1*979e6981Sdtucker# $OpenBSD: forwarding.sh,v 1.24 2021/05/07 09:23:40 dtucker Exp $ 225a4fdfeSmarkus# Placed in the Public Domain. 325a4fdfeSmarkus 455154775Smarkustid="local and remote forwarding" 555154775Smarkus 60eef944aSmarkusstart_sshd 70eef944aSmarkus 855154775Smarkusbase=33 955154775Smarkuslast=$PORT 1055154775Smarkusfwd="" 11590b8307SdjmCTL=$OBJ/ctl-sock 12590b8307Sdjm 1355154775Smarkusfor j in 0 1 2; do 1455154775Smarkus for i in 0 1 2; do 1555154775Smarkus a=$base$j$i 1655154775Smarkus b=`expr $a + 50` 1755154775Smarkus c=$last 1855154775Smarkus # fwd chain: $a -> $b -> $c 1955154775Smarkus fwd="$fwd -L$a:127.0.0.1:$b -R$b:127.0.0.1:$c" 2055154775Smarkus last=$a 2155154775Smarkus done 2255154775Smarkusdone 23773d7cabSdjm 2455154775Smarkustrace "start forwarding, fork to background" 25c95afc8eSdtuckerrm -f $CTL 263a647ddcSdtucker${SSH} -S $CTL -N -M -F $OBJ/ssh_config -f $fwd somehost 2755154775Smarkus 2855154775Smarkustrace "transfer over forwarded channels and check result" 29*979e6981Sdtucker${SSH} -F $OBJ/ssh_config -p$last -o 'ConnectionAttempts=10' \ 3055727a17Sdtucker somehost cat ${DATA} > ${COPY} 31a0215499Smillerttest -s ${COPY} || fail "failed copy of ${DATA}" 3255727a17Sdtuckercmp ${DATA} ${COPY} || fail "corrupted copy of ${DATA}" 3355154775Smarkus 343a647ddcSdtucker${SSH} -F $OBJ/ssh_config -S $CTL -O exit somehost 2>/dev/null 35703e6eb8Sdtucker 3691776c60Smarkusfor d in L R; do 37773d7cabSdjm trace "exit on -$d forward failure" 3891776c60Smarkus 3991776c60Smarkus # this one should succeed 40773d7cabSdjm ${SSH} -F $OBJ/ssh_config \ 4191776c60Smarkus -$d ${base}01:127.0.0.1:$PORT \ 4291776c60Smarkus -$d ${base}02:127.0.0.1:$PORT \ 4391776c60Smarkus -$d ${base}03:127.0.0.1:$PORT \ 4491776c60Smarkus -$d ${base}04:127.0.0.1:$PORT \ 4591776c60Smarkus -oExitOnForwardFailure=yes somehost true 4691776c60Smarkus if [ $? != 0 ]; then 47959af934Sdjm fatal "connection failed, should not" 4891776c60Smarkus else 4991776c60Smarkus # this one should fail 50773d7cabSdjm ${SSH} -q -F $OBJ/ssh_config \ 5191776c60Smarkus -$d ${base}01:127.0.0.1:$PORT \ 5291776c60Smarkus -$d ${base}02:127.0.0.1:$PORT \ 5391776c60Smarkus -$d ${base}03:127.0.0.1:$PORT \ 54d1805004Sdjm -$d ${base}01:localhost:$PORT \ 5591776c60Smarkus -$d ${base}04:127.0.0.1:$PORT \ 5691776c60Smarkus -oExitOnForwardFailure=yes somehost true 5791776c60Smarkus r=$? 5891776c60Smarkus if [ $r != 255 ]; then 5991776c60Smarkus fail "connection not termintated, but should ($r)" 6091776c60Smarkus fi 6191776c60Smarkus fi 6291776c60Smarkusdone 6391776c60Smarkus 64773d7cabSdjmtrace "simple clear forwarding" 65773d7cabSdjm${SSH} -F $OBJ/ssh_config -oClearAllForwardings=yes somehost true 66703e6eb8Sdtucker 67773d7cabSdjmtrace "clear local forward" 68c95afc8eSdtuckerrm -f $CTL 693a647ddcSdtucker${SSH} -S $CTL -N -M -f -F $OBJ/ssh_config -L ${base}01:127.0.0.1:$PORT \ 703a647ddcSdtucker -oClearAllForwardings=yes somehost 71703e6eb8Sdtuckerif [ $? != 0 ]; then 72703e6eb8Sdtucker fail "connection failed with cleared local forwarding" 73703e6eb8Sdtuckerelse 74703e6eb8Sdtucker # this one should fail 75773d7cabSdjm ${SSH} -F $OBJ/ssh_config -p ${base}01 somehost true \ 76253ef5b4Sdtucker >>$TEST_REGRESS_LOGFILE 2>&1 && \ 77703e6eb8Sdtucker fail "local