xref: /openbsd-src/regress/usr.bin/ssh/test-exec.sh (revision 2b0358df1d88d06ef4139321dd05bd5e05d91eaf) 
1#	$OpenBSD: test-exec.sh,v 1.35 2008/06/28 13:57:25 djm Exp $
2#	Placed in the Public Domain.
3
4USER=`id -un`
5#SUDO=sudo
6
7if [ ! -z "$TEST_SSH_PORT" ]; then
8	PORT="$TEST_SSH_PORT"
9else
10	PORT=4242
11fi
12
13OBJ=$1
14if [ "x$OBJ" = "x" ]; then
15	echo '$OBJ not defined'
16	exit 2
17fi
18if [ ! -d $OBJ ]; then
19	echo "not a directory: $OBJ"
20	exit 2
21fi
22SCRIPT=$2
23if [ "x$SCRIPT" = "x" ]; then
24	echo '$SCRIPT not defined'
25	exit 2
26fi
27if [ ! -f $SCRIPT ]; then
28	echo "not a file: $SCRIPT"
29	exit 2
30fi
31if sh -n $SCRIPT; then
32	true
33else
34	echo "syntax error in $SCRIPT"
35	exit 2
36fi
37unset SSH_AUTH_SOCK
38
39SRC=`dirname ${SCRIPT}`
40
41# defaults
42SSH=ssh
43SSHD=sshd
44SSHAGENT=ssh-agent
45SSHADD=ssh-add
46SSHKEYGEN=ssh-keygen
47SSHKEYSCAN=ssh-keyscan
48SFTP=sftp
49SFTPSERVER=/usr/libexec/sftp-server
50SCP=scp
51
52# Interop testing
53PLINK=/usr/local/bin/plink
54PUTTYGEN=/usr/local/bin/puttygen
55CONCH=/usr/local/bin/conch
56
57if [ "x$TEST_SSH_SSH" != "x" ]; then
58	SSH="${TEST_SSH_SSH}"
59fi
60if [ "x$TEST_SSH_SSHD" != "x" ]; then
61	SSHD="${TEST_SSH_SSHD}"
62fi
63if [ "x$TEST_SSH_SSHAGENT" != "x" ]; then
64	SSHAGENT="${TEST_SSH_SSHAGENT}"
65fi
66if [ "x$TEST_SSH_SSHADD" != "x" ]; then
67	SSHADD="${TEST_SSH_SSHADD}"
68fi
69if [ "x$TEST_SSH_SSHKEYGEN" != "x" ]; then
70	SSHKEYGEN="${TEST_SSH_SSHKEYGEN}"
71fi
72if [ "x$TEST_SSH_SSHKEYSCAN" != "x" ]; then
73	SSHKEYSCAN="${TEST_SSH_SSHKEYSCAN}"
74fi
75if [ "x$TEST_SSH_SFTP" != "x" ]; then
76	SFTP="${TEST_SSH_SFTP}"
77fi
78if [ "x$TEST_SSH_SFTPSERVER" != "x" ]; then
79	SFTPSERVER="${TEST_SSH_SFTPSERVER}"
80fi
81if [ "x$TEST_SSH_SCP" != "x" ]; then
82	SCP="${TEST_SSH_SCP}"
83fi
84if [ "x$TEST_SSH_PLINK" != "x" ]; then
85	PLINK="${TEST_SSH_PLINK}"
86fi
87if [ "x$TEST_SSH_PUTTYGEN" != "x" ]; then
88	PUTTYGEN="${TEST_SSH_PUTTYGEN}"
89fi
90if [ "x$TEST_SSH_CONCH" != "x" ]; then
91	CONCH="${TEST_SSH_CONCH}"
92fi
93
94# Path to sshd must be absolute for rexec
95if [ ! -x /$SSHD ]; then
96	SSHD=`which sshd`
97fi
98
99if [ "x$TEST_SSH_LOGFILE" = "x" ]; then
100	TEST_SSH_LOGFILE=/dev/null
101fi
102
103# these should be used in tests
104export SSH SSHD SSHAGENT SSHADD SSHKEYGEN SSHKEYSCAN SFTP SFTPSERVER SCP
105#echo $SSH $SSHD $SSHAGENT $SSHADD $SSHKEYGEN $SSHKEYSCAN $SFTP $SFTPSERVER $SCP
106
107# helper
108cleanup ()
109{
110	if [ -f $PIDFILE ]; then
111		pid=`cat $PIDFILE`
112		if [ "X$pid" = "X" ]; then
113			echo no sshd running
114		else
