crypto/openssh/regress/test-exec.sh

   1 #       $OpenBSD: test-exec.sh,v 1.64 2018/08/10 01:35:49 dtucker Exp $
   2 #       Placed in the Public Domain.
   3
   4 #SUDO=sudo
   5
   6 # Unbreak GNU head(1)
   7 _POSIX2_VERSION=199209
   8 export _POSIX2_VERSION
   9
  10 case `uname -s 2>/dev/null` in
  11 OSF1*)
  12         BIN_SH=xpg4
  13         export BIN_SH
  14         ;;
  15 CYGWIN_NT-5.0)
  16         os=cygwin
  17         TEST_SSH_IPV6=no
  18         ;;
  19 CYGWIN*)
  20         os=cygwin
  21         ;;
  22 esac
  23
  24 if [ ! -z "$TEST_SSH_PORT" ]; then
  25         PORT="$TEST_SSH_PORT"
  26 else
  27         PORT=4242
  28 fi
  29
  30 if [ -x /usr/ucb/whoami ]; then
  31         USER=`/usr/ucb/whoami`
  32 elif whoami >/dev/null 2>&1; then
  33         USER=`whoami`
  34 elif logname >/dev/null 2>&1; then
  35         USER=`logname`
  36 else
  37         USER=`id -un`
  38 fi
  39
  40 OBJ=$1
  41 if [ "x$OBJ" = "x" ]; then
  42         echo '$OBJ not defined'
  43         exit 2
  44 fi
  45 if [ ! -d $OBJ ]; then
  46         echo "not a directory: $OBJ"
  47         exit 2
  48 fi
  49 SCRIPT=$2
  50 if [ "x$SCRIPT" = "x" ]; then
  51         echo '$SCRIPT not defined'
  52         exit 2
  53 fi
  54 if [ ! -f $SCRIPT ]; then
  55         echo "not a file: $SCRIPT"
  56         exit 2
  57 fi
  58 if $TEST_SHELL -n $SCRIPT; then
  59         true
  60 else
  61         echo "syntax error in $SCRIPT"
  62         exit 2
  63 fi
  64 unset SSH_AUTH_SOCK
  65
  66 SRC=`dirname ${SCRIPT}`
  67
  68 # defaults
  69 SSH=ssh
  70 SSHD=sshd
  71 SSHAGENT=ssh-agent
  72 SSHADD=ssh-add
  73 SSHKEYGEN=ssh-keygen
  74 SSHKEYSCAN=ssh-keyscan
  75 SFTP=sftp
  76 SFTPSERVER=/usr/libexec/openssh/sftp-server
  77 SCP=scp
  78
  79 # Set by make_tmpdir() on demand (below).
  80 SSH_REGRESS_TMP=
  81
  82 # Interop testing
  83 PLINK=plink
  84 PUTTYGEN=puttygen
  85 CONCH=conch
  86
  87 if [ "x$TEST_SSH_SSH" != "x" ]; then
  88         SSH="${TEST_SSH_SSH}"
  89 fi
  90 if [ "x$TEST_SSH_SSHD" != "x" ]; then
  91         SSHD="${TEST_SSH_SSHD}"
  92 fi
  93 if [ "x$TEST_SSH_SSHAGENT" != "x" ]; then
  94         SSHAGENT="${TEST_SSH_SSHAGENT}"
  95 fi
  96 if [ "x$TEST_SSH_SSHADD" != "x" ]; then
  97         SSHADD="${TEST_SSH_SSHADD}"
  98 fi
  99 if [ "x$TEST_SSH_SSHKEYGEN" != "x" ]; then
 100         SSHKEYGEN="${TEST_SSH_SSHKEYGEN}"
 101 fi
 102 if [ "x$TEST_SSH_SSHKEYSCAN" != "x" ]; then
 103         SSHKEYSCAN="${TEST_SSH_SSHKEYSCAN}"
 104 fi
 105 if [ "x$TEST_SSH_SFTP" != "x" ]; then
 106         SFTP="${TEST_SSH_SFTP}"
 107 fi
 108 if [ "x$TEST_SSH_SFTPSERVER" != "x" ]; then
 109         SFTPSERVER="${TEST_SSH_SFTPSERVER}"
 110 fi
 111 if [ "x$TEST_SSH_SCP" != "x" ]; then
 112         SCP="${TEST_SSH_SCP}"
 113 fi
 114 if [ "x$TEST_SSH_PLINK" != "x" ]; then
 115         # Find real binary, if it exists
 116         case "${TEST_SSH_PLINK}" in
 117         /*) PLINK="${TEST_SSH_PLINK}" ;;
 118         *) PLINK=`which ${TEST_SSH_PLINK} 2>/dev/null` ;;
 119         esac
