crypto/openssh/regress/test-exec.sh

   1 #       $OpenBSD: test-exec.sh,v 1.47 2013/11/09 05:41:34 dtucker Exp $
   2 #       Placed in the Public Domain.
   3
   4 #SUDO=sudo
   5
   6 # Unbreak GNU head(1)
   7 _POSIX2_VERSION=199209
   8 export _POSIX2_VERSION
   9
  10 case `uname -s 2>/dev/null` in
  11 OSF1*)
  12         BIN_SH=xpg4
  13         export BIN_SH
  14         ;;
  15 CYGWIN_NT-5.0)
  16         os=cygwin
  17         TEST_SSH_IPV6=no
  18         ;;
  19 CYGWIN*)
  20         os=cygwin
  21         ;;
  22 esac
  23
  24 if [ ! -z "$TEST_SSH_PORT" ]; then
  25         PORT="$TEST_SSH_PORT"
  26 else
  27         PORT=4242
  28 fi
  29
  30 if [ -x /usr/ucb/whoami ]; then
  31         USER=`/usr/ucb/whoami`
  32 elif whoami >/dev/null 2>&1; then
  33         USER=`whoami`
  34 elif logname >/dev/null 2>&1; then
  35         USER=`logname`
  36 else
  37         USER=`id -un`
  38 fi
  39
  40 OBJ=$1
  41 if [ "x$OBJ" = "x" ]; then
  42         echo '$OBJ not defined'
  43         exit 2
  44 fi
  45 if [ ! -d $OBJ ]; then
  46         echo "not a directory: $OBJ"
  47         exit 2
  48 fi
  49 SCRIPT=$2
  50 if [ "x$SCRIPT" = "x" ]; then
  51         echo '$SCRIPT not defined'
  52         exit 2
  53 fi
  54 if [ ! -f $SCRIPT ]; then
  55         echo "not a file: $SCRIPT"
  56         exit 2
  57 fi
  58 if $TEST_SHELL -n $SCRIPT; then
  59         true
  60 else
  61         echo "syntax error in $SCRIPT"
  62         exit 2
  63 fi
  64 unset SSH_AUTH_SOCK
  65
  66 SRC=`dirname ${SCRIPT}`
  67
  68 # defaults
  69 SSH=ssh
  70 SSHD=sshd
  71 SSHAGENT=ssh-agent
  72 SSHADD=ssh-add
  73 SSHKEYGEN=ssh-keygen
  74 SSHKEYSCAN=ssh-keyscan
  75 SFTP=sftp
  76 SFTPSERVER=/usr/libexec/openssh/sftp-server
  77 SCP=scp
  78
  79 # Interop testing
  80 PLINK=plink
  81 PUTTYGEN=puttygen
  82 CONCH=conch
  83
  84 if [ "x$TEST_SSH_SSH" != "x" ]; then
  85         SSH="${TEST_SSH_SSH}"
  86 fi
  87 if [ "x$TEST_SSH_SSHD" != "x" ]; then
  88         SSHD="${TEST_SSH_SSHD}"
  89 fi
  90 if [ "x$TEST_SSH_SSHAGENT" != "x" ]; then
  91         SSHAGENT="${TEST_SSH_SSHAGENT}"
  92 fi
  93 if [ "x$TEST_SSH_SSHADD" != "x" ]; then
  94         SSHADD="${TEST_SSH_SSHADD}"
  95 fi
  96 if [ "x$TEST_SSH_SSHKEYGEN" != "x" ]; then
  97         SSHKEYGEN="${TEST_SSH_SSHKEYGEN}"
  98 fi
  99 if [ "x$TEST_SSH_SSHKEYSCAN" != "x" ]; then
 100         SSHKEYSCAN="${TEST_SSH_SSHKEYSCAN}"
 101 fi
 102 if [ "x$TEST_SSH_SFTP" != "x" ]; then
 103         SFTP="${TEST_SSH_SFTP}"
 104 fi