115			if [ $pid -lt 2 ]; then
116				echo bad pid for ssd: $pid
117			else
118				$SUDO kill $pid
119			fi
120		fi
121	fi
122}
123
124trace ()
125{
126	echo "trace: $@" >>$TEST_SSH_LOGFILE
127	if [ "X$TEST_SSH_TRACE" = "Xyes" ]; then
128		echo "$@"
129	fi
130}
131
132verbose ()
133{
134	echo "verbose: $@" >>$TEST_SSH_LOGFILE
135	if [ "X$TEST_SSH_QUIET" != "Xyes" ]; then
136		echo "$@"
137	fi
138}
139
140
141fail ()
142{
143	echo "FAIL: $@" >>$TEST_SSH_LOGFILE
144	RESULT=1
145	echo "$@"
146}
147
148fatal ()
149{
150	echo "FATAL: $@" >>$TEST_SSH_LOGFILE
151	echo -n "FATAL: "
152	fail "$@"
153	cleanup
154	exit $RESULT
155}
156
157RESULT=0
158PIDFILE=$OBJ/pidfile
159
160trap fatal 3 2
161
162# create server config
163cat << EOF > $OBJ/sshd_config
164	Port			$PORT
165	AddressFamily		inet
166	ListenAddress		127.0.0.1
167	#ListenAddress		::1
168	PidFile			$PIDFILE
169	AuthorizedKeysFile	$OBJ/authorized_keys_%u
170	LogLevel		DEBUG
171	AcceptEnv		_XXX_TEST_*
172	AcceptEnv		_XXX_TEST
173	Subsystem	sftp	$SFTPSERVER
174EOF
175
176if [ ! -z "$TEST_SSH_SSHD_CONFOPTS" ]; then
177	trace "adding sshd_config option $TEST_SSH_SSHD_CONFOPTS"
178	echo "$TEST_SSH_SSHD_CONFOPTS" >> $OBJ/sshd_config
179fi
180
181# server config for proxy connects
182cp $OBJ/sshd_config $OBJ/sshd_proxy
183
184# allow group-writable directories in proxy-mode
185echo 'StrictModes no' >> $OBJ/sshd_proxy
186
187# create client config
188cat << EOF > $OBJ/ssh_config
189Host *
190	Hostname		127.0.0.1
191	HostKeyAlias		localhost-with-alias
192	Port			$PORT
193	User			$USER
194	GlobalKnownHostsFile	$OBJ/known_hosts
195	UserKnownHostsFile	$OBJ/known_hosts
196	RSAAuthentication	yes
197	PubkeyAuthentication	yes
198	ChallengeResponseAuthentication	no
199	HostbasedAuthentication	no
200	PasswordAuthentication	no
201	RhostsRSAAuthentication	no
202	BatchMode		yes
203	StrictHostKeyChecking	yes
204EOF
205
206if [ ! -z "$TEST_SSH_SSH_CONFOPTS" ]; then
207	trace "adding ssh_config option $TEST_SSH_SSHD_CONFOPTS"
208	echo "$TEST_SSH_SSH_CONFOPTS" >> $OBJ/ssh_config
209fi
210
211rm -f $OBJ/known_hosts $OBJ/authorized_keys_$USER
212
213trace "generate keys"
214for t in rsa rsa1; do
215	# generate user key
216	rm -f $OBJ/$t
217	${SSHKEYGEN} -q -N '' -t $t  -f $OBJ/$t ||\
218		fail "ssh-keygen for $t failed"
219
220	# known hosts file for client
221	(
222		echo -n 'localhost-with-alias,127.0.0.1,::1 '
223		cat $OBJ/$t.pub
224	) >> $OBJ/known_hosts
225
226	# setup authorized keys
227	cat $OBJ/$t.pub >> $OBJ/authorized_keys_$USER
228	echo IdentityFile $OBJ/$t >> $OBJ/ssh_config
229
230	# use key as host key, too
