xref: /openbsd/regress/usr.bin/ssh/forwarding.sh (revision 979e6981) 
1#	$OpenBSD: forwarding.sh,v 1.24 2021/05/07 09:23:40 dtucker Exp $
2#	Placed in the Public Domain.
3
4tid="local and remote forwarding"
5
6start_sshd
7
8base=33
9last=$PORT
10fwd=""
11CTL=$OBJ/ctl-sock
12
13for j in 0 1 2; do
14	for i in 0 1 2; do
15		a=$base$j$i
16		b=`expr $a + 50`
17		c=$last
18		# fwd chain: $a -> $b -> $c
19		fwd="$fwd -L$a:127.0.0.1:$b -R$b:127.0.0.1:$c"
20		last=$a
21	done
22done
23
24trace "start forwarding, fork to background"
25rm -f $CTL
26${SSH} -S $CTL -N -M -F $OBJ/ssh_config -f $fwd somehost
27
28trace "transfer over forwarded channels and check result"
29${SSH} -F $OBJ/ssh_config -p$last -o 'ConnectionAttempts=10' \
30	somehost cat ${DATA} > ${COPY}
31test -s ${COPY}		|| fail "failed copy of ${DATA}"
32cmp ${DATA} ${COPY}	|| fail "corrupted copy of ${DATA}"
33
34${SSH} -F $OBJ/ssh_config -S $CTL -O exit somehost 2>/dev/null
35
36for d in L R; do
37	trace "exit on -$d forward failure"
38
39	# this one should succeed
40	${SSH}  -F $OBJ/ssh_config \
41	    -$d ${base}01:127.0.0.1:$PORT \
42	    -$d ${base}02:127.0.0.1:$PORT \
43	    -$d ${base}03:127.0.0.1:$PORT \
44	    -$d ${base}04:127.0.0.1:$PORT \
45	    -oExitOnForwardFailure=yes somehost true
46	if [ $? != 0 ]; then
47		fatal "connection failed, should not"
48	else
49		# this one should fail
50		${SSH} -q -F $OBJ/ssh_config \
51		    -$d ${base}01:127.0.0.1:$PORT \
52		    -$d ${base}02:127.0.0.1:$PORT \
53		    -$d ${base}03:127.0.0.1:$PORT \
54		    -$d ${base}01:localhost:$PORT \
55		    -$d ${base}04:127.0.0.1:$PORT \
56		    -oExitOnForwardFailure=yes somehost true
57		r=$?
58		if [ $r != 255 ]; then
59			fail "connection not termintated, but should ($r)"
60		fi
61	fi
62done
63
64trace "simple clear forwarding"
65${SSH} -F $OBJ/ssh_config -oClearAllForwardings=yes somehost true
66
67trace "clear local forward"
68rm -f $CTL
69${SSH} -S $CTL -N -M -f -F $OBJ/ssh_config -L ${base}01:127.0.0.1:$PORT \
70    -oClearAllForwardings=yes somehost
71if [ $? != 0 ]; then
72	fail "connection failed with cleared local forwarding"
73else
74	# this one should fail
75	${SSH} -F $OBJ/ssh_config -p ${base}01 somehost true \
76	     >>$TEST_REGRESS_LOGFILE 2>&1 && \
77		fail "local forwarding not cleared"
78fi
79${SSH} -F $OBJ/ssh_config -S $CTL -O exit somehost 2>/dev/null
80
81trace "clear remote forward"
82rm -f $CTL
83${SSH} -S $CTL -N -M -f -F $OBJ/ssh_config -R ${base}01:127.0.0.1:$PORT \
84    -oClearAllForwardings=yes somehost
85if [ $? != 0 ]; then
86	fail "connection failed with cleared remote forwarding"
87else
88	# this one should fail
89	${SSH} -F $OBJ/ssh_config -p ${base}01 somehost true \
90	     >>$TEST_REGRESS_LOGFILE 2>&1 && \
91		fail "remote forwarding not cleared"
92fi
93${SSH} -F $OBJ/ssh_config -S $CTL -O exit somehost 2>/dev/null
94
95trace "stdio forwarding"
96cmd="${SSH} -F $OBJ/ssh_config"
97$cmd -o "ProxyCommand $cmd -q -W localhost:$PORT somehost" somehost true
98if [ $? != 0 ]; then
99	fail "stdio forwarding"
100fi
101
102echo "LocalForward ${base}01 127.0.0.1:$PORT" >> $OBJ/ssh_config
103echo "RemoteForward ${base}02 127.0.0.1:${base}01" >> $OBJ/ssh_config
104
105trace "config file: start forwarding, fork to background"
106rm -f $CTL
107${SSH} -S $CTL -N -M -F $OBJ/ssh_config -f somehost
108
109trace "config file: transfer over forwarded channels and check result"
110${SSH} -F $OBJ/ssh_config -p${base}02 -o 'ConnectionAttempts=10' \
111	somehost cat ${DATA} > ${COPY}
112test -s ${COPY}		|| fail "failed copy of ${DATA}"
113cmp ${DATA} ${COPY}	|| fail "corrupted copy of ${DATA}"
114
115${SSH} -F $OBJ/ssh_config -S $CTL -O exit somehost 2>/dev/null
116
117trace "transfer over chained unix domain socket forwards and check result"
118rm -f $OBJ/unix-[123].fwd
119rm -f $CTL $CTL.[123]
120${SSH} -S $CTL -N -M -f -F $OBJ/ssh_config -R${base}01:[$OBJ/unix-1.fwd] somehost
121${SSH} -S $CTL.1 -N -M -f -F $OBJ/ssh_config -L[$OBJ/unix-1.fwd]:[$OBJ/unix-2.fwd] somehost
122${SSH} -S $CTL.2 -N -M -f -F $OBJ/ssh_config -R[$OBJ/unix-2.fwd]:[$OBJ/unix-3.fwd] somehost
123${SSH} -S $CTL.3 -N -M -f -F $OBJ/ssh_config -L[$OBJ/unix-3.fwd]:127.0.0.1:$PORT somehost
124${SSH} -F $OBJ/ssh_config -p${base}01 -o 'ConnectionAttempts=10' \
125	somehost cat ${DATA} > ${COPY}
126test -s ${COPY}			|| fail "failed copy ${DATA}"
127cmp ${DATA} ${COPY}		|| fail "corrupted copy of ${DATA}"
128
129${SSH} -F $OBJ/ssh_config -S $CTL -O exit somehost 2>/dev/null
130${SSH} -F $OBJ/ssh_config -S $CTL.1 -O exit somehost 2>/dev/null
131${SSH} -F $OBJ/ssh_config -S $CTL.2 -O exit somehost 2>/dev/null
132${SSH} -F $OBJ/ssh_config -S $CTL.3 -O exit somehost 2>/dev/null
133
134