1 # $OpenBSD: test-exec.sh,v 1.47 2013/11/09 05:41:34 dtucker Exp $
2 # Placed in the Public Domain.
10 case `uname -s 2>/dev/null` in
24 if [ ! -z "$TEST_SSH_PORT" ]; then
30 if [ -x /usr/ucb/whoami ]; then
31 USER=`/usr/ucb/whoami`
32 elif whoami >/dev/null 2>&1; then
34 elif logname >/dev/null 2>&1; then
41 if [ "x$OBJ" = "x" ]; then
42 echo '$OBJ not defined'
45 if [ ! -d $OBJ ]; then
46 echo "not a directory: $OBJ"
50 if [ "x$SCRIPT" = "x" ]; then
51 echo '$SCRIPT not defined'
54 if [ ! -f $SCRIPT ]; then
55 echo "not a file: $SCRIPT"
58 if $TEST_SHELL -n $SCRIPT; then
61 echo "syntax error in $SCRIPT"
66 SRC=`dirname ${SCRIPT}`
74 SSHKEYSCAN=ssh-keyscan
76 SFTPSERVER=/usr/libexec/openssh/sftp-server
84 if [ "x$TEST_SSH_SSH" != "x" ]; then
87 if [ "x$TEST_SSH_SSHD" != "x" ]; then
88 SSHD="${TEST_SSH_SSHD}"
90 if [ "x$TEST_SSH_SSHAGENT" != "x" ]; then
91 SSHAGENT="${TEST_SSH_SSHAGENT}"
93 if [ "x$TEST_SSH_SSHADD" != "x" ]; then
94 SSHADD="${TEST_SSH_SSHADD}"
96 if [ "x$TEST_SSH_SSHKEYGEN" != "x" ]; then
97 SSHKEYGEN="${TEST_SSH_SSHKEYGEN}"
99 if [ "x$TEST_SSH_SSHKEYSCAN" != "x" ]; then
100 SSHKEYSCAN="${TEST_SSH_SSHKEYSCAN}"
102 if [ "x$TEST_SSH_SFTP" != "x" ]; then
103 SFTP="${TEST_SSH_SFTP}"
105 if [ "x$TEST_SSH_SFTPSERVER" != "x" ]; then
106 SFTPSERVER="${TEST_SSH_SFTPSERVER}"
108 if [ "x$TEST_SSH_SCP" != "x" ]; then
109 SCP="${TEST_SSH_SCP}"
111 if [ "x$TEST_SSH_PLINK" != "x" ]; then
112 # Find real binary, if it exists
113 case "${TEST_SSH_PLINK}" in
114 /*) PLINK="${TEST_SSH_PLINK}" ;;
115 *) PLINK=`which ${TEST_SSH_PLINK} 2>/dev/null` ;;
118 if [ "x$TEST_SSH_PUTTYGEN" != "x" ]; then
119 # Find real binary, if it exists
120 case "${TEST_SSH_PUTTYGEN}" in
121 /*) PUTTYGEN="${TEST_SSH_PUTTYGEN}" ;;
122 *) PUTTYGEN=`which ${TEST_SSH_PUTTYGEN} 2>/dev/null` ;;
125 if [ "x$TEST_SSH_CONCH" != "x" ]; then
126 # Find real binary, if it exists
127 case "${TEST_SSH_CONCH}" in
128 /*) CONCH="${TEST_SSH_CONCH}" ;;
129 *) CONCH=`which ${TEST_SSH_CONCH} 2>/dev/null` ;;
133 # Path to sshd must be absolute for rexec
136 *) SSHD=`which $SSHD` ;;
141 *) SSHAGENT=`which $SSHAGENT` ;;
145 # SSH_LOGFILE should be the debug output of ssh(1) only
146 # SSHD_LOGFILE should be the debug output of sshd(8) only
147 # REGRESS_LOGFILE is the output of the test itself stdout and stderr
148 if [ "x$TEST_SSH_LOGFILE" = "x" ]; then
149 TEST_SSH_LOGFILE=$OBJ/ssh.log
151 if [ "x$TEST_SSHD_LOGFILE" = "x" ]; then
152 TEST_SSHD_LOGFILE=$OBJ/sshd.log
154 if [ "x$TEST_REGRESS_LOGFILE" = "x" ]; then
155 TEST_REGRESS_LOGFILE=$OBJ/regress.log
161 >$TEST_REGRESS_LOGFILE
163 # Create wrapper ssh with logging. We can't just specify "SSH=ssh -E..."
164 # because sftp and scp don't handle spaces in arguments.
