xref: /openbsd/regress/usr.bin/ssh/Makefile (revision 510d2225) 
1#	$OpenBSD: Makefile,v 1.129 2023/10/26 18:52:45 anton Exp $
2
3OPENSSL?=	yes
4
5# Unit tests require OpenSSL.
6.if !defined(SKIP_UNIT) && ${OPENSSL:L} == yes
7SUBDIR=		unittests
8.endif
9SUBDIR+=	misc
10
11REGRESS_SETUP_ONCE=misc	# For sk-dummy.so
12
13# Key conversion operations are not supported when built w/out OpenSSL.
14.if !defined(LTESTS_FROM) && ${OPENSSL:L} != no
15REGRESS_TARGETS=	t1 t2 t3 t4 t5 t6 t7 t8 t9 t10 t11 t12
16.endif
17
18LTESTS= 	connect \
19		proxy-connect \
20		sshfp-connect \
21		connect-privsep \
22		connect-uri \
23		proto-version \
24		proto-mismatch \
25		exit-status \
26		exit-status-signal \
27		envpass \
28		transfer \
29		banner \
30		rekey \
31		dhgex \
32		stderr-data \
33		stderr-after-eof \
34		broken-pipe \
35		try-ciphers \
36		yes-head \
37		login-timeout \
38		agent \
39		agent-getpeereid \
40		agent-timeout \
41		agent-ptrace \
42		agent-subprocess \
43		keyscan \
44		keygen-change \
45		keygen-comment \
46		keygen-convert \
47		keygen-knownhosts \
48		keygen-moduli \
49		keygen-sshfp \
50		key-options \
51		scp \
52		scp3 \
53		scp-uri \
54		sftp \
55		sftp-chroot \
56		sftp-cmds \
57		sftp-badcmds \
58		sftp-batch \
59		sftp-glob \
60		sftp-perm \
61		sftp-uri \
62		reconfigure \
63		dynamic-forward \
64		forwarding \
65		multiplex \
66		reexec \
67		brokenkeys \
68		sshcfgparse \
69		cfgparse \
70		cfgmatch \
71		cfgmatchlisten \
72		percent \
73		addrmatch \
74		localcommand \
75		forcecommand \
76		portnum \
77		keytype \
78		kextype \
79		cert-hostkey \
80		cert-userkey \
81		host-expand \
82		keys-command \
83		forward-control \
84		integrity \
85		krl \
86		multipubkey \
87		limit-keytype \
88		hostkey-agent \
89		hostkey-rotate \
90		principals-command \
91		cert-file \
92		cfginclude \
93		servcfginclude \
94		allow-deny-users \
95		authinfo \
96		sshsig \
97		knownhosts \
98		knownhosts-command \
99		agent-restrict \
100		hostbased \
101		channel-timeout \
102		connection-timeout \
103		match-subsystem
104
105INTEROP_TESTS=	putty-transfer putty-ciphers putty-kex conch-ciphers
106INTEROP_TESTS+=	dropbear-ciphers dropbear-kex
107#INTEROP_TESTS+=ssh-com ssh-com-client ssh-com-keygen ssh-com-sftp
108
109EXTRA_TESTS=	agent-pkcs11
110#EXTRA_TESTS+= 	cipher-speed
111
112USERNAME!=	id -un
113CLEANFILES+=	*.core actual agent-key.* authorized_keys_${USERNAME} \
114		authorized_keys_${USERNAME}.* authorized_principals_${USERNAME} \
115		banner.in banner.out cert_host_key* cert_user_key* \
116		copy.1 copy.2 data ed25519-agent ed25519-agent* \
117		ed25519-agent.pub empty.in expect failed-regress.log \
118		failed-ssh.log failed-sshd.log hkr.* host.ecdsa-sha2-nistp256 \
119		host.ecdsa-sha2-nistp384 host.ecdsa-sha2-nistp521 \
120		host.ssh-dss host.ssh-ed25519 host.ssh-rsa \
121		host_* host_ca_key* host_krl_* host_revoked_* key.* \
122		key.dsa-* key.ecdsa-* key.ed25519-512 key.ed25519-512.pub \
123		key.rsa-* keys-command-args kh.* known_hosts askpass \
124		known_hosts-cert known_hosts.* krl-* ls.copy modpipe \
125		netcat pidfile putty.rsa2 ready regress.log remote_pid \
126		revoked-* rsa rsa-agent rsa-agent.pub rsa.pub rsa_ssh2_cr.prv \
127		rsa_ssh2_crnl.prv scp-ssh-wrapper.exe \
128		scp-ssh-wrapper.scp setuid-allowed sftp-server.log \
129		sftp-server.sh sftp.log ssh-log-wrapper.sh ssh.log \
130		ssh-agent.log ssh-add.log slow-sftp-server.sh \
131		ssh-rsa_oldfmt knownhosts_command \
132		ssh_config ssh_config.* ssh_proxy ssh_proxy_bak \
