xref: /openbsd-src/regress/usr.bin/ssh/forwarding.sh (revision f2da64fbbbf1b03f09f390ab01267c93dfd77c4c) 
1#	$OpenBSD: forwarding.sh,v 1.16 2016/04/14 23:57:17 djm Exp $
2#	Placed in the Public Domain.
3
4tid="local and remote forwarding"
5
6start_sshd
7
8base=33
9last=$PORT
10fwd=""
11CTL=$OBJ/ctl-sock
12rm -f $CTL
13
14for j in 0 1 2; do
15	for i in 0 1 2; do
16		a=$base$j$i
17		b=`expr $a + 50`
18		c=$last
19		# fwd chain: $a -> $b -> $c
20		fwd="$fwd -L$a:127.0.0.1:$b -R$b:127.0.0.1:$c"
21		last=$a
22	done
23done
24for p in ${SSH_PROTOCOLS}; do
25	q=`expr 3 - $p`
26	if ! ssh_version $q; then
27		q=$p
28	fi
29	trace "start forwarding, fork to background"
30	${SSH} -$p -F $OBJ/ssh_config -f $fwd somehost sleep 10
31
32	trace "transfer over forwarded channels and check result"
33	${SSH} -$q -F $OBJ/ssh_config -p$last -o 'ConnectionAttempts=4' \
34		somehost cat ${DATA} > ${COPY}
35	test -s ${COPY}		|| fail "failed copy of ${DATA}"
36	cmp ${DATA} ${COPY}	|| fail "corrupted copy of ${DATA}"
37
38	sleep 10
39done
40
41for p in ${SSH_PROTOCOLS}; do
42for d in L R; do
43	trace "exit on -$d forward failure, proto $p"
44
45	# this one should succeed
46	${SSH} -$p -F $OBJ/ssh_config \
47	    -$d ${base}01:127.0.0.1:$PORT \
48	    -$d ${base}02:127.0.0.1:$PORT \
49	    -$d ${base}03:127.0.0.1:$PORT \
50	    -$d ${base}04:127.0.0.1:$PORT \
51	    -oExitOnForwardFailure=yes somehost true
52	if [ $? != 0 ]; then
53		fail "connection failed, should not"
54	else
55		# this one should fail
56		${SSH} -q -$p -F $OBJ/ssh_config \
57		    -$d ${base}01:127.0.0.1:$PORT \
58		    -$d ${base}02:127.0.0.1:$PORT \
59		    -$d ${base}03:127.0.0.1:$PORT \
60		    -$d ${base}01:localhost:$PORT \
61		    -$d ${base}04:127.0.0.1:$PORT \
62		    -oExitOnForwardFailure=yes somehost true
63		r=$?
64		if [ $r != 255 ]; then
65			fail "connection not termintated, but should ($r)"
66		fi
67	fi
68done
69done
70
71for p in ${SSH_PROTOCOLS}; do
72	trace "simple clear forwarding proto $p"
73	${SSH} -$p -F $OBJ/ssh_config -oClearAllForwardings=yes somehost true
74
75	trace "clear local forward proto $p"
76	${SSH} -$p -f -F $OBJ/ssh_config -L ${base}01:127.0.0.1:$PORT \
77	    -oClearAllForwardings=yes somehost sleep 10
78	if [ $? != 0 ]; then
79		fail "connection failed with cleared local forwarding"
80	else
81		# this one should fail
82		${SSH} -$p -F $OBJ/ssh_config -p ${base}01 true \
83		     >>$TEST_REGRESS_LOGFILE 2>&1 && \
84			fail "local forwarding not cleared"
85	fi
86	sleep 10
87
88	trace "clear remote forward proto $p"
89	${SSH} -$p -f -F $OBJ/ssh_config -R ${base}01:127.0.0.1:$PORT \
90	    -oClearAllForwardings=yes somehost sleep 10
91	if [ $? != 0 ]; then
92		fail "connection failed with cleared remote forwarding"
93	else
94		# this one should fail
95		${SSH} -$p -F $OBJ/ssh_config -p ${base}01 true \
96		     >>$TEST_REGRESS_LOGFILE 2>&1 && \
97			fail "remote forwarding not cleared"
98	fi
99	sleep 10
100done
101
102for p in 2; do
103	trace "stdio forwarding proto $p"
104	cmd="${SSH} -$p -F $OBJ/ssh_config"
105	$cmd -o "ProxyCommand $cmd -q -W localhost:$PORT somehost" \
106		somehost true
107	if [ $? != 0 ]; then
108		fail "stdio forwarding proto $p"
109	fi
110done
111
112echo "LocalForward ${base}01 127.0.0.1:$PORT" >> $OBJ/ssh_config
113echo "RemoteForward ${base}02 127.0.0.1:${base}01" >> $OBJ/ssh_config
114for p in ${SSH_PROTOCOLS}; do
115	trace "config file: start forwarding, fork to background"
116	${SSH} -S $CTL -M -$p -F $OBJ/ssh_config -f somehost sleep 10
117
118	trace "config file: transfer over forwarded channels and check result"
119	${SSH} -F $OBJ/ssh_config -p${base}02 -o 'ConnectionAttempts=4' \
120		somehost cat ${DATA} > ${COPY}
121	test -s ${COPY}		|| fail "failed copy of ${DATA}"
122	cmp ${DATA} ${COPY}	|| fail "corrupted copy of ${DATA}"
123
124	${SSH} -S $CTL -O exit somehost
125done
126
127for p in 2; do
128	trace "transfer over chained unix domain socket forwards and check result"
129	rm -f $OBJ/unix-[123].fwd
130	${SSH} -f -F $OBJ/ssh_config -R${base}01:[$OBJ/unix-1.fwd] somehost sleep 10
131	${SSH} -f -F $OBJ/ssh_config -L[$OBJ/unix-1.fwd]:[$OBJ/unix-2.fwd] somehost sleep 10
132	${SSH} -f -F $OBJ/ssh_config -R[$OBJ/unix-2.fwd]:[$OBJ/unix-3.fwd] somehost sleep 10
133	${SSH} -f -F $OBJ/ssh_config -L[$OBJ/unix-3.fwd]:127.0.0.1:$PORT somehost sleep 10
134	${SSH} -F $OBJ/ssh_config -p${base}01 -o 'ConnectionAttempts=4' \
135		somehost cat ${DATA} > ${COPY}
136	test -s ${COPY}			|| fail "failed copy ${DATA}"
137	cmp ${DATA} ${COPY}		|| fail "corrupted copy of ${DATA}"
138
139	#wait
140	sleep 10
141done
142