1 # $OpenBSD: sftp-perm.sh,v 1.2 2013/10/17 22:00:18 djm Exp $
2 # Placed in the Public Domain.
6 SERVER_LOG=${OBJ}/sftp-server.log
7 CLIENT_LOG=${OBJ}/sftp.log
8 TEST_SFTP_SERVER=${OBJ}/sftp-server.sh
11 printf "#!/bin/sh\nexec $SFTPSERVER -el debug3 $* 2>$SERVER_LOG\n" \
13 chmod a+x $TEST_SFTP_SERVER
17 echo "$@" | ${SFTP} -D ${TEST_SFTP_SERVER} -vvvb - >$CLIENT_LOG 2>&1
22 rm -f ${COPY} ${COPY}.1
23 test -d ${COPY}.dd && { rmdir ${COPY}.dd || fatal "rmdir ${COPY}.dd"; }
24 test -z "$_prep" && return
25 sh -c "$_prep" || fail "preparation failed: \"$_prep\""
31 test -z "$_check" && return
32 ${TEST_SHELL} -c "$_check" || fail "postcondition check failed: $_title"
39 _expect_success_post="$4"
40 _expect_fail_post="$5"
41 verbose "$tid: read-only $_desc"
42 # Plain (no options, mostly to test that _cmd is good)
43 prepare_files "$_prep"
45 run_client "$_cmd" || fail "plain $_desc failed"
46 postcondition "$_desc no-readonly" "$_expect_success_post"
48 prepare_files "$_prep"
50 run_client "$_cmd" && fail "read-only $_desc succeeded"
51 postcondition "$_desc readonly" "$_expect_fail_post"
59 _expect_success_post="$5"
60 _expect_fail_post="$6"
61 verbose "$tid: explicit $_op"
62 # Plain (no options, mostly to test that _cmd is good)
63 prepare_files "$_prep"
65 run_client "$_cmd" || fail "plain $_op failed"
66 postcondition "$_op no white/blacklists" "$_expect_success_post"
68 prepare_files "$_prep"
69 prepare_server -p $_op,$_whitelist_ops
70 run_client "$_cmd" || fail "whitelisted $_op failed"
71 postcondition "$_op whitelisted" "$_expect_success_post"
73 prepare_files "$_prep"
74 prepare_server -P $_op
75 run_client "$_cmd" && fail "blacklisted $_op succeeded"
76 postcondition "$_op blacklisted" "$_expect_fail_post"
77 # Whitelist with op missing.
78 prepare_files "$_prep"
79 prepare_server -p $_whitelist_ops
80 run_client "$_cmd" && fail "no whitelist $_op succeeded"
81 postcondition "$_op not in whitelist" "$_expect_fail_post"
94 "touch $COPY; chmod 0400 $COPY" \
109 "test -d ${COPY}.dd" \
110 "test ! -d ${COPY}.dd"
116 "test ! -d ${COPY}.dd" \
121 "rename $COPY ${COPY}.1" \
123 "test -f ${COPY}.1 -a ! -f $COPY" \
124 "test -f $COPY -a ! -f ${COPY}.1"
128 "rename -l $COPY ${COPY}.1" \
130 "test -f ${COPY}.1 -a ! -f $COPY" \
131 "test -f $COPY -a ! -f ${COPY}.1"
135 "ln -s $COPY ${COPY}.1" \
137 "test -h ${COPY}.1" \
138 "test ! -h ${COPY}.1"
142 "ln $COPY ${COPY}.1" \
144 "test -f ${COPY}.1" \
145 "test ! -f ${COPY}.1"
147 # Test explicit permissions
151 "realpath,stat,lstat,read,close" \
155 "! cmp $DATA $COPY 2>/dev/null"
159 "realpath,stat,lstat,open,close" \
163 "! cmp $DATA $COPY 2>/dev/null"
167 "realpath,stat,lstat,open,close" \
171 "! cmp $DATA $COPY 2>/dev/null"
175 "realpath,stat,open,read,close" \
179 "! cmp $DATA $COPY 2>/dev/null"
183 "realpath,readdir,stat,lstat" \
188 "realpath,opendir,stat,lstat" \
193 "realpath,stat,lstat" \
195 "touch $COPY; chmod 0400 $COPY" \
201 "realpath,stat,lstat" \
209 "realpath,stat,lstat" \
212 "test -d ${COPY}.dd" \
213 "test ! -d ${COPY}.dd"
217 "realpath,stat,lstat" \
220 "test ! -d ${COPY}.dd" \
225 "realpath,stat,lstat" \
226 "rename $COPY ${COPY}.1" \
228 "test -f ${COPY}.1 -a ! -f $COPY" \
229 "test -f $COPY -a ! -f ${COPY}.1"
233 "realpath,stat,lstat" \
234 "rename -l $COPY ${COPY}.1" \
236 "test -f ${COPY}.1 -a ! -f $COPY" \
237 "test -f $COPY -a ! -f ${COPY}.1"
241 "realpath,stat,lstat" \
242 "ln -s $COPY ${COPY}.1" \
244 "test -h ${COPY}.1" \
245 "test ! -h ${COPY}.1"
249 "realpath,stat,lstat" \
250 "ln $COPY ${COPY}.1" \
252 "test -f ${COPY}.1" \
253 "test ! -f ${COPY}.1"
257 "realpath,stat,lstat" \
260 # XXX need good tests for:
268 rm -rf ${COPY} ${COPY}.1 ${COPY}.dd