165 SSHLOGWRAP=$OBJ/ssh-log-wrapper.sh
166 echo "#!/bin/sh" > $SSHLOGWRAP
167 echo "exec ${SSH} -E${TEST_SSH_LOGFILE} "'"$@"' >>$SSHLOGWRAP
169 chmod a+rx $OBJ/ssh-log-wrapper.sh
172 # Some test data. We make a copy because some tests will overwrite it.
173 # The tests may assume that $DATA exists and is writable and $COPY does
174 # not exist. Tests requiring larger data files can call increase_datafile_size
175 # [kbytes] to ensure the file is at least that large.
177 DATA=$OBJ/${DATANAME}
178 cat ${SSHAGENT} >${DATA}
183 increase_datafile_size()
185 while [ `du -k ${DATA} | cut -f1` -lt $1 ]; do
186 cat ${SSHAGENT} >>${DATA}
190 # these should be used in tests
191 export SSH SSHD SSHAGENT SSHADD SSHKEYGEN SSHKEYSCAN SFTP SFTPSERVER SCP
192 #echo $SSH $SSHD $SSHAGENT $SSHADD $SSHKEYGEN $SSHKEYSCAN $SFTP $SFTPSERVER $SCP
194 # Portable specific functions
201 if [ -x $i/$1 ]; then
211 awk "BEGIN { for (i = $2; i < $2 + $1; i++) { printf \"%d\n\", i } exit }"
214 # Check whether preprocessor symbols are defined in config.h.
218 while test "x$2" != "x" ; do
222 egrep "^#define.*($str)" ${BUILDDIR}/config.h >/dev/null 2>&1
226 if have_prog md5sum; then
228 elif have_prog openssl; then
230 elif have_prog cksum; then
232 elif have_prog sum; then
238 # End of portable specific functions
243 if [ -f $PIDFILE ]; then
244 pid=`$SUDO cat $PIDFILE`
245 if [ "X$pid" = "X" ]; then
248 if [ $pid -lt 2 ]; then
249 echo bad pid for ssh: $pid
252 trace "wait for sshd to exit"
254 while [ -f $PIDFILE -a $i -lt 5 ]; do
258 test -f $PIDFILE && \
259 fatal "sshd didn't exit port $PORT pid $pid"
267 echo "trace: $@" >$TEST_REGRESS_LOGFILE
268 echo "trace: $@" >$TEST_SSH_LOGFILE
269 echo "trace: $@" >$TEST_SSHD_LOGFILE
274 echo $@ >>$TEST_REGRESS_LOGFILE
275 echo $@ >>$TEST_SSH_LOGFILE
276 echo $@ >>$TEST_SSHD_LOGFILE
277 (cat $TEST_REGRESS_LOGFILE; echo) >>$OBJ/failed-regress.log
278 (cat $TEST_SSH_LOGFILE; echo) >>$OBJ/failed-ssh.log
279 (cat $TEST_SSHD_LOGFILE; echo) >>$OBJ/failed-sshd.log
285 if [ "X$TEST_SSH_TRACE" = "Xyes" ]; then
293 if [ "X$TEST_SSH_QUIET" != "Xyes" ]; then
300 echo "WARNING: $@" >>$TEST_SSH_LOGFILE
306 save_debug_log "FAIL: $@"
314 save_debug_log "FATAL: $@"
326 # create server config
327 cat << EOF > $OBJ/sshd_config
332 ListenAddress 127.0.0.1
335 AuthorizedKeysFile $OBJ/authorized_keys_%u
337 AcceptEnv _XXX_TEST_*
339 Subsystem sftp $SFTPSERVER
342 if [ ! -z "$TEST_SSH_SSHD_CONFOPTS" ]; then
343 trace "adding sshd_config option $TEST_SSH_SSHD_CONFOPTS"
344 echo "$TEST_SSH_SSHD_CONFOPTS" >> $OBJ/sshd_config
347 # server config for proxy connects
348 cp $OBJ/sshd_config $OBJ/sshd_proxy
350 # allow group-writable directories in proxy-mode
351 echo 'StrictModes no' >> $OBJ/sshd_proxy
353 # create client config
354 cat << EOF > $OBJ/ssh_config
358 HostKeyAlias localhost-with-alias
361 GlobalKnownHostsFile $OBJ/known_hosts
362 UserKnownHostsFile $OBJ/known_hosts
363 RSAAuthentication yes
364 PubkeyAuthentication yes
