regress/test-exec.sh

   1 #       $OpenBSD: test-exec.sh,v 1.37 2010/02/24 06:21:56 djm Exp $
   2 #       Placed in the Public Domain.
   3
   4 #SUDO=sudo
   5
   6 # Unbreak GNU head(1)
   7 _POSIX2_VERSION=199209
   8 export _POSIX2_VERSION
   9
  10 case `uname -s 2>/dev/null` in
  11 OSF1*)
  12         BIN_SH=xpg4
  13         export BIN_SH
  14         ;;
  15 CYGWIN_NT-5.0)
  16         os=cygwin
  17         TEST_SSH_IPV6=no
  18         ;;
  19 CYGWIN*)
  20         os=cygwin
  21         ;;
  22 esac
  23
  24 if [ ! -z "$TEST_SSH_PORT" ]; then
  25         PORT="$TEST_SSH_PORT"
  26 else
  27         PORT=4242
  28 fi
  29
  30 if [ -x /usr/ucb/whoami ]; then
  31         USER=`/usr/ucb/whoami`
  32 elif whoami >/dev/null 2>&1; then
  33         USER=`whoami`
  34 elif logname >/dev/null 2>&1; then
  35         USER=`logname`
  36 else
  37         USER=`id -un`
  38 fi
  39
  40 OBJ=$1
  41 if [ "x$OBJ" = "x" ]; then
  42         echo '$OBJ not defined'
  43         exit 2
  44 fi
  45 if [ ! -d $OBJ ]; then
  46         echo "not a directory: $OBJ"
  47         exit 2
  48 fi
  49 SCRIPT=$2
  50 if [ "x$SCRIPT" = "x" ]; then
  51         echo '$SCRIPT not defined'
  52         exit 2
  53 fi
  54 if [ ! -f $SCRIPT ]; then
  55         echo "not a file: $SCRIPT"
  56         exit 2
  57 fi
  58 if $TEST_SHELL -n $SCRIPT; then
  59         true
  60 else
  61         echo "syntax error in $SCRIPT"
  62         exit 2
  63 fi
  64 unset SSH_AUTH_SOCK
  65
  66 SRC=`dirname ${SCRIPT}`
  67
  68 # defaults
  69 SSH=ssh
  70 SSHD=sshd
  71 SSHAGENT=ssh-agent
  72 SSHADD=ssh-add
  73 SSHKEYGEN=ssh-keygen
  74 SSHKEYSCAN=ssh-keyscan
  75 SFTP=sftp
  76 SFTPSERVER=/usr/libexec/openssh/sftp-server
  77 SCP=scp
  78
  79 # Interop testing
  80 PLINK=plink
  81 PUTTYGEN=puttygen
  82 CONCH=conch
  83
  84 if [ "x$TEST_SSH_SSH" != "x" ]; then
  85         SSH="${TEST_SSH_SSH}"
  86 fi
  87 if [ "x$TEST_SSH_SSHD" != "x" ]; then
  88         SSHD="${TEST_SSH_SSHD}"
  89 fi
  90 if [ "x$TEST_SSH_SSHAGENT" != "x" ]; then
  91         SSHAGENT="${TEST_SSH_SSHAGENT}"
  92 fi
  93 if [ "x$TEST_SSH_SSHADD" != "x" ]; then
  94         SSHADD="${TEST_SSH_SSHADD}"
  95 fi
  96 if [ "x$TEST_SSH_SSHKEYGEN" != "x" ]; then
  97         SSHKEYGEN="${TEST_SSH_SSHKEYGEN}"
  98 fi
  99 if [ "x$TEST_SSH_SSHKEYSCAN" != "x" ]; then
 100         SSHKEYSCAN="${TEST_SSH_SSHKEYSCAN}"
 101 fi
 102 if [ "x$TEST_SSH_SFTP" != "x" ]; then
 103         SFTP="${TEST_SSH_SFTP}"
 104 fi
 105 if [ "x$TEST_SSH_SFTPSERVER" != "x" ]; then
 106         SFTPSERVER="${TEST_SSH_SFTPSERVER}"
 107 fi
 108 if [ "x$TEST_SSH_SCP" != "x" ]; then
 109         SCP="${TEST_SSH_SCP}"
 110 fi
 111 if [ "x$TEST_SSH_PLINK" != "x" ]; then
 112         # Find real binary, if it exists
 113         case "${TEST_SSH_PLINK}" in
 114         /*) PLINK="${TEST_SSH_PLINK}" ;;
 115         *) PLINK=`which ${TEST_SSH_PLINK} 2>/dev/null` ;;
 116         esac
 117 fi
 118 if [ "x$TEST_SSH_PUTTYGEN" != "x" ]; then
 119         # Find real binary, if it exists
 120         case "${TEST_SSH_PUTTYGEN}" in
 121         /*) PUTTYGEN="${TEST_SSH_PUTTYGEN}" ;;
 122         *) PUTTYGEN=`which ${TEST_SSH_PUTTYGEN} 2>/dev/null` ;;
 123         esac
 124 fi
 125 if [ "x$TEST_SSH_CONCH" != "x" ]; then
