xref: /openbsd/regress/usr.bin/ssh/test-exec.sh (revision 404b540a) 
1#	$OpenBSD: test-exec.sh,v 1.36 2009/10/08 18:04:27 markus Exp $
2#	Placed in the Public Domain.
3
4USER=`id -un`
5#SUDO=sudo
6
7if [ ! -z "$TEST_SSH_PORT" ]; then
8	PORT="$TEST_SSH_PORT"
9else
10	PORT=4242
11fi
12
13OBJ=$1
14if [ "x$OBJ" = "x" ]; then
15	echo '$OBJ not defined'
16	exit 2
17fi
18if [ ! -d $OBJ ]; then
19	echo "not a directory: $OBJ"
20	exit 2
21fi
22SCRIPT=$2
23if [ "x$SCRIPT" = "x" ]; then
24	echo '$SCRIPT not defined'
25	exit 2
26fi
27if [ ! -f $SCRIPT ]; then
28	echo "not a file: $SCRIPT"
29	exit 2
30fi
31if sh -n $SCRIPT; then
32	true
33else
34	echo "syntax error in $SCRIPT"
35	exit 2
36fi
37unset SSH_AUTH_SOCK
38
39SRC=`dirname ${SCRIPT}`
40
41# defaults
42SSH=ssh
43SSHD=sshd
44SSHAGENT=ssh-agent
45SSHADD=ssh-add
46SSHKEYGEN=ssh-keygen
47SSHKEYSCAN=ssh-keyscan
48SFTP=sftp
49SFTPSERVER=/usr/libexec/sftp-server
50SCP=scp
51
52# Interop testing
53PLINK=/usr/local/bin/plink
54PUTTYGEN=/usr/local/bin/puttygen
55CONCH=/usr/local/bin/conch
56
57if [ "x$TEST_SSH_SSH" != "x" ]; then
58	SSH="${TEST_SSH_SSH}"
59fi
60if [ "x$TEST_SSH_SSHD" != "x" ]; then
61	SSHD="${TEST_SSH_SSHD}"
62fi
63if [ "x$TEST_SSH_SSHAGENT" != "x" ]; then
64	SSHAGENT="${TEST_SSH_SSHAGENT}"
65fi
66if [ "x$TEST_SSH_SSHADD" != "x" ]; then
67	SSHADD="${TEST_SSH_SSHADD}"
68fi
69if [ "x$TEST_SSH_SSHKEYGEN" != "x" ]; then
70	SSHKEYGEN="${TEST_SSH_SSHKEYGEN}"
71fi
72if [ "x$TEST_SSH_SSHKEYSCAN" != "x" ]; then
73	SSHKEYSCAN="${TEST_SSH_SSHKEYSCAN}"
74fi
75if [ "x$TEST_SSH_SFTP" != "x" ]; then
76	SFTP="${TEST_SSH_SFTP}"
77fi
78if [ "x$TEST_SSH_SFTPSERVER" != "x" ]; then
79	SFTPSERVER="${TEST_SSH_SFTPSERVER}"
80fi
81if [ "x$TEST_SSH_SCP" != "x" ]; then
82	SCP="${TEST_SSH_SCP}"
83fi
84if [ "x$TEST_SSH_PLINK" != "x" ]; then
85	PLINK="${TEST_SSH_PLINK}"
86fi
87if [ "x$TEST_SSH_PUTTYGEN" != "x" ]; then
88	PUTTYGEN="${TEST_SSH_PUTTYGEN}"
89fi
90if [ "x$TEST_SSH_CONCH" != "x" ]; then
91	CONCH="${TEST_SSH_CONCH}"
92fi
93
94# Path to sshd must be absolute for rexec
95if [ ! -x /$SSHD ]; then
96	SSHD=`which sshd`
97fi
98
99if [ "x$TEST_SSH_LOGFILE" = "x" ]; then
100	TEST_SSH_LOGFILE=/dev/null
101fi
102
103# these should be used in tests
104export SSH SSHD SSHAGENT SSHADD SSHKEYGEN SSHKEYSCAN SFTP SFTPSERVER SCP
105#echo $SSH $SSHD $SSHAGENT $SSHADD $SSHKEYGEN $SSHKEYSCAN $SFTP $SFTPSERVER $SCP
106
107# helper
108cleanup ()
109{
110	if [ -f $PIDFILE ]; then
111		pid=`cat $PIDFILE`
112		if [ "X$pid" = "X" ]; then
113			echo no sshd running
114		else
115			if [ $pid -lt 2 ]; then
116				echo bad pid for ssd: $pid
