regress/test-exec.sh

   1 #       $OpenBSD: test-exec.sh,v 1.37 2010/02/24 06:21:56 djm Exp $
   2 #       Placed in the Public Domain.
   3
   4 #SUDO=sudo
   5
   6 # Unbreak GNU head(1)
   7 _POSIX2_VERSION=199209
   8 export _POSIX2_VERSION
   9
  10 case `uname -s 2>/dev/null` in
  11 OSF1*)
  12         BIN_SH=xpg4
  13         export BIN_SH
  14         ;;
  15 esac
  16
  17 if [ ! -z "$TEST_SSH_PORT" ]; then
  18         PORT="$TEST_SSH_PORT"
  19 else
  20         PORT=4242
  21 fi
  22
  23 if [ -x /usr/ucb/whoami ]; then
  24         USER=`/usr/ucb/whoami`
  25 elif whoami >/dev/null 2>&1; then
  26         USER=`whoami`
  27 elif logname >/dev/null 2>&1; then
  28         USER=`logname`
  29 else
  30         USER=`id -un`
  31 fi
  32
  33 OBJ=$1
  34 if [ "x$OBJ" = "x" ]; then
  35         echo '$OBJ not defined'
  36         exit 2
  37 fi
  38 if [ ! -d $OBJ ]; then
  39         echo "not a directory: $OBJ"
  40         exit 2
  41 fi
  42 SCRIPT=$2
  43 if [ "x$SCRIPT" = "x" ]; then
  44         echo '$SCRIPT not defined'
  45         exit 2
  46 fi
  47 if [ ! -f $SCRIPT ]; then
  48         echo "not a file: $SCRIPT"
  49         exit 2
  50 fi
  51 if $TEST_SHELL -n $SCRIPT; then
  52         true
  53 else
  54         echo "syntax error in $SCRIPT"
  55         exit 2
  56 fi
  57 unset SSH_AUTH_SOCK
  58
  59 SRC=`dirname ${SCRIPT}`
  60
  61 # defaults
  62 SSH=ssh
  63 SSHD=sshd
  64 SSHAGENT=ssh-agent
  65 SSHADD=ssh-add
  66 SSHKEYGEN=ssh-keygen
  67 SSHKEYSCAN=ssh-keyscan
  68 SFTP=sftp
  69 SFTPSERVER=/usr/libexec/openssh/sftp-server
  70 SCP=scp
  71
  72 # Interop testing
  73 PLINK=plink
  74 PUTTYGEN=puttygen
  75 CONCH=conch
  76
  77 if [ "x$TEST_SSH_SSH" != "x" ]; then
  78         SSH="${TEST_SSH_SSH}"
  79 fi
  80 if [ "x$TEST_SSH_SSHD" != "x" ]; then
  81         SSHD="${TEST_SSH_SSHD}"
  82 fi
  83 if [ "x$TEST_SSH_SSHAGENT" != "x" ]; then
  84         SSHAGENT="${TEST_SSH_SSHAGENT}"
  85 fi
  86 if [ "x$TEST_SSH_SSHADD" != "x" ]; then
  87         SSHADD="${TEST_SSH_SSHADD}"
  88 fi
  89 if [ "x$TEST_SSH_SSHKEYGEN" != "x" ]; then
  90         SSHKEYGEN="${TEST_SSH_SSHKEYGEN}"
  91 fi
  92 if [ "x$TEST_SSH_SSHKEYSCAN" != "x" ]; then
  93         SSHKEYSCAN="${TEST_SSH_SSHKEYSCAN}"
  94 fi
  95 if [ "x$TEST_SSH_SFTP" != "x" ]; then
  96         SFTP="${TEST_SSH_SFTP}"
  97 fi
  98 if [ "x$TEST_SSH_SFTPSERVER" != "x" ]; then
  99         SFTPSERVER="${TEST_SSH_SFTPSERVER}"
 100 fi
 101 if [ "x$TEST_SSH_SCP" != "x" ]; then
 102         SCP="${TEST_SSH_SCP}"
 103 fi
 104 if [ "x$TEST_SSH_PLINK" != "x" ]; then
 105         # Find real binary, if it exists
 106         case "${TEST_SSH_PLINK}" in
 107         /*) PLINK="${TEST_SSH_PLINK}" ;;
 108         *) PLINK=`which ${TEST_SSH_PLINK} 2>/dev/null` ;;
 109         esac
 110 fi
 111 if [ "x$TEST_SSH_PUTTYGEN" != "x" ]; then
 112         # Find real binary, if it exists
 113         case "${TEST_SSH_PUTTYGEN}" in
 114         /*) PUTTYGEN="${TEST_SSH_PUTTYGEN}" ;;
 115         *) PUTTYGEN=`which ${TEST_SSH_PUTTYGEN} 2>/dev/null` ;;
 116         esac
 117 fi
 118 if [ "x$TEST_SSH_CONCH" != "x" ]; then
 119         # Find real binary, if it exists
 120         case "${TEST_SSH_CONCH}" in
 121         /*) CONCH="${TEST_SSH_CONCH}" ;;