 120 fi
 121 if [ "x$TEST_SSH_PUTTYGEN" != "x" ]; then
 122         # Find real binary, if it exists
 123         case "${TEST_SSH_PUTTYGEN}" in
 124         /*) PUTTYGEN="${TEST_SSH_PUTTYGEN}" ;;
 125         *) PUTTYGEN=`which ${TEST_SSH_PUTTYGEN} 2>/dev/null` ;;
 126         esac
 127 fi
 128 if [ "x$TEST_SSH_CONCH" != "x" ]; then
 129         # Find real binary, if it exists
 130         case "${TEST_SSH_CONCH}" in
 131         /*) CONCH="${TEST_SSH_CONCH}" ;;
 132         *) CONCH=`which ${TEST_SSH_CONCH} 2>/dev/null` ;;
 133         esac
 134 fi
 135
 136 # Path to sshd must be absolute for rexec
 137 case "$SSHD" in
 138 /*) ;;
 139 *) SSHD=`which $SSHD` ;;
 140 esac
 141
 142 case "$SSHAGENT" in
 143 /*) ;;
 144 *) SSHAGENT=`which $SSHAGENT` ;;
 145 esac
 146
 147 # Record the actual binaries used.
 148 SSH_BIN=${SSH}
 149 SSHD_BIN=${SSHD}
 150 SSHAGENT_BIN=${SSHAGENT}
 151 SSHADD_BIN=${SSHADD}
 152 SSHKEYGEN_BIN=${SSHKEYGEN}
 153 SSHKEYSCAN_BIN=${SSHKEYSCAN}
 154 SFTP_BIN=${SFTP}
 155 SFTPSERVER_BIN=${SFTPSERVER}
 156 SCP_BIN=${SCP}
 157
 158 if [ "x$USE_VALGRIND" != "x" ]; then
 159         mkdir -p $OBJ/valgrind-out
 160         VG_TEST=`basename $SCRIPT .sh`
 161
 162         # Some tests are difficult to fix.
 163         case "$VG_TEST" in
 164         connect-privsep|reexec)
 165                 VG_SKIP=1 ;;
 166         esac
 167
 168         if [ x"$VG_SKIP" = "x" ]; then
 169                 VG_LEAK="--leak-check=no"
 170                 if [ x"$VALGRIND_CHECK_LEAKS" != "x" ]; then
 171                         VG_LEAK="--leak-check=full"
 172                 fi
 173                 VG_IGNORE="/bin/*,/sbin/*,/usr/*,/var/*"
 174                 VG_LOG="$OBJ/valgrind-out/${VG_TEST}."
 175                 VG_OPTS="--track-origins=yes $VG_LEAK"
 176                 VG_OPTS="$VG_OPTS --trace-children=yes"
 177                 VG_OPTS="$VG_OPTS --trace-children-skip=${VG_IGNORE}"
 178                 VG_PATH="valgrind"
 179                 if [ "x$VALGRIND_PATH" != "x" ]; then
 180                         VG_PATH="$VALGRIND_PATH"
 181                 fi
 182                 VG="$VG_PATH $VG_OPTS"
 183                 SSH="$VG --log-file=${VG_LOG}ssh.%p $SSH"
 184                 SSHD="$VG --log-file=${VG_LOG}sshd.%p $SSHD"
 185                 SSHAGENT="$VG --log-file=${VG_LOG}ssh-agent.%p $SSHAGENT"
 186                 SSHADD="$VG --log-file=${VG_LOG}ssh-add.%p $SSHADD"
 187                 SSHKEYGEN="$VG --log-file=${VG_LOG}ssh-keygen.%p $SSHKEYGEN"
 188                 SSHKEYSCAN="$VG --log-file=${VG_LOG}ssh-keyscan.%p $SSHKEYSCAN"
 189                 SFTP="$VG --log-file=${VG_LOG}sftp.%p ${SFTP}"
 190                 SCP="$VG --log-file=${VG_LOG}scp.%p $SCP"
 191                 cat > $OBJ/valgrind-sftp-server.sh << EOF
 192 #!/bin/sh
 193 exec $VG --log-file=${VG_LOG}sftp-server.%p $SFTPSERVER "\$@"
 194 EOF
 195                 chmod a+rx $OBJ/valgrind-sftp-server.sh
 196                 SFTPSERVER="$OBJ/valgrind-sftp-server.sh"
 197         fi
 198 fi
 199
 200 # Logfiles.