133		ssh_proxy_* sshd.log sshd_config sshd_config.* \
134		sshd_proxy sshd_proxy.* sshd_proxy_bak sshd_proxy_orig \
135		t10.out t10.out.pub t12.out t12.out.pub t2.out t3.out \
136		t6.out1 t6.out2 t7.out t7.out.pub t8.out t8.out.pub \
137		t9.out t9.out.pub \
138		timestamp testdata user_*key* user_ca* user_key*
139
140# Enable all malloc(3) randomisations and checks
141TEST_ENV=      "MALLOC_OPTIONS=CFGJRSUX"
142
143t1:
144	ssh-keygen -if ${.CURDIR}/rsa_ssh2.prv | diff - ${.CURDIR}/rsa_openssh.prv
145	tr '\n' '\r' <${.CURDIR}/rsa_ssh2.prv > ${.OBJDIR}/rsa_ssh2_cr.prv
146	ssh-keygen -if ${.OBJDIR}/rsa_ssh2_cr.prv | diff - ${.CURDIR}/rsa_openssh.prv
147	awk '{print $$0 "\r"}' ${.CURDIR}/rsa_ssh2.prv > ${.OBJDIR}/rsa_ssh2_crnl.prv
148	ssh-keygen -if ${.OBJDIR}/rsa_ssh2_crnl.prv | diff - ${.CURDIR}/rsa_openssh.prv
149
150t2:
151	cat ${.CURDIR}/rsa_openssh.prv > t2.out
152	chmod 600 t2.out
153	ssh-keygen -yf t2.out | diff - ${.CURDIR}/rsa_openssh.pub
154
155t3:
156	ssh-keygen -ef ${.CURDIR}/rsa_openssh.pub |\
157		ssh-keygen -if /dev/stdin |\
158		diff - ${.CURDIR}/rsa_openssh.pub
159
160t4:
161	ssh-keygen -E md5 -lf ${.CURDIR}/rsa_openssh.pub |\
162		awk '{print $$2}' | diff - ${.CURDIR}/t4.ok
163
164t5:
165	ssh-keygen -Bf ${.CURDIR}/rsa_openssh.pub |\
166		awk '{print $$2}' | diff - ${.CURDIR}/t5.ok
167
168t6:
169	ssh-keygen -if ${.CURDIR}/dsa_ssh2.prv > t6.out1
170	ssh-keygen -if ${.CURDIR}/dsa_ssh2.pub > t6.out2
171	chmod 600 t6.out1
172	ssh-keygen -yf t6.out1 | diff - t6.out2
173
174t7.out:
175	ssh-keygen -q -t rsa -N '' -f $@
176
177t7: t7.out
178	ssh-keygen -lf t7.out > /dev/null
179	ssh-keygen -Bf t7.out > /dev/null
180
181t8.out:
182	ssh-keygen -q -t dsa -N '' -f $@
183
184t8: t8.out
185	ssh-keygen -lf t8.out > /dev/null
186	ssh-keygen -Bf t8.out > /dev/null
187
188t9.out:
189	ssh-keygen -q -t ecdsa -N '' -f $@
190
191t9: t9.out
192	ssh-keygen -lf t9.out > /dev/null
193	ssh-keygen -Bf t9.out > /dev/null
194
195t10.out:
196	ssh-keygen -q -t ed25519 -N '' -f $@
197
198t10: t10.out
199	ssh-keygen -lf t10.out > /dev/null
200	ssh-keygen -Bf t10.out > /dev/null
201
202t11:
203	ssh-keygen -E sha256 -lf ${.CURDIR}/rsa_openssh.pub |\
204		awk '{print $$2}' | diff - ${.CURDIR}/t11.ok
205
206t12.out:
207	ssh-keygen -q -t ed25519 -N '' -C 'test-comment-1234' -f $@
208
209t12: t12.out
210	ssh-keygen -lf t12.out.pub | grep -q test-comment-1234
211
212modpipe: modpipe.c
213
214timestamp: timestamp.c
215
216t-integrity: modpipe
217
218.for t in ${LTESTS} ${INTEROP_TESTS} ${EXTRA_TESTS}
219t-${t}: timestamp
220	env SUDO="${SUDO}" ${TEST_ENV} \
221	    sh ${.CURDIR}/test-exec.sh ${.OBJDIR} ${.CURDIR}/${t}.sh
222.endfor
223
224.undef LTESTS_STARTED
225.for t in ${LTESTS}
226.if defined(LTESTS_FROM) && ${LTESTS_FROM} == t-${t}
227LTESTS_STARTED=yes
228.endif
229.if !defined(LTESTS_FROM) || defined(LTESTS_STARTED)
230REGRESS_TARGETS+=t-${t}
231.endif
232.endfor
233
234# Not run by default
235.if make(interop)
236
237.for t in ${INTEROP_TESTS}
238INTEROP_TARGETS+=t-${t}
239.endfor
240
241REGRESS_TARGETS=${INTEROP_TARGETS}
242SUBDIR=
243
244interop: regress
245
246.endif
247
248# Not run by default
249.if make(extra)
250
251.for t in ${EXTRA_TESTS}
252EXTRA_TARGETS+=t-${t}
253.endfor
254
255REGRESS_TARGETS=${EXTRA_TARGETS}
256SUBDIR=
257
258extra: regress
259
260.endif
261
262.for s in ${SUBDIR}
263CLEAN_SUBDIR+=c-${s}
264c-${s}:
265	${MAKE} -C ${.CURDIR}/${s} clean
266.endfor
267
268clean: ${CLEAN_SUBDIR}
269	rm -f ${CLEANFILES}
270	rm -rf .putty
271	rm -rf .dropbear
272
273.include <bsd.regress.mk>
274