 105 if [ "x$TEST_SSH_SFTPSERVER" != "x" ]; then
 106         SFTPSERVER="${TEST_SSH_SFTPSERVER}"
 107 fi
 108 if [ "x$TEST_SSH_SCP" != "x" ]; then
 109         SCP="${TEST_SSH_SCP}"
 110 fi
 111 if [ "x$TEST_SSH_PLINK" != "x" ]; then
 112         # Find real binary, if it exists
 113         case "${TEST_SSH_PLINK}" in
 114         /*) PLINK="${TEST_SSH_PLINK}" ;;
 115         *) PLINK=`which ${TEST_SSH_PLINK} 2>/dev/null` ;;
 116         esac
 117 fi
 118 if [ "x$TEST_SSH_PUTTYGEN" != "x" ]; then
 119         # Find real binary, if it exists
 120         case "${TEST_SSH_PUTTYGEN}" in
 121         /*) PUTTYGEN="${TEST_SSH_PUTTYGEN}" ;;
 122         *) PUTTYGEN=`which ${TEST_SSH_PUTTYGEN} 2>/dev/null` ;;
 123         esac
 124 fi
 125 if [ "x$TEST_SSH_CONCH" != "x" ]; then
 126         # Find real binary, if it exists
 127         case "${TEST_SSH_CONCH}" in
 128         /*) CONCH="${TEST_SSH_CONCH}" ;;
 129         *) CONCH=`which ${TEST_SSH_CONCH} 2>/dev/null` ;;
 130         esac
 131 fi
 132
 133 # Path to sshd must be absolute for rexec
 134 case "$SSHD" in
 135 /*) ;;
 136 *) SSHD=`which $SSHD` ;;
 137 esac
 138
 139 case "$SSHAGENT" in
 140 /*) ;;
 141 *) SSHAGENT=`which $SSHAGENT` ;;
 142 esac
 143
 144 # Logfiles.
 145 # SSH_LOGFILE should be the debug output of ssh(1) only
 146 # SSHD_LOGFILE should be the debug output of sshd(8) only
 147 # REGRESS_LOGFILE is the output of the test itself stdout and stderr
 148 if [ "x$TEST_SSH_LOGFILE" = "x" ]; then
 149         TEST_SSH_LOGFILE=$OBJ/ssh.log
 150 fi
 151 if [ "x$TEST_SSHD_LOGFILE" = "x" ]; then
 152         TEST_SSHD_LOGFILE=$OBJ/sshd.log
 153 fi
 154 if [ "x$TEST_REGRESS_LOGFILE" = "x" ]; then
 155         TEST_REGRESS_LOGFILE=$OBJ/regress.log
 156 fi
 157
 158 # truncate logfiles
 159 >$TEST_SSH_LOGFILE
 160 >$TEST_SSHD_LOGFILE
 161 >$TEST_REGRESS_LOGFILE
 162
 163 # Create wrapper ssh with logging.  We can't just specify "SSH=ssh -E..."
 164 # because sftp and scp don't handle spaces in arguments.
 165 SSHLOGWRAP=$OBJ/ssh-log-wrapper.sh
 166 echo "#!/bin/sh" > $SSHLOGWRAP
 167 echo "exec ${SSH} -E${TEST_SSH_LOGFILE} "'"$@"' >>$SSHLOGWRAP
 168
 169 chmod a+rx $OBJ/ssh-log-wrapper.sh
 170 SSH="$SSHLOGWRAP"
 171
 172 # Some test data.  We make a copy because some tests will overwrite it.
 173 # The tests may assume that $DATA exists and is writable and $COPY does
 174 # not exist.  Tests requiring larger data files can call increase_datafile_size
 175 # [kbytes] to ensure the file is at least that large.