 201 # SSH_LOGFILE should be the debug output of ssh(1) only
 202 # SSHD_LOGFILE should be the debug output of sshd(8) only
 203 # REGRESS_LOGFILE is the output of the test itself stdout and stderr
 204 if [ "x$TEST_SSH_LOGFILE" = "x" ]; then
 205         TEST_SSH_LOGFILE=$OBJ/ssh.log
 206 fi
 207 if [ "x$TEST_SSHD_LOGFILE" = "x" ]; then
 208         TEST_SSHD_LOGFILE=$OBJ/sshd.log
 209 fi
 210 if [ "x$TEST_REGRESS_LOGFILE" = "x" ]; then
 211         TEST_REGRESS_LOGFILE=$OBJ/regress.log
 212 fi
 213
 214 # truncate logfiles
 215 >$TEST_SSH_LOGFILE
 216 >$TEST_SSHD_LOGFILE
 217 >$TEST_REGRESS_LOGFILE
 218
 219 # Create wrapper ssh with logging.  We can't just specify "SSH=ssh -E..."
 220 # because sftp and scp don't handle spaces in arguments.
 221 SSHLOGWRAP=$OBJ/ssh-log-wrapper.sh
 222 echo "#!/bin/sh" > $SSHLOGWRAP
 223 echo "exec ${SSH} -E${TEST_SSH_LOGFILE} "'"$@"' >>$SSHLOGWRAP
 224
 225 chmod a+rx $OBJ/ssh-log-wrapper.sh
 226 REAL_SSH="$SSH"
 227 SSH="$SSHLOGWRAP"
 228
 229 # Some test data.  We make a copy because some tests will overwrite it.
 230 # The tests may assume that $DATA exists and is writable and $COPY does
 231 # not exist.  Tests requiring larger data files can call increase_datafile_size
 232 # [kbytes] to ensure the file is at least that large.
 233 DATANAME=data
 234 DATA=$OBJ/${DATANAME}
 235 cat ${SSHAGENT_BIN} >${DATA}
 236 chmod u+w ${DATA}
 237 COPY=$OBJ/copy
 238 rm -f ${COPY}
 239
 240 increase_datafile_size()
 241 {
 242         while [ `du -k ${DATA} | cut -f1` -lt $1 ]; do
 243                 cat ${SSHAGENT_BIN} >>${DATA}
 244         done
 245 }
 246
 247 # these should be used in tests
 248 export SSH SSHD SSHAGENT SSHADD SSHKEYGEN SSHKEYSCAN SFTP SFTPSERVER SCP
 249 #echo $SSH $SSHD $SSHAGENT $SSHADD $SSHKEYGEN $SSHKEYSCAN $SFTP $SFTPSERVER $SCP
 250
 251 # Portable specific functions
 252 have_prog()
 253 {
 254         saved_IFS="$IFS"
 255         IFS=":"
 256         for i in $PATH
 257         do
 258                 if [ -x $i/$1 ]; then
 259                         IFS="$saved_IFS"
 260                         return 0
 261                 fi
 262         done
 263         IFS="$saved_IFS"
 264         return 1
 265 }
 266
 267 jot() {
 268         awk "BEGIN { for (i = $2; i < $2 + $1; i++) { printf \"%d\n\", i } exit }"
 269 }
 270
 271 # Check whether preprocessor symbols are defined in config.h.
