xref: /openbsd/regress/usr.bin/ssh/percent.sh (revision 905646f0) 
1#	$OpenBSD: percent.sh,v 1.9 2020/07/17 07:10:24 dtucker Exp $
2#	Placed in the Public Domain.
3
4tid="percent expansions"
5
6USER=`id -u -n`
7USERID=`id -u`
8HOST=`hostname | cut -f1 -d.`
9HOSTNAME=`hostname`
10
11# Localcommand is evaluated after connection because %T is not available
12# until then.  Because of this we use a different method of exercising it,
13# and we can't override the remote user otherwise authentication will fail.
14# We also have to explicitly enable it.
15echo "permitlocalcommand yes" >> $OBJ/ssh_proxy
16
17trial()
18{
19	opt="$1"; arg="$2"; expect="$3"
20
21	trace "test $opt=$arg $expect"
22	rm -f $OBJ/actual
23	got=""
24	case "$opt" in
25	localcommand)
26		${SSH} -F $OBJ/ssh_proxy -o $opt="echo '$arg' >$OBJ/actual" \
27		    somehost true
28		got=`cat $OBJ/actual`
29		;;
30	userknownhostsfile)
31		# Move the userknownhosts file to what the expansion says,
32		# make sure ssh works then put it back.
33		mv "$OBJ/known_hosts" "$OBJ/$expect"
34		${SSH} -F $OBJ/ssh_proxy -o $opt="$OBJ/$arg" somehost true && \
35			got="$expect"
36		mv "$OBJ/$expect" "$OBJ/known_hosts"
37		;;
38	matchexec)
39		(cat $OBJ/ssh_proxy && \
40		 echo "Match Exec \"echo '$arg' >$OBJ/actual\"") \
41		    >$OBJ/ssh_proxy_match
42		${SSH} -F $OBJ/ssh_proxy_match remuser@somehost true || true
43		got=`cat $OBJ/actual`
44		;;
45	*forward)
46		# LocalForward and RemoteForward take two args and only
47		# operate on Unix domain socket paths
48		got=`${SSH} -F $OBJ/ssh_proxy -o $opt="/$arg /$arg" -G \
49		    remuser@somehost | awk '$1=="'$opt'"{print $2" "$3}'`
50		expect="/$expect /$expect"
51		;;
52	*)
53		got=`${SSH} -F $OBJ/ssh_proxy -o $opt="$arg" -G \
54		    remuser@somehost | awk '$1=="'$opt'"{print $2}'`
55	esac
56	if [ "$got" != "$expect" ]; then
57		fail "$opt=$arg expect $expect got $got"
58	fi
59}
60
61for i in matchexec localcommand remotecommand controlpath identityagent \
62    forwardagent localforward remoteforward userknownhostsfile; do
63	verbose $tid $i percent
64	case "$i" in
65	localcommand|userknownhostsfile)
66		# Any test that's going to actually make a connection needs
67		# to use the real username.
68		REMUSER=$USER ;;
69	*)
70		REMUSER=remuser ;;
71	esac
72	if [ "$i" = "$localcommand" ]; then
73		trial $i '%T' NONE
74	fi
75	# Matches implementation in readconf.c:ssh_connection_hash()
76	HASH=`printf "${HOSTNAME}127.0.0.1${PORT}$REMUSER" |
77	    openssl sha1 | cut -f2 -d' '`
78	trial $i '%%' '%'
79	trial $i '%C' $HASH
80	trial $i '%i' $USERID
81	trial $i '%h' 127.0.0.1
82	trial $i '%L' $HOST
83	trial $i '%l' $HOSTNAME
84	trial $i '%n' somehost
85	trial $i '%k' localhost-with-alias
86	trial $i '%p' $PORT
87	trial $i '%r' $REMUSER
88	trial $i '%u' $USER
89	# We can't specify a full path outside the regress dir, so skip tests
90	# containing %d for UserKnownHostsFile
91	if [ "$i" != "userknownhostsfile" ]; then
92		trial $i '%d' $HOME
93		trial $i '%%/%C/%i/%h/%d/%L/%l/%n/%p/%r/%u' \
94		    "%/$HASH/$USERID/127.0.0.1/$HOME/$HOST/$HOSTNAME/somehost/$PORT/$REMUSER/$USER"
95	fi
96done
97
98# Subset of above since we don't expand shell-style variables on anything that
99# runs a command because the shell will expand those.
100for i in controlpath identityagent forwardagent localforward remoteforward \
101    userknownhostsfile; do
102	verbose $tid $i dollar
103	FOO=bar
104	export FOO
105	trial $i '${FOO}' $FOO
106done
107
108
109# A subset of options support tilde expansion
110for i in controlpath identityagent forwardagent; do
111	verbose $tid $i tilde
112	trial $i '~' $HOME/
113	trial $i '~/.ssh' $HOME/.ssh
114done
115