forwarding not cleared" 78703e6eb8Sdtuckerfi 793a647ddcSdtucker${SSH} -F $OBJ/ssh_config -S $CTL -O exit somehost 2>/dev/null 80703e6eb8Sdtucker 81773d7cabSdjmtrace "clear remote forward" 82c95afc8eSdtuckerrm -f $CTL 833a647ddcSdtucker${SSH} -S $CTL -N -M -f -F $OBJ/ssh_config -R ${base}01:127.0.0.1:$PORT \ 843a647ddcSdtucker -oClearAllForwardings=yes somehost 85703e6eb8Sdtuckerif [ $? != 0 ]; then 86703e6eb8Sdtucker fail "connection failed with cleared remote forwarding" 87703e6eb8Sdtuckerelse 88703e6eb8Sdtucker # this one should fail 89773d7cabSdjm ${SSH} -F $OBJ/ssh_config -p ${base}01 somehost true \ 90253ef5b4Sdtucker >>$TEST_REGRESS_LOGFILE 2>&1 && \ 91703e6eb8Sdtucker fail "remote forwarding not cleared" 92703e6eb8Sdtuckerfi 933a647ddcSdtucker${SSH} -F $OBJ/ssh_config -S $CTL -O exit somehost 2>/dev/null 946f54541fSdtucker 95773d7cabSdjmtrace "stdio forwarding" 96773d7cabSdjmcmd="${SSH} -F $OBJ/ssh_config" 97773d7cabSdjm$cmd -o "ProxyCommand $cmd -q -W localhost:$PORT somehost" somehost true 986f54541fSdtuckerif [ $? != 0 ]; then 99773d7cabSdjm fail "stdio forwarding" 1006f54541fSdtuckerfi 101fd4d939bSdtucker 1029b10d81aSdjmecho "LocalForward ${base}01 127.0.0.1:$PORT" >> $OBJ/ssh_config 1039b10d81aSdjmecho "RemoteForward ${base}02 127.0.0.1:${base}01" >> $OBJ/ssh_config 104773d7cabSdjm 105fd4d939bSdtuckertrace "config file: start forwarding, fork to background" 106c95afc8eSdtuckerrm -f $CTL 1073a647ddcSdtucker${SSH} -S $CTL -N -M -F $OBJ/ssh_config -f somehost 108fd4d939bSdtucker 109fd4d939bSdtuckertrace "config file: transfer over forwarded channels and check result" 110*979e6981Sdtucker${SSH} -F $OBJ/ssh_config -p${base}02 -o 'ConnectionAttempts=10' \ 111fd4d939bSdtucker somehost cat ${DATA} > ${COPY} 112a0215499Smillerttest -s ${COPY} || fail "failed copy of ${DATA}" 113fd4d939bSdtuckercmp ${DATA} ${COPY} || fail "corrupted copy of ${DATA}" 114fd4d939bSdtucker 1153a647ddcSdtucker${SSH} -F $OBJ/ssh_config -S $CTL -O exit somehost 2>/dev/null 116a0215499Smillert 117a0215499Smillerttrace "transfer over chained unix domain socket forwards and check result" 118a0215499Smillertrm -f $OBJ/unix-[123].fwd 119c95afc8eSdtuckerrm -f $CTL $CTL.[123] 1203a647ddcSdtucker${SSH} -S $CTL -N -M -f -F $OBJ/ssh_config -R${base}01:[$OBJ/unix-1.fwd] somehost 1213a647ddcSdtucker${SSH} -S $CTL.1 -N -M -f -F $OBJ/ssh_config -L[$OBJ/unix-1.fwd]:[$OBJ/unix-2.fwd] somehost 1223a647ddcSdtucker${SSH} -S $CTL.2 -N -M -f -F $OBJ/ssh_config -R[$OBJ/unix-2.fwd]:[$OBJ/unix-3.fwd] somehost 1233a647ddcSdtucker${SSH} -S $CTL.3 -N -M -f -F $OBJ/ssh_config -L[$OBJ/unix-3.fwd]:127.0.0.1:$PORT somehost 124*979e6981Sdtucker${SSH} -F $OBJ/ssh_config -p${base}01 -o 'ConnectionAttempts=10' \ 125a0215499Smillert somehost cat ${DATA} > ${COPY} 126a0215499Smillerttest -s ${COPY} || fail "failed copy ${DATA}" 127a0215499Smillertcmp ${DATA} ${COPY} || fail "corrupted copy of ${DATA}" 128a0215499Smillert 1293a647ddcSdtucker${SSH} -F $OBJ/ssh_config -S $CTL -O exit somehost 2>/dev/null 1303a647ddcSdtucker${SSH} -F $OBJ/ssh_config -S $CTL.1 -O exit somehost 2>/dev/null 1313a647ddcSdtucker${SSH} -F $OBJ/ssh_config -S $CTL.2 -O exit somehost 2>/dev/null 1323a647ddcSdtucker${SSH} -F $OBJ/ssh_config -S $CTL.3 -O exit somehost 2>/dev/null 133773d7cabSdjm 134