 272 config_defined ()
 273 {
 274         str=$1
 275         while test "x$2" != "x" ; do
 276                 str="$str|$2"
 277                 shift
 278         done
 279         egrep "^#define.*($str)" ${BUILDDIR}/config.h >/dev/null 2>&1
 280 }
 281
 282 md5 () {
 283         if have_prog md5sum; then
 284                 md5sum
 285         elif have_prog openssl; then
 286                 openssl md5
 287         elif have_prog cksum; then
 288                 cksum
 289         elif have_prog sum; then
 290                 sum
 291         else
 292                 wc -c
 293         fi
 294 }
 295 # End of portable specific functions
 296
 297 stop_sshd ()
 298 {
 299         if [ -f $PIDFILE ]; then
 300                 pid=`$SUDO cat $PIDFILE`
 301                 if [ "X$pid" = "X" ]; then
 302                         echo no sshd running
 303                 else
 304                         if [ $pid -lt 2 ]; then
 305                                 echo bad pid for sshd: $pid
 306                         else
 307                                 $SUDO kill $pid
 308                                 trace "wait for sshd to exit"
 309                                 i=0;
 310                                 while [ -f $PIDFILE -a $i -lt 5 ]; do
 311                                         i=`expr $i + 1`
 312                                         sleep $i
 313                                 done
 314                                 if test -f $PIDFILE; then
 315                                         if $SUDO kill -0 $pid; then
 316                                                 echo "sshd didn't exit " \
 317                                                     "port $PORT pid $pid"
 318                                         else
 319                                                 echo "sshd died without cleanup"
 320                                         fi
 321                                         exit 1
 322                                 fi
 323                         fi
 324                 fi
 325         fi
 326 }
 327
 328 make_tmpdir ()
 329 {
 330         SSH_REGRESS_TMP="$($OBJ/mkdtemp openssh-XXXXXXXX)" || \
 331             fatal "failed to create temporary directory"
 332 }
 333
 334 # helper
 335 cleanup ()
 336 {
 337         if [ "x$SSH_PID" != "x" ]; then
 338                 if [ $SSH_PID -lt 2 ]; then
 339                         echo bad pid for ssh: $SSH_PID
 340                 else
 341                         kill $SSH_PID
 342                 fi
 343         fi
 344         if [ "x$SSH_REGRESS_TMP" != "x" ]; then
 345                 rm -rf "$SSH_REGRESS_TMP"
 346         fi
 347         stop_sshd
 348 }
 349
 350 start_debug_log ()
 351 {
 352         echo "trace: $@" >$TEST_REGRESS_LOGFILE
 353         echo "trace: $@" >$TEST_SSH_LOGFILE
 354         echo "trace: $@" >$TEST_SSHD_LOGFILE
 355 }
 356
 357 save_debug_log ()
 358 {
 359         echo $@ >>$TEST_REGRESS_LOGFILE
 360         echo $@ >>$TEST_SSH_LOGFILE
 361         echo $@ >>$TEST_SSHD_LOGFILE
 362         (cat $TEST_REGRESS_LOGFILE; echo) >>$OBJ/failed-regress.log
 363         (cat $TEST_SSH_LOGFILE; echo) >>$OBJ/failed-ssh.log
 364         (cat $TEST_SSHD_LOGFILE; echo) >>$OBJ/failed-sshd.log
 365 }
 366
 367 trace ()
 368 {
 369         start_debug_log $@
 370         if [ "X$TEST_SSH_TRACE" = "Xyes" ]; then
 371                 echo "$@"
 372         fi
 373 }
 374
 375 verbose ()
 376 {
 377         start_debug_log $@
 378         if [ "X$TEST_SSH_QUIET" != "Xyes" ]; then
 379                 echo "$@"
 380         fi
 381 }
 382
 383 warn ()
 384 {
 385         echo "WARNING: $@" >>$TEST_SSH_LOGFILE
 386         echo "WARNING: $@"
 387 }
 388
 389 fail ()
 390 {
 391         save_debug_log "FAIL: $@"
 392         RESULT=1
 393         echo "$@"
 394         if test "x$TEST_SSH_FAIL_FATAL" != "x" ; then
 395                 cleanup
 396                 exit $RESULT
 397         fi
 398 }
 399
 400 fatal ()
 401 {
 402         save_debug_log "FATAL: $@"
 403         printf "FATAL: "
 404         fail "$@"
 405         cleanup
 406         exit $RESULT
 407 }
 408
 409 RESULT=0
 410 PIDFILE=$OBJ/pidfile
 411
 412 trap fatal 3 2
 413
 414 # create server config
 415 cat << EOF > $OBJ/sshd_config
 416         StrictModes             no
 417         Port                    $PORT
 418         AddressFamily           inet
 419         ListenAddress           127.0.0.1
 420         #ListenAddress          ::1
 421         PidFile                 $PIDFILE
 422         AuthorizedKeysFile      $OBJ/authorized_keys_%u
 423         LogLevel                DEBUG3
 424         AcceptEnv               _XXX_TEST_*
 425         AcceptEnv               _XXX_TEST
 426         Subsystem       sftp    $SFTPSERVER
 427 EOF
 428
 429 # This may be necessary if /usr/src and/or /usr/obj are group-writable,
 430 # but if you aren't careful with permissions then the unit tests could
 431 # be abused to locally escalate privileges.