231	$SUDO cp $OBJ/$t $OBJ/host.$t
232	echo HostKey $OBJ/host.$t >> $OBJ/sshd_config
233
234	# don't use SUDO for proxy connect
235	echo HostKey $OBJ/$t >> $OBJ/sshd_proxy
236done
237chmod 644 $OBJ/authorized_keys_$USER
238
239# Activate Twisted Conch tests if the binary is present
240REGRESS_INTEROP_CONCH=no
241if test -x "$CONCH" ; then
242	REGRESS_INTEROP_CONCH=yes
243fi
244
245# If PuTTY is present and we are running a PuTTY test, prepare keys and
246# configuration
247REGRESS_INTEROP_PUTTY=no
248if test -x "$PUTTYGEN" -a -x "$PLINK" ; then
249	REGRESS_INTEROP_PUTTY=yes
250fi
251case "$SCRIPT" in
252*putty*)	;;
253*)		REGRESS_INTEROP_PUTTY=no ;;
254esac
255
256if test "$REGRESS_INTEROP_PUTTY" = "yes" ; then
257	mkdir -p ${OBJ}/.putty
258
259	# Add a PuTTY key to authorized_keys
260	rm -f ${OBJ}/putty.rsa2
261	puttygen -t rsa -o ${OBJ}/putty.rsa2 < /dev/null > /dev/null
262	puttygen -O public-openssh ${OBJ}/putty.rsa2 \
263	    >> $OBJ/authorized_keys_$USER
264
265	# Convert rsa2 host key to PuTTY format
266	${SRC}/ssh2putty.sh 127.0.0.1 $PORT $OBJ/rsa > \
267	    ${OBJ}/.putty/sshhostkeys
268	${SRC}/ssh2putty.sh 127.0.0.1 22 $OBJ/rsa >> \
269	    ${OBJ}/.putty/sshhostkeys
270
271	# Setup proxied session
272	mkdir -p ${OBJ}/.putty/sessions
273	rm -f ${OBJ}/.putty/sessions/localhost_proxy
274	echo "Hostname=127.0.0.1" >> ${OBJ}/.putty/sessions/localhost_proxy
275	echo "PortNumber=$PORT" >> ${OBJ}/.putty/sessions/localhost_proxy
276	echo "ProxyMethod=5" >> ${OBJ}/.putty/sessions/localhost_proxy
277	echo "ProxyTelnetCommand=sh ${SRC}/sshd-log-wrapper.sh ${SSHD} ${TEST_SSH_LOGFILE} -i -f $OBJ/sshd_proxy" >> ${OBJ}/.putty/sessions/localhost_proxy
278
279	REGRESS_INTEROP_PUTTY=yes
280fi
281
282# create a proxy version of the client config
283(
284	cat $OBJ/ssh_config
285	echo proxycommand sh ${SRC}/sshd-log-wrapper.sh ${SSHD} ${TEST_SSH_LOGFILE} -i -f $OBJ/sshd_proxy
286) > $OBJ/ssh_proxy
287
288# check proxy config
289${SSHD} -t -f $OBJ/sshd_proxy	|| fatal "sshd_proxy broken"
290
291start_sshd ()
292{
293	# start sshd
294	$SUDO ${SSHD} -f $OBJ/sshd_config "$@" -t || fatal "sshd_config broken"
295	$SUDO ${SSHD} -f $OBJ/sshd_config -e "$@" >>$TEST_SSH_LOGFILE 2>&1
296
297	trace "wait for sshd"
298	i=0;
299	while [ ! -f $PIDFILE -a $i -lt 5 ]; do
300		i=`expr $i + 1`
301		sleep $i
302	done
303
304	test -f $PIDFILE || fatal "no sshd running on port $PORT"
305}
306
307# source test body
308. $SCRIPT
309
310# kill sshd
311cleanup
312if [ $RESULT -eq 0 ]; then
313	verbose ok $tid
314else
315	echo failed $tid
316fi
317exit $RESULT
318