 176 DATANAME=data
 177 DATA=$OBJ/${DATANAME}
 178 cat ${SSHAGENT} >${DATA}
 179 chmod u+w ${DATA}
 180 COPY=$OBJ/copy
 181 rm -f ${COPY}
 182
 183 increase_datafile_size()
 184 {
 185         while [ `du -k ${DATA} | cut -f1` -lt $1 ]; do
 186                 cat ${SSHAGENT} >>${DATA}
 187         done
 188 }
 189
 190 # these should be used in tests
 191 export SSH SSHD SSHAGENT SSHADD SSHKEYGEN SSHKEYSCAN SFTP SFTPSERVER SCP
 192 #echo $SSH $SSHD $SSHAGENT $SSHADD $SSHKEYGEN $SSHKEYSCAN $SFTP $SFTPSERVER $SCP
 193
 194 # Portable specific functions
 195 have_prog()
 196 {
 197         saved_IFS="$IFS"
 198         IFS=":"
 199         for i in $PATH
 200         do
 201                 if [ -x $i/$1 ]; then
 202                         IFS="$saved_IFS"
 203                         return 0
 204                 fi
 205         done
 206         IFS="$saved_IFS"
 207         return 1
 208 }
 209
 210 jot() {
 211         awk "BEGIN { for (i = $2; i < $2 + $1; i++) { printf \"%d\n\", i } exit }"
 212 }
 213
 214 # Check whether preprocessor symbols are defined in config.h.
 215 config_defined ()
 216 {
 217         str=$1
 218         while test "x$2" != "x" ; do
 219                 str="$str|$2"
 220                 shift
 221         done
 222         egrep "^#define.*($str)" ${BUILDDIR}/config.h >/dev/null 2>&1
 223 }
 224
 225 md5 () {
 226         if have_prog md5sum; then
 227                 md5sum
 228         elif have_prog openssl; then
 229                 openssl md5
 230         elif have_prog cksum; then
 231                 cksum
 232         elif have_prog sum; then
 233                 sum
 234         else
 235                 wc -c
 236         fi
 237 }
 238 # End of portable specific functions
 239
 240 # helper
 241 cleanup ()
 242 {
 243         if [ -f $PIDFILE ]; then
 244                 pid=`$SUDO cat $PIDFILE`
 245                 if [ "X$pid" = "X" ]; then
 246                         echo no sshd running
 247                 else
 248                         if [ $pid -lt 2 ]; then
 249                                 echo bad pid for ssh: $pid
 250                         else
 251                                 $SUDO kill $pid
 252                                 trace "wait for sshd to exit"
 253                                 i=0;
 254                                 while [ -f $PIDFILE -a $i -lt 5 ]; do
 255                                         i=`expr $i + 1`
 256                                         sleep $i
 257                                 done
 258                                 test -f $PIDFILE && \
 259                                     fatal "sshd didn't exit port $PORT pid $pid"
 260                         fi
 261                 fi
 262         fi
 263 }
 264
 265 start_debug_log ()
 266 {
 267         echo "trace: $@" >$TEST_REGRESS_LOGFILE
 268         echo "trace: $@" >$TEST_SSH_LOGFILE
 269         echo "trace: $@" >$TEST_SSHD_LOGFILE
 270 }
 271
 272 save_debug_log ()
 273 {
 274         echo $@ >>$TEST_REGRESS_LOGFILE
 275         echo $@ >>$TEST_SSH_LOGFILE
 276         echo $@ >>$TEST_SSHD_LOGFILE
 277         (cat $TEST_REGRESS_LOGFILE; echo) >>$OBJ/failed-regress.log
 278         (cat $TEST_SSH_LOGFILE; echo) >>$OBJ/failed-ssh.log
 279         (cat $TEST_SSHD_LOGFILE; echo) >>$OBJ/failed-sshd.log
 280 }