 432 if [ ! -z "$TEST_SSH_UNSAFE_PERMISSIONS" ]; then
 433         echo "StrictModes no" >> $OBJ/sshd_config
 434 fi
 435
 436 if [ ! -z "$TEST_SSH_SSHD_CONFOPTS" ]; then
 437         trace "adding sshd_config option $TEST_SSH_SSHD_CONFOPTS"
 438         echo "$TEST_SSH_SSHD_CONFOPTS" >> $OBJ/sshd_config
 439 fi
 440
 441 # server config for proxy connects
 442 cp $OBJ/sshd_config $OBJ/sshd_proxy
 443
 444 # allow group-writable directories in proxy-mode
 445 echo 'StrictModes no' >> $OBJ/sshd_proxy
 446
 447 # create client config
 448 cat << EOF > $OBJ/ssh_config
 449 Host *
 450         Hostname                127.0.0.1
 451         HostKeyAlias            localhost-with-alias
 452         Port                    $PORT
 453         User                    $USER
 454         GlobalKnownHostsFile    $OBJ/known_hosts
 455         UserKnownHostsFile      $OBJ/known_hosts
 456         PubkeyAuthentication    yes
 457         ChallengeResponseAuthentication no
 458         HostbasedAuthentication no
 459         PasswordAuthentication  no
 460         BatchMode               yes
 461         StrictHostKeyChecking   yes
 462         LogLevel                DEBUG3
 463 EOF
 464
 465 if [ ! -z "$TEST_SSH_SSH_CONFOPTS" ]; then
 466         trace "adding ssh_config option $TEST_SSH_SSH_CONFOPTS"
 467         echo "$TEST_SSH_SSH_CONFOPTS" >> $OBJ/ssh_config
 468 fi
 469
 470 rm -f $OBJ/known_hosts $OBJ/authorized_keys_$USER
 471
 472 SSH_KEYTYPES="rsa ed25519"
 473
 474 trace "generate keys"
 475 for t in ${SSH_KEYTYPES}; do
 476         # generate user key
 477         if [ ! -f $OBJ/$t ] || [ ${SSHKEYGEN_BIN} -nt $OBJ/$t ]; then
 478                 rm -f $OBJ/$t
 479                 ${SSHKEYGEN} -q -N '' -t $t  -f $OBJ/$t ||\
 480                         fail "ssh-keygen for $t failed"
 481         fi
 482
 483         # known hosts file for client
 484         (
 485                 printf 'localhost-with-alias,127.0.0.1,::1 '
 486                 cat $OBJ/$t.pub
 487         ) >> $OBJ/known_hosts
 488
 489         # setup authorized keys
 490         cat $OBJ/$t.pub >> $OBJ/authorized_keys_$USER
 491         echo IdentityFile $OBJ/$t >> $OBJ/ssh_config
 492
 493         # use key as host key, too
 494         $SUDO cp $OBJ/$t $OBJ/host.$t
 495         echo HostKey $OBJ/host.$t >> $OBJ/sshd_config
 496
 497         # don't use SUDO for proxy connect
 498         echo HostKey $OBJ/$t >> $OBJ/sshd_proxy
 499 done
 500 chmod 644 $OBJ/authorized_keys_$USER
 501
 502 # Activate Twisted Conch tests if the binary is present
 503 REGRESS_INTEROP_CONCH=no
 504 if test -x "$CONCH" ; then
 505         REGRESS_INTEROP_CONCH=yes
 506 fi
 507
 508 # If PuTTY is present and we are running a PuTTY test, prepare keys and
 509 # configuration
 510 REGRESS_INTEROP_PUTTY=no
 511 if test -x "$PUTTYGEN" -a -x "$PLINK" ; then
 512         REGRESS_INTEROP_PUTTY=yes
 513 fi
 514 case "$SCRIPT" in
 515 *putty*)        ;;
 516 *)              REGRESS_INTEROP_PUTTY=no ;;
 517 esac
 518