365 ChallengeResponseAuthentication no
366 HostbasedAuthentication no
367 PasswordAuthentication no
368 RhostsRSAAuthentication no
370 StrictHostKeyChecking yes
374 if [ ! -z "$TEST_SSH_SSH_CONFOPTS" ]; then
375 trace "adding ssh_config option $TEST_SSH_SSHD_CONFOPTS"
376 echo "$TEST_SSH_SSH_CONFOPTS" >> $OBJ/ssh_config
379 rm -f $OBJ/known_hosts $OBJ/authorized_keys_$USER
381 trace "generate keys"
382 for t in rsa rsa1; do
384 if [ ! -f $OBJ/$t ] || [ ${SSHKEYGEN} -nt $OBJ/$t ]; then
386 ${SSHKEYGEN} -q -N '' -t $t -f $OBJ/$t ||\
387 fail "ssh-keygen for $t failed"
390 # known hosts file for client
392 printf 'localhost-with-alias,127.0.0.1,::1 '
394 ) >> $OBJ/known_hosts
396 # setup authorized keys
397 cat $OBJ/$t.pub >> $OBJ/authorized_keys_$USER
398 echo IdentityFile $OBJ/$t >> $OBJ/ssh_config
400 # use key as host key, too
401 $SUDO cp $OBJ/$t $OBJ/host.$t
402 echo HostKey $OBJ/host.$t >> $OBJ/sshd_config
404 # don't use SUDO for proxy connect
405 echo HostKey $OBJ/$t >> $OBJ/sshd_proxy
407 chmod 644 $OBJ/authorized_keys_$USER
409 # Activate Twisted Conch tests if the binary is present
410 REGRESS_INTEROP_CONCH=no
411 if test -x "$CONCH" ; then
412 REGRESS_INTEROP_CONCH=yes
415 # If PuTTY is present and we are running a PuTTY test, prepare keys and
417 REGRESS_INTEROP_PUTTY=no
418 if test -x "$PUTTYGEN" -a -x "$PLINK" ; then
419 REGRESS_INTEROP_PUTTY=yes
423 *) REGRESS_INTEROP_PUTTY=no ;;
426 if test "$REGRESS_INTEROP_PUTTY" = "yes" ; then
427 mkdir -p ${OBJ}/.putty
429 # Add a PuTTY key to authorized_keys
430 rm -f ${OBJ}/putty.rsa2
431 puttygen -t rsa -o ${OBJ}/putty.rsa2 < /dev/null > /dev/null
432 puttygen -O public-openssh ${OBJ}/putty.rsa2 \
433 >> $OBJ/authorized_keys_$USER
435 # Convert rsa2 host key to PuTTY format
436 ${SRC}/ssh2putty.sh 127.0.0.1 $PORT $OBJ/rsa > \
437 ${OBJ}/.putty/sshhostkeys
438 ${SRC}/ssh2putty.sh 127.0.0.1 22 $OBJ/rsa >> \
439 ${OBJ}/.putty/sshhostkeys
441 # Setup proxied session
442 mkdir -p ${OBJ}/.putty/sessions
443 rm -f ${OBJ}/.putty/sessions/localhost_proxy
444 echo "Hostname=127.0.0.1" >> ${OBJ}/.putty/sessions/localhost_proxy
445 echo "PortNumber=$PORT" >> ${OBJ}/.putty/sessions/localhost_proxy
446 echo "ProxyMethod=5" >> ${OBJ}/.putty/sessions/localhost_proxy
447 echo "ProxyTelnetCommand=sh ${SRC}/sshd-log-wrapper.sh ${SSHD} ${TEST_SSHD_LOGFILE} -i -f $OBJ/sshd_proxy" >> ${OBJ}/.putty/sessions/localhost_proxy
449 REGRESS_INTEROP_PUTTY=yes
452 # create a proxy version of the client config
455 echo proxycommand ${SUDO} sh ${SRC}/sshd-log-wrapper.sh ${SSHD} ${TEST_SSHD_LOGFILE} -i -f $OBJ/sshd_proxy
459 ${SSHD} -t -f $OBJ/sshd_proxy || fatal "sshd_proxy broken"
464 $SUDO ${SSHD} -f $OBJ/sshd_config "$@" -t || fatal "sshd_config broken"
465 $SUDO ${SSHD} -f $OBJ/sshd_config "$@" -E$TEST_SSHD_LOGFILE
467 trace "wait for sshd"
469 while [ ! -f $PIDFILE -a $i -lt 10 ]; do
474 test -f $PIDFILE || fatal "no sshd running on port $PORT"
482 if [ $RESULT -eq 0 ]; then