 281
 282 trace ()
 283 {
 284         start_debug_log $@
 285         if [ "X$TEST_SSH_TRACE" = "Xyes" ]; then
 286                 echo "$@"
 287         fi
 288 }
 289
 290 verbose ()
 291 {
 292         start_debug_log $@
 293         if [ "X$TEST_SSH_QUIET" != "Xyes" ]; then
 294                 echo "$@"
 295         fi
 296 }
 297
 298 warn ()
 299 {
 300         echo "WARNING: $@" >>$TEST_SSH_LOGFILE
 301         echo "WARNING: $@"
 302 }
 303
 304 fail ()
 305 {
 306         save_debug_log "FAIL: $@"
 307         RESULT=1
 308         echo "$@"
 309
 310 }
 311
 312 fatal ()
 313 {
 314         save_debug_log "FATAL: $@"
 315         printf "FATAL: "
 316         fail "$@"
 317         cleanup
 318         exit $RESULT
 319 }
 320
 321 RESULT=0
 322 PIDFILE=$OBJ/pidfile
 323
 324 trap fatal 3 2
 325
 326 # create server config
 327 cat << EOF > $OBJ/sshd_config
 328         StrictModes             no
 329         Port                    $PORT
 330         Protocol                2,1
 331         AddressFamily           inet
 332         ListenAddress           127.0.0.1
 333         #ListenAddress          ::1
 334         PidFile                 $PIDFILE
 335         AuthorizedKeysFile      $OBJ/authorized_keys_%u
 336         LogLevel                DEBUG3
 337         AcceptEnv               _XXX_TEST_*
 338         AcceptEnv               _XXX_TEST
 339         Subsystem       sftp    $SFTPSERVER
 340 EOF
 341
 342 if [ ! -z "$TEST_SSH_SSHD_CONFOPTS" ]; then
 343         trace "adding sshd_config option $TEST_SSH_SSHD_CONFOPTS"
 344         echo "$TEST_SSH_SSHD_CONFOPTS" >> $OBJ/sshd_config
 345 fi
 346
 347 # server config for proxy connects
 348 cp $OBJ/sshd_config $OBJ/sshd_proxy
 349
 350 # allow group-writable directories in proxy-mode
 351 echo 'StrictModes no' >> $OBJ/sshd_proxy
 352
 353 # create client config
 354 cat << EOF > $OBJ/ssh_config
 355 Host *
 356         Protocol                2,1
 357         Hostname                127.0.0.1
 358         HostKeyAlias            localhost-with-alias
 359         Port                    $PORT
 360         User                    $USER
 361         GlobalKnownHostsFile    $OBJ/known_hosts
 362         UserKnownHostsFile      $OBJ/known_hosts
 363         RSAAuthentication       yes
 364         PubkeyAuthentication    yes
 365         ChallengeResponseAuthentication no
 366         HostbasedAuthentication no
 367         PasswordAuthentication  no
 368         RhostsRSAAuthentication no
 369         BatchMode               yes
 370         StrictHostKeyChecking   yes
 371         LogLevel                DEBUG3
 372 EOF
 373
 374 if [ ! -z "$TEST_SSH_SSH_CONFOPTS" ]; then
 375         trace "adding ssh_config option $TEST_SSH_SSHD_CONFOPTS"
 376         echo "$TEST_SSH_SSH_CONFOPTS" >> $OBJ/ssh_config
 377 fi
 378
 379 rm -f $OBJ/known_hosts $OBJ/authorized_keys_$USER
 380
 381 trace "generate keys"
 382 for t in rsa rsa1; do
 383         # generate user key
 384         if [ ! -f $OBJ/$t ] || [ ${SSHKEYGEN} -nt $OBJ/$t ]; then
 385                 rm -f $OBJ/$t
 386                 ${SSHKEYGEN} -q -N '' -t $t  -f $OBJ/$t ||\
 387                         fail "ssh-keygen for $t failed"
 388         fi
 389
 390         # known hosts file for client
 391         (
 392                 printf 'localhost-with-alias,127.0.0.1,::1 '
