnownHostsFile	$OBJ/known_hosts
202	UserKnownHostsFile	$OBJ/known_hosts
203	RSAAuthentication	yes
204	PubkeyAuthentication	yes
205	ChallengeResponseAuthentication	no
206	HostbasedAuthentication	no
207	PasswordAuthentication	no
208	RhostsRSAAuthentication	no
209	BatchMode		yes
210	StrictHostKeyChecking	yes
211EOF
212
213if [ ! -z "$TEST_SSH_SSH_CONFOPTS" ]; then
214	trace "adding ssh_config option $TEST_SSH_SSHD_CONFOPTS"
215	echo "$TEST_SSH_SSH_CONFOPTS" >> $OBJ/ssh_config
216fi
217
218rm -f $OBJ/known_hosts $OBJ/authorized_keys_$USER
219
220trace "generate keys"
221for t in rsa rsa1; do
222	# generate user key
223	rm -f $OBJ/$t
224	${SSHKEYGEN} -q -N '' -t $t  -f $OBJ/$t ||\
225		fail "ssh-keygen for $t failed"
226
227	# known hosts file for client
228	(
229		echon 'localhost-with-alias,127.0.0.1,::1 '
230		cat $OBJ/$t.pub
231	) >> $OBJ/known_hosts
232
233	# setup authorized keys
234	cat $OBJ/$t.pub >> $OBJ/authorized_keys_$USER
235	echo IdentityFile $OBJ/$t >> $OBJ/ssh_config
236
237	# use key as host key, too
238	$SUDO cp $OBJ/$t $OBJ/host.$t
239	echo HostKey $OBJ/host.$t >> $OBJ/sshd_config
240
241	# don't use SUDO for proxy connect
242	echo HostKey $OBJ/$t >> $OBJ/sshd_proxy
243done
244chmod 644 $OBJ/authorized_keys_$USER
245
246# create a proxy version of the client config
247(
248	cat $OBJ/ssh_config
249	echo proxycommand ${SUDO} ${SSHD} -i -f $OBJ/sshd_proxy
250) > $OBJ/ssh_proxy
251
252# check proxy config
253${SSHD} -t -f $OBJ/sshd_proxy	|| fatal "sshd_proxy broken"
254
255start_sshd ()
256{
257	# start sshd
258	$SUDO ${SSHD} -f $OBJ/sshd_config -t	|| fatal "sshd_config broken"
259	$SUDO ${SSHD} -f $OBJ/sshd_config
260
261	trace "wait for sshd"
262	i=0;
263	while [ ! -f $PIDFILE -a $i -lt 10 ]; do
264		i=`expr $i + 1`
265		sleep $i
266	done
267
268	test -f $PIDFILE || fatal "no sshd running on port $PORT"
269}
270
271# source test body
272. $SCRIPT
273
274# kill sshd
275cleanup
276if [ $RESULT -eq 0 ]; then
277	verbose ok $tid
278else
279	echo failed $tid
280fi
281exit $RESULT
282