1#	$OpenBSD: channel-timeout.sh,v 1.2 2024/01/09 22:19:36 djm Exp $
2#	Placed in the Public Domain.
3
4tid="channel timeout"
5
6# XXX not comprehensive. Still need -R -L agent X11 forwarding + interactive
7
8rm -f $OBJ/finished.* $OBJ/mux.*
9
10MUXPATH=$OBJ/mux.$$
11open_mux() {
12	${SSH} -nNfM -oControlPath=$MUXPATH -F $OBJ/ssh_proxy "$@" somehost ||
13	    fatal "open mux failed"
14	test -e $MUXPATH || fatal "mux socket $MUXPATH not established"
15}
16
17close_mux() {
18	test -e $MUXPATH || fatal "mux socket $MUXPATH missing"
19	${SSH} -qF $OBJ/ssh_proxy -oControlPath=$MUXPATH -O exit somehost ||
20	    fatal "could not terminate mux process"
21	for x in 1 2 3 4 5 6 7 8 9 10 ; do
22		test -e $OBJ/mux && break
23		sleep 1
24	done
25	test -e $MUXPATH && fatal "mux did not clean up"
26}
27mux_client() {
28	${SSH} -F $OBJ/ssh_proxy -oControlPath=$MUXPATH somehost "$@"
29}
30
31rm -f $OBJ/sshd_proxy.orig
32cp $OBJ/sshd_proxy $OBJ/sshd_proxy.orig
33
34verbose "no timeout"
35${SSH} -F $OBJ/ssh_proxy somehost "sleep 5 ; exit 23"
36r=$?
37if [ $r -ne 23 ]; then
38	fail "ssh failed"
39fi
40
41verbose "command timeout"
42(cat $OBJ/sshd_proxy.orig ; echo "ChannelTimeout session:command=1") \
43	> $OBJ/sshd_proxy
44${SSH} -F $OBJ/ssh_proxy somehost "sleep 5 ; exit 23"
45r=$?
46if [ $r -ne 255 ]; then
47	fail "ssh returned unexpected error code $r"
48fi
49
50verbose "command long timeout"
51(cat $OBJ/sshd_proxy.orig ; echo "ChannelTimeout session:command=60") \
52	> $OBJ/sshd_proxy
53${SSH} -F $OBJ/ssh_proxy somehost "exit 23"
54r=$?
55if [ $r -ne 23 ]; then
56	fail "ssh returned unexpected error code $r"
57fi
58
59verbose "command wildcard timeout"
60(cat $OBJ/sshd_proxy.orig ; echo "ChannelTimeout session:*=1") \
61	> $OBJ/sshd_proxy
62${SSH} -F $OBJ/ssh_proxy somehost "sleep 5 ; exit 23"
63r=$?
64if [ $r -ne 255 ]; then
65	fail "ssh returned unexpected error code $r"
66fi
67
68verbose "command irrelevant timeout"
69(cat $OBJ/sshd_proxy.orig ; echo "ChannelTimeout session:shell=1") \
70	> $OBJ/sshd_proxy
71${SSH} -F $OBJ/ssh_proxy somehost "sleep 5 ; exit 23"
72r=$?
73if [ $r -ne 23 ]; then
74	fail "ssh failed"
75fi
76
77if config_defined DISABLE_FD_PASSING ; then
78	verbose "skipping multiplexing tests"
79else
80	verbose "multiplexed command timeout"
81	(cat $OBJ/sshd_proxy.orig ; echo "ChannelTimeout session:command=1") \
82		> $OBJ/sshd_proxy
83	open_mux
84	mux_client "sleep 5 ; exit 23"
85	r=$?
86	if [ $r -ne 255 ]; then
87		fail "ssh returned unexpected error code $r"
88	fi
89	close_mux
90
91	verbose "irrelevant multiplexed command timeout"
92	(cat $OBJ/sshd_proxy.orig ; echo "ChannelTimeout session:shell=1") \
93		> $OBJ/sshd_proxy
94	open_mux
95	mux_client "sleep 5 ; exit 23"
96	r=$?
97	if [ $r -ne 23 ]; then
98		fail "ssh returned unexpected error code $r"
99	fi
100	close_mux
101
102	verbose "global command timeout"
103	(cat $OBJ/sshd_proxy.orig ; echo "ChannelTimeout global=10") \
104		> $OBJ/sshd_proxy
105	open_mux
106	mux_client "sleep 1 ; echo ok ; sleep 1; echo ok; sleep 60; touch $OBJ/finished.1" >/dev/null &
107	mux_client "sleep 60 ; touch $OBJ/finished.2" >/dev/null &
108	mux_client "sleep 2 ; touch $OBJ/finished.3" >/dev/null &
109	wait
110	test -f $OBJ/finished.1 && fail "first mux process completed"
111	test -f $OBJ/finished.2 && fail "second mux process completed"
112	test -f $OBJ/finished.3 || fail "third mux process did not complete"
113	close_mux
114fi
115
116# Set up a "slow sftp server" that sleeps before executing the real one.
117cat > $OBJ/slow-sftp-server.sh << _EOF
118#!/bin/sh
119
120sleep 5
121$SFTPSERVER
122_EOF
123chmod a+x $OBJ/slow-sftp-server.sh
124
125verbose "sftp no timeout"
126(grep -vi subsystem.*sftp $OBJ/sshd_proxy.orig;
127 echo "Subsystem sftp $OBJ/slow-sftp-server.sh" ) > $OBJ/sshd_proxy
128
129rm -f ${COPY}
130$SFTP -qS $SSH -F $OBJ/ssh_proxy somehost:$DATA $COPY
131r=$?
132if [ $r -ne 0 ]; then
133	fail "sftp failed"
134fi
135cmp $DATA $COPY || fail "corrupted copy"
136
137verbose "sftp timeout"
138(grep -vi subsystem.*sftp $OBJ/sshd_proxy.orig;
139 echo "ChannelTimeout session:subsystem:sftp=1" ;
140 echo "Subsystem sftp $OBJ/slow-sftp-server.sh" ) > $OBJ/sshd_proxy
141
142rm -f ${COPY}
143$SFTP -qS $SSH -F $OBJ/ssh_proxy somehost:$DATA $COPY
144r=$?
145if [ $r -eq 0 ]; then
146	fail "sftp succeeded unexpectedly"
147fi
148test -f $COPY && cmp $DATA $COPY && fail "intact copy"
149
150verbose "sftp irrelevant timeout"
151(grep -vi subsystem.*sftp $OBJ/sshd_proxy.orig;
152 echo "ChannelTimeout session:subsystem:command=1" ;
153 echo "Subsystem sftp $OBJ/slow-sftp-server.sh" ) > $OBJ/sshd_proxy
154
155rm -f ${COPY}
156$SFTP -qS $SSH -F $OBJ/ssh_proxy somehost:$DATA $COPY
157r=$?
158if [ $r -ne 0 ]; then
159	fail "sftp failed"
160fi
161cmp $DATA $COPY || fail "corrupted copy"
162