 126         # Find real binary, if it exists
 127         case "${TEST_SSH_CONCH}" in
 128         /*) CONCH="${TEST_SSH_CONCH}" ;;
 129         *) CONCH=`which ${TEST_SSH_CONCH} 2>/dev/null` ;;
 130         esac
 131 fi
 132
 133 # Path to sshd must be absolute for rexec
 134 case "$SSHD" in
 135 /*) ;;
 136 *) SSHD=`which sshd` ;;
 137 esac
 138
 139 if [ "x$TEST_SSH_LOGFILE" = "x" ]; then
 140         TEST_SSH_LOGFILE=/dev/null
 141 fi
 142
 143 # Some data for test copies
 144 DATA=$OBJ/testdata
 145 cat $SSHD${EXEEXT} $SSHD${EXEEXT} $SSHD${EXEEXT} $SSHD${EXEEXT} >$DATA
 146
 147 # these should be used in tests
 148 export SSH SSHD SSHAGENT SSHADD SSHKEYGEN SSHKEYSCAN SFTP SFTPSERVER SCP
 149 #echo $SSH $SSHD $SSHAGENT $SSHADD $SSHKEYGEN $SSHKEYSCAN $SFTP $SFTPSERVER $SCP
 150
 151 # helper
 152 echon()
 153 {
 154        if [ "x`echo -n`" = "x" ]; then
 155                echo -n "$@"
 156        elif [ "x`echo '\c'`" = "x" ]; then
 157                echo "$@\c"
 158        else
 159                fatal "Don't know how to echo without newline."
 160        fi
 161 }
 162
 163 have_prog()
 164 {
 165         saved_IFS="$IFS"
 166         IFS=":"
 167         for i in $PATH
 168         do
 169                 if [ -x $i/$1 ]; then
 170                         IFS="$saved_IFS"
 171                         return 0
 172                 fi
 173         done
 174         IFS="$saved_IFS"
 175         return 1
 176 }
 177
 178 cleanup ()
 179 {
 180         if [ -f $PIDFILE ]; then
 181                 pid=`$SUDO cat $PIDFILE`
 182                 if [ "X$pid" = "X" ]; then
 183                         echo no sshd running
 184                 else
 185                         if [ $pid -lt 2 ]; then
 186                                 echo bad pid for ssh: $pid
 187                         else
 188                                 $SUDO kill $pid
 189                                 trace "wait for sshd to exit"
 190                                 i=0;
 191                                 while [ -f $PIDFILE -a $i -lt 5 ]; do
 192                                         i=`expr $i + 1`
 193                                         sleep $i
 194                                 done
 195                                 test -f $PIDFILE && \
 196                                     fatal "sshd didn't exit port $PORT pid $pid"
 197                         fi
 198                 fi
 199         fi
 200 }
 201
 202 trace ()
 203 {
 204         echo "trace: $@" >>$TEST_SSH_LOGFILE
 205         if [ "X$TEST_SSH_TRACE" = "Xyes" ]; then
 206                 echo "$@"
 207         fi
 208 }
 209
 210 verbose ()
 211 {
 212         echo "verbose: $@" >>$TEST_SSH_LOGFILE
 213         if [ "X$TEST_SSH_QUIET" != "Xyes" ]; then
 214                 echo "$@"
 215         fi
 216 }
 217
 218 warn ()
 219 {
 220         echo "WARNING: $@" >>$TEST_SSH_LOGFILE
 221         echo "WARNING: $@"
 222 }
 223
 224 fail ()
 225 {
 226         echo "FAIL: $@" >>$TEST_SSH_LOGFILE
 227         RESULT=1
 228         echo "$@"
 229 }
 230
 231 fatal ()
 232 {
 233         echo "FATAL: $@" >>$TEST_SSH_LOGFILE
 234         echon "FATAL: "
 235         fail "$@"
 236         cleanup
 237         exit $RESULT
 238 }
 239
 240 # Check whether preprocessor symbols are defined in config.h.