 393                 cat $OBJ/$t.pub
 394         ) >> $OBJ/known_hosts
 395
 396         # setup authorized keys
 397         cat $OBJ/$t.pub >> $OBJ/authorized_keys_$USER
 398         echo IdentityFile $OBJ/$t >> $OBJ/ssh_config
 399
 400         # use key as host key, too
 401         $SUDO cp $OBJ/$t $OBJ/host.$t
 402         echo HostKey $OBJ/host.$t >> $OBJ/sshd_config
 403
 404         # don't use SUDO for proxy connect
 405         echo HostKey $OBJ/$t >> $OBJ/sshd_proxy
 406 done
 407 chmod 644 $OBJ/authorized_keys_$USER
 408
 409 # Activate Twisted Conch tests if the binary is present
 410 REGRESS_INTEROP_CONCH=no
 411 if test -x "$CONCH" ; then
 412         REGRESS_INTEROP_CONCH=yes
 413 fi
 414
 415 # If PuTTY is present and we are running a PuTTY test, prepare keys and
 416 # configuration
 417 REGRESS_INTEROP_PUTTY=no
 418 if test -x "$PUTTYGEN" -a -x "$PLINK" ; then
 419         REGRESS_INTEROP_PUTTY=yes
 420 fi
 421 case "$SCRIPT" in
 422 *putty*)        ;;
 423 *)              REGRESS_INTEROP_PUTTY=no ;;
 424 esac
 425
 426 if test "$REGRESS_INTEROP_PUTTY" = "yes" ; then
 427         mkdir -p ${OBJ}/.putty
 428
 429         # Add a PuTTY key to authorized_keys
 430         rm -f ${OBJ}/putty.rsa2
 431         puttygen -t rsa -o ${OBJ}/putty.rsa2 < /dev/null > /dev/null
 432         puttygen -O public-openssh ${OBJ}/putty.rsa2 \
 433             >> $OBJ/authorized_keys_$USER
 434
 435         # Convert rsa2 host key to PuTTY format
 436         ${SRC}/ssh2putty.sh 127.0.0.1 $PORT $OBJ/rsa > \
 437             ${OBJ}/.putty/sshhostkeys
 438         ${SRC}/ssh2putty.sh 127.0.0.1 22 $OBJ/rsa >> \
 439             ${OBJ}/.putty/sshhostkeys
 440
 441         # Setup proxied session
 442         mkdir -p ${OBJ}/.putty/sessions
 443         rm -f ${OBJ}/.putty/sessions/localhost_proxy
 444         echo "Hostname=127.0.0.1" >> ${OBJ}/.putty/sessions/localhost_proxy
 445         echo "PortNumber=$PORT" >> ${OBJ}/.putty/sessions/localhost_proxy
 446         echo "ProxyMethod=5" >> ${OBJ}/.putty/sessions/localhost_proxy
 447         echo "ProxyTelnetCommand=sh ${SRC}/sshd-log-wrapper.sh ${SSHD} ${TEST_SSHD_LOGFILE} -i -f $OBJ/sshd_proxy" >> ${OBJ}/.putty/sessions/localhost_proxy
 448
 449         REGRESS_INTEROP_PUTTY=yes
 450 fi
 451
 452 # create a proxy version of the client config
 453 (
 454         cat $OBJ/ssh_config
 455         echo proxycommand ${SUDO} sh ${SRC}/sshd-log-wrapper.sh ${SSHD} ${TEST_SSHD_LOGFILE} -i -f $OBJ/sshd_proxy
 456 ) > $OBJ/ssh_proxy
 457
 458 # check proxy config
 459 ${SSHD} -t -f $OBJ/sshd_proxy   || fatal "sshd_proxy broken"
 460
 461 start_sshd ()
 462 {
 463         # start sshd
 464         $SUDO ${SSHD} -f $OBJ/sshd_config "$@" -t || fatal "sshd_config broken"
 465         $SUDO ${SSHD} -f $OBJ/sshd_config "$@" -E$TEST_SSHD_LOGFILE
 466
 467         trace "wait for sshd"
 468         i=0;
 469         while [ ! -f $PIDFILE -a $i -lt 10 ]; do
 470                 i=`expr $i + 1`
 471                 sleep $i
 472         done
 473
 474         test -f $PIDFILE || fatal "no sshd running on port $PORT"
 475 }
 476
 477 # source test body
 478 . $SCRIPT
 479
 480 # kill sshd
 481 cleanup
 482 if [ $RESULT -eq 0 ]; then
 483         verbose ok $tid
 484 else
 485         echo failed $tid
 486 fi
 487 exit $RESULT