117			else
118				$SUDO kill $pid
119			fi
120		fi
121	fi
122}
123
124trace ()
125{
126	echo "trace: $@" >>$TEST_SSH_LOGFILE
127	if [ "X$TEST_SSH_TRACE" = "Xyes" ]; then
128		echo "$@"
129	fi
130}
131
132verbose ()
133{
134	echo "verbose: $@" >>$TEST_SSH_LOGFILE
135	if [ "X$TEST_SSH_QUIET" != "Xyes" ]; then
136		echo "$@"
137	fi
138}
139
140
141fail ()
142{
143	echo "FAIL: $@" >>$TEST_SSH_LOGFILE
144	RESULT=1
145	echo "$@"
146}
147
148fatal ()
149{
150	echo "FATAL: $@" >>$TEST_SSH_LOGFILE
151	echo -n "FATAL: "
152	fail "$@"
153	cleanup
154	exit $RESULT
155}
156
157RESULT=0
158PIDFILE=$OBJ/pidfile
159
160trap fatal 3 2
161
162# create server config
163cat << EOF > $OBJ/sshd_config
164	Port			$PORT
165	Protocol		2,1
166	AddressFamily		inet
167	ListenAddress		127.0.0.1
168	#ListenAddress		::1
169	PidFile			$PIDFILE
170	AuthorizedKeysFile	$OBJ/authorized_keys_%u
171	LogLevel		DEBUG
172	AcceptEnv		_XXX_TEST_*
173	AcceptEnv		_XXX_TEST
174	Subsystem	sftp	$SFTPSERVER
175EOF
176
177if [ ! -z "$TEST_SSH_SSHD_CONFOPTS" ]; then
178	trace "adding sshd_config option $TEST_SSH_SSHD_CONFOPTS"
179	echo "$TEST_SSH_SSHD_CONFOPTS" >> $OBJ/sshd_config
180fi
181
182# server config for proxy connects
183cp $OBJ/sshd_config $OBJ/sshd_proxy
184
185# allow group-writable directories in proxy-mode
186echo 'StrictModes no' >> $OBJ/sshd_proxy
187
188# create client config
189cat << EOF > $OBJ/ssh_config
190Host *
191	Protocol		2,1
192	Hostname		127.0.0.1
193	HostKeyAlias		localhost-with-alias
194	Port			$PORT
195	User			$USER
196	GlobalKnownHostsFile	$OBJ/known_hosts
197	UserKnownHostsFile	$OBJ/known_hosts
198	RSAAuthentication	yes
199	PubkeyAuthentication	yes
200	ChallengeResponseAuthentication	no
201	HostbasedAuthentication	no
202	PasswordAuthentication	no
203	RhostsRSAAuthentication	no
204	BatchMode		yes
205	StrictHostKeyChecking	yes
206EOF
207
208if [ ! -z "$TEST_SSH_SSH_CONFOPTS" ]; then
209	trace "adding ssh_config option $TEST_SSH_SSHD_CONFOPTS"
210	echo "$TEST_SSH_SSH_CONFOPTS" >> $OBJ/ssh_config
211fi
212
213rm -f $OBJ/known_hosts $OBJ/authorized_keys_$USER
214
215trace "generate keys"
216for t in rsa rsa1; do
217	# generate user key
218	rm -f $OBJ/$t
219	${SSHKEYGEN} -q -N '' -t $t  -f $OBJ/$t ||\
220		fail "ssh-keygen for $t failed"
221
222	# known hosts file for client
223	(
224		echo -n 'localhost-with-alias,127.0.0.1,::1 '
225		cat $OBJ/$t.pub
226	) >> $OBJ/known_hosts
227
228	# setup authorized keys
229	cat $OBJ/$t.pub >> $OBJ/authorized_keys_$USER
230	echo IdentityFile $OBJ/$t >> $OBJ/ssh_config
231
232	# use key as host key, too