 241 config_defined ()
 242 {
 243         str=$1
 244         while test "x$2" != "x" ; do
 245                 str="$str|$2"
 246                 shift
 247         done
 248         egrep "^#define.*($str)" ${BUILDDIR}/config.h >/dev/null 2>&1
 249 }
 250
 251 RESULT=0
 252 PIDFILE=$OBJ/pidfile
 253
 254 trap fatal 3 2
 255
 256 # create server config
 257 cat << EOF > $OBJ/sshd_config
 258         StrictModes             no
 259         Port                    $PORT
 260         Protocol                2,1
 261         AddressFamily           inet
 262         ListenAddress           127.0.0.1
 263         #ListenAddress          ::1
 264         PidFile                 $PIDFILE
 265         AuthorizedKeysFile      $OBJ/authorized_keys_%u
 266         LogLevel                VERBOSE
 267         AcceptEnv               _XXX_TEST_*
 268         AcceptEnv               _XXX_TEST
 269         Subsystem       sftp    $SFTPSERVER
 270 EOF
 271
 272 if [ ! -z "$TEST_SSH_SSHD_CONFOPTS" ]; then
 273         trace "adding sshd_config option $TEST_SSH_SSHD_CONFOPTS"
 274         echo "$TEST_SSH_SSHD_CONFOPTS" >> $OBJ/sshd_config
 275 fi
 276
 277 # server config for proxy connects
 278 cp $OBJ/sshd_config $OBJ/sshd_proxy
 279
 280 # allow group-writable directories in proxy-mode
 281 echo 'StrictModes no' >> $OBJ/sshd_proxy
 282
 283 # create client config
 284 cat << EOF > $OBJ/ssh_config
 285 Host *
 286         Protocol                2,1
 287         Hostname                127.0.0.1
 288         HostKeyAlias            localhost-with-alias
 289         Port                    $PORT
 290         User                    $USER
 291         GlobalKnownHostsFile    $OBJ/known_hosts
 292         UserKnownHostsFile      $OBJ/known_hosts
 293         RSAAuthentication       yes
 294         PubkeyAuthentication    yes
 295         ChallengeResponseAuthentication no
 296         HostbasedAuthentication no
 297         PasswordAuthentication  no
 298         BatchMode               yes
 299         StrictHostKeyChecking   yes
 300 EOF
 301
 302 if [ ! -z "$TEST_SSH_SSH_CONFOPTS" ]; then
 303         trace "adding ssh_config option $TEST_SSH_SSHD_CONFOPTS"
 304         echo "$TEST_SSH_SSH_CONFOPTS" >> $OBJ/ssh_config
 305 fi
 306
 307 rm -f $OBJ/known_hosts $OBJ/authorized_keys_$USER
 308
 309 trace "generate keys"
 310 for t in rsa rsa1; do
 311         # generate user key
 312         rm -f $OBJ/$t
 313         ${SSHKEYGEN} -b 1024 -q -N '' -t $t  -f $OBJ/$t ||\
 314                 fail "ssh-keygen for $t failed"
 315
 316         # known hosts file for client
 317         (
 318                 echon 'localhost-with-alias,127.0.0.1,::1 '
 319                 cat $OBJ/$t.pub
 320         ) >> $OBJ/known_hosts
 321
 322         # setup authorized keys
 323         cat $OBJ/$t.pub >> $OBJ/authorized_keys_$USER
 324         echo IdentityFile $OBJ/$t >> $OBJ/ssh_config
 325
 326         # use key as host key, too
 327         $SUDO cp $OBJ/$t $OBJ/host.$t