 519 if test "$REGRESS_INTEROP_PUTTY" = "yes" ; then
 520         mkdir -p ${OBJ}/.putty
 521
 522         # Add a PuTTY key to authorized_keys
 523         rm -f ${OBJ}/putty.rsa2
 524         if ! puttygen -t rsa -o ${OBJ}/putty.rsa2 \
 525             --random-device=/dev/urandom \
 526             --new-passphrase /dev/null < /dev/null > /dev/null; then
 527                 echo "Your installed version of PuTTY is too old to support --new-passphrase; trying without (may require manual interaction) ..." >&2
 528                 puttygen -t rsa -o ${OBJ}/putty.rsa2 < /dev/null > /dev/null
 529         fi
 530         puttygen -O public-openssh ${OBJ}/putty.rsa2 \
 531             >> $OBJ/authorized_keys_$USER
 532
 533         # Convert rsa2 host key to PuTTY format
 534         cp $OBJ/rsa $OBJ/rsa_oldfmt
 535         ${SSHKEYGEN} -p -N '' -m PEM -f $OBJ/rsa_oldfmt >/dev/null
 536         ${SRC}/ssh2putty.sh 127.0.0.1 $PORT $OBJ/rsa_oldfmt > \
 537             ${OBJ}/.putty/sshhostkeys
 538         ${SRC}/ssh2putty.sh 127.0.0.1 22 $OBJ/rsa_oldfmt >> \
 539             ${OBJ}/.putty/sshhostkeys
 540         rm -f $OBJ/rsa_oldfmt
 541
 542         # Setup proxied session
 543         mkdir -p ${OBJ}/.putty/sessions
 544         rm -f ${OBJ}/.putty/sessions/localhost_proxy
 545         echo "Protocol=ssh" >> ${OBJ}/.putty/sessions/localhost_proxy
 546         echo "HostName=127.0.0.1" >> ${OBJ}/.putty/sessions/localhost_proxy
 547         echo "PortNumber=$PORT" >> ${OBJ}/.putty/sessions/localhost_proxy
 548         echo "ProxyMethod=5" >> ${OBJ}/.putty/sessions/localhost_proxy
 549         echo "ProxyTelnetCommand=sh ${SRC}/sshd-log-wrapper.sh ${TEST_SSHD_LOGFILE} ${SSHD} -i -f $OBJ/sshd_proxy" >> ${OBJ}/.putty/sessions/localhost_proxy
 550         echo "ProxyLocalhost=1" >> ${OBJ}/.putty/sessions/localhost_proxy
 551
 552         PUTTYDIR=${OBJ}/.putty
 553         export PUTTYDIR
 554
 555         REGRESS_INTEROP_PUTTY=yes
 556 fi
 557
 558 # create a proxy version of the client config
 559 (
 560         cat $OBJ/ssh_config
 561         echo proxycommand ${SUDO} sh ${SRC}/sshd-log-wrapper.sh ${TEST_SSHD_LOGFILE} ${SSHD} -i -f $OBJ/sshd_proxy
 562 ) > $OBJ/ssh_proxy
 563
 564 # check proxy config
 565 ${SSHD} -t -f $OBJ/sshd_proxy   || fatal "sshd_proxy broken"
 566
 567 start_sshd ()
 568 {
 569         # start sshd
 570         $SUDO ${SSHD} -f $OBJ/sshd_config "$@" -t || fatal "sshd_config broken"
 571         $SUDO ${SSHD} -f $OBJ/sshd_config "$@" -E$TEST_SSHD_LOGFILE
 572
 573         trace "wait for sshd"
 574         i=0;
 575         while [ ! -f $PIDFILE -a $i -lt 10 ]; do
 576                 i=`expr $i + 1`
 577                 sleep $i
 578         done
 579
 580         test -f $PIDFILE || fatal "no sshd running on port $PORT"
 581 }
 582
 583 # source test body
 584 . $SCRIPT
 585
 586 # kill sshd
 587 cleanup
 588 if [ $RESULT -eq 0 ]; then
 589         verbose ok $tid
 590 else
 591         echo failed $tid
 592 fi
 593 exit $RESULT