233	$SUDO cp $OBJ/$t $OBJ/host.$t
234	echo HostKey $OBJ/host.$t >> $OBJ/sshd_config
235
236	# don't use SUDO for proxy connect
237	echo HostKey $OBJ/$t >> $OBJ/sshd_proxy
238done
239chmod 644 $OBJ/authorized_keys_$USER
240
241# Activate Twisted Conch tests if the binary is present
242REGRESS_INTEROP_CONCH=no
243if test -x "$CONCH" ; then
244	REGRESS_INTEROP_CONCH=yes
245fi
246
247# If PuTTY is present and we are running a PuTTY test, prepare keys and
248# configuration
249REGRESS_INTEROP_PUTTY=no
250if test -x "$PUTTYGEN" -a -x "$PLINK" ; then
251	REGRESS_INTEROP_PUTTY=yes
252fi
253case "$SCRIPT" in
254*putty*)	;;
255*)		REGRESS_INTEROP_PUTTY=no ;;
256esac
257
258if test "$REGRESS_INTEROP_PUTTY" = "yes" ; then
259	mkdir -p ${OBJ}/.putty
260
261	# Add a PuTTY key to authorized_keys
262	rm -f ${OBJ}/putty.rsa2
263	puttygen -t rsa -o ${OBJ}/putty.rsa2 < /dev/null > /dev/null
264	puttygen -O public-openssh ${OBJ}/putty.rsa2 \
265	    >> $OBJ/authorized_keys_$USER
266
267	# Convert rsa2 host key to PuTTY format
268	${SRC}/ssh2putty.sh 127.0.0.1 $PORT $OBJ/rsa > \
269	    ${OBJ}/.putty/sshhostkeys
270	${SRC}/ssh2putty.sh 127.0.0.1 22 $OBJ/rsa >> \
271	    ${OBJ}/.putty/sshhostkeys
272
273	# Setup proxied session
274	mkdir -p ${OBJ}/.putty/sessions
275	rm -f ${OBJ}/.putty/sessions/localhost_proxy
276	echo "Hostname=127.0.0.1" >> ${OBJ}/.putty/sessions/localhost_proxy
277	echo "PortNumber=$PORT" >> ${OBJ}/.putty/sessions/localhost_proxy
278	echo "ProxyMethod=5" >> ${OBJ}/.putty/sessions/localhost_proxy
279	echo "ProxyTelnetCommand=sh ${SRC}/sshd-log-wrapper.sh ${SSHD} ${TEST_SSH_LOGFILE} -i -f $OBJ/sshd_proxy" >> ${OBJ}/.putty/sessions/localhost_proxy
280
281	REGRESS_INTEROP_PUTTY=yes
282fi
283
284# create a proxy version of the client config
285(
286	cat $OBJ/ssh_config
287	echo proxycommand sh ${SRC}/sshd-log-wrapper.sh ${SSHD} ${TEST_SSH_LOGFILE} -i -f $OBJ/sshd_proxy
288) > $OBJ/ssh_proxy
289
290# check proxy config
291${SSHD} -t -f $OBJ/sshd_proxy	|| fatal "sshd_proxy broken"
292
293start_sshd ()
294{
295	# start sshd
296	$SUDO ${SSHD} -f $OBJ/sshd_config "$@" -t || fatal "sshd_config broken"
297	$SUDO ${SSHD} -f $OBJ/sshd_config -e "$@" >>$TEST_SSH_LOGFILE 2>&1
298
299	trace "wait for sshd"
300	i=0;
301	while [ ! -f $PIDFILE -a $i -lt 5 ]; do
302		i=`expr $i + 1`
303		sleep $i
304	done
305
306	test -f $PIDFILE || fatal "no sshd running on port $PORT"
307}
308
309# source test body
310. $SCRIPT
311
312# kill sshd
313cleanup
314if [ $RESULT -eq 0 ]; then
315	verbose ok $tid
316else
317	echo failed $tid
318fi
319exit $RESULT
320