 328         echo HostKey $OBJ/host.$t >> $OBJ/sshd_config
 329
 330         # don't use SUDO for proxy connect
 331         echo HostKey $OBJ/$t >> $OBJ/sshd_proxy
 332 done
 333 chmod 644 $OBJ/authorized_keys_$USER
 334
 335 # Activate Twisted Conch tests if the binary is present
 336 REGRESS_INTEROP_CONCH=no
 337 if test -x "$CONCH" ; then
 338         REGRESS_INTEROP_CONCH=yes
 339 fi
 340
 341 # If PuTTY is present and we are running a PuTTY test, prepare keys and
 342 # configuration
 343 REGRESS_INTEROP_PUTTY=no
 344 if test -x "$PUTTYGEN" -a -x "$PLINK" ; then
 345         REGRESS_INTEROP_PUTTY=yes
 346 fi
 347 case "$SCRIPT" in
 348 *putty*)        ;;
 349 *)              REGRESS_INTEROP_PUTTY=no ;;
 350 esac
 351
 352 if test "$REGRESS_INTEROP_PUTTY" = "yes" ; then
 353         mkdir -p ${OBJ}/.putty
 354
 355         # Add a PuTTY key to authorized_keys
 356         rm -f ${OBJ}/putty.rsa2
 357         puttygen -t rsa -o ${OBJ}/putty.rsa2 < /dev/null > /dev/null
 358         puttygen -O public-openssh ${OBJ}/putty.rsa2 \
 359             >> $OBJ/authorized_keys_$USER
 360
 361         # Convert rsa2 host key to PuTTY format
 362         ${SRC}/ssh2putty.sh 127.0.0.1 $PORT $OBJ/rsa > \
 363             ${OBJ}/.putty/sshhostkeys
 364         ${SRC}/ssh2putty.sh 127.0.0.1 22 $OBJ/rsa >> \
 365             ${OBJ}/.putty/sshhostkeys
 366
 367         # Setup proxied session
 368         mkdir -p ${OBJ}/.putty/sessions
 369         rm -f ${OBJ}/.putty/sessions/localhost_proxy
 370         echo "Hostname=127.0.0.1" >> ${OBJ}/.putty/sessions/localhost_proxy
 371         echo "PortNumber=$PORT" >> ${OBJ}/.putty/sessions/localhost_proxy
 372         echo "ProxyMethod=5" >> ${OBJ}/.putty/sessions/localhost_proxy
 373         echo "ProxyTelnetCommand=sh ${SRC}/sshd-log-wrapper.sh ${SSHD} ${TEST_SSH_LOGFILE} -i -f $OBJ/sshd_proxy" >> ${OBJ}/.putty/sessions/localhost_proxy
 374
 375         REGRESS_INTEROP_PUTTY=yes
 376 fi
 377
 378 # create a proxy version of the client config
 379 (
 380         cat $OBJ/ssh_config
 381         echo proxycommand ${SUDO} sh ${SRC}/sshd-log-wrapper.sh ${SSHD} ${TEST_SSH_LOGFILE} -i -f $OBJ/sshd_proxy
 382 ) > $OBJ/ssh_proxy
 383
 384 # check proxy config
 385 ${SSHD} -t -f $OBJ/sshd_proxy   || fatal "sshd_proxy broken"
 386
 387 start_sshd ()
 388 {
 389         # start sshd
 390         $SUDO ${SSHD} -f $OBJ/sshd_config "$@" -t || fatal "sshd_config broken"
 391         $SUDO ${SSHD} -f $OBJ/sshd_config -e "$@" >>$TEST_SSH_LOGFILE 2>&1
 392
 393         trace "wait for sshd"
 394         i=0;
 395         while [ ! -f $PIDFILE -a $i -lt 10 ]; do
 396                 i=`expr $i + 1`
 397                 sleep $i
 398         done
 399
 400         test -f $PIDFILE || fatal "no sshd running on port $PORT"
 401 }
 402
 403 # source test body
 404 . $SCRIPT
 405
 406 # kill sshd
 407 cleanup
 408 if [ $RESULT -eq 0 ]; then
 409         verbose ok $tid
 410 else
 411         echo failed $tid
 412 fi
 413 exit $RESULT