 122         *) CONCH=`which ${TEST_SSH_CONCH} 2>/dev/null` ;;
 123         esac
 124 fi
 125
 126 # Path to sshd must be absolute for rexec
 127 case "$SSHD" in
 128 /*) ;;
 129 *) SSHD=`which sshd` ;;
 130 esac
 131
 132 if [ "x$TEST_SSH_LOGFILE" = "x" ]; then
 133         TEST_SSH_LOGFILE=/dev/null
 134 fi
 135
 136 # these should be used in tests
 137 export SSH SSHD SSHAGENT SSHADD SSHKEYGEN SSHKEYSCAN SFTP SFTPSERVER SCP
 138 #echo $SSH $SSHD $SSHAGENT $SSHADD $SSHKEYGEN $SSHKEYSCAN $SFTP $SFTPSERVER $SCP
 139
 140 # helper
 141 echon()
 142 {
 143        if [ "x`echo -n`" = "x" ]; then
 144                echo -n "$@"
 145        elif [ "x`echo '\c'`" = "x" ]; then
 146                echo "$@\c"
 147        else
 148                fatal "Don't know how to echo without newline."
 149        fi
 150 }
 151
 152 have_prog()
 153 {
 154         saved_IFS="$IFS"
 155         IFS=":"
 156         for i in $PATH
 157         do
 158                 if [ -x $i/$1 ]; then
 159                         IFS="$saved_IFS"
 160                         return 0
 161                 fi
 162         done
 163         IFS="$saved_IFS"
 164         return 1
 165 }
 166
 167 cleanup ()
 168 {
 169         if [ -f $PIDFILE ]; then
 170                 pid=`$SUDO cat $PIDFILE`
 171                 if [ "X$pid" = "X" ]; then
 172                         echo no sshd running
 173                 else
 174                         if [ $pid -lt 2 ]; then
 175                                 echo bad pid for ssh: $pid
 176                         else
 177                                 $SUDO kill $pid
 178                                 trace "wait for sshd to exit"
 179                                 i=0;
 180                                 while [ -f $PIDFILE -a $i -lt 5 ]; do
 181                                         i=`expr $i + 1`
 182                                         sleep $i
 183                                 done
 184                                 test -f $PIDFILE && \
 185                                     fatal "sshd didn't exit port $PORT pid $pid"
 186                         fi
 187                 fi
 188         fi
 189 }
 190
 191 trace ()
 192 {
 193         echo "trace: $@" >>$TEST_SSH_LOGFILE
 194         if [ "X$TEST_SSH_TRACE" = "Xyes" ]; then
 195                 echo "$@"
 196         fi
 197 }
 198
 199 verbose ()
 200 {
 201         echo "verbose: $@" >>$TEST_SSH_LOGFILE
 202         if [ "X$TEST_SSH_QUIET" != "Xyes" ]; then
 203                 echo "$@"
 204         fi
 205 }
 206
 207
 208 fail ()
 209 {
 210         echo "FAIL: $@" >>$TEST_SSH_LOGFILE
 211         RESULT=1
 212         echo "$@"
 213 }
 214
 215 fatal ()
 216 {
 217         echo "FATAL: $@" >>$TEST_SSH_LOGFILE
 218         echon "FATAL: "
 219         fail "$@"
 220         cleanup
 221         exit $RESULT
 222 }
 223
 224 # Check whether preprocessor symbols are defined in config.h.
 225 config_defined ()
 226 {
 227         str=$1
 228         while test "x$2" != "x" ; do
 229                 str="$str|$2"
 230                 shift
 231         done
 232         egrep "^#define.*($str)" ${BUILDDIR}/config.h >/dev/null 2>&1
 233 }
 234
 235 RESULT=0
 236 PIDFILE=$OBJ/pidfile
 237
 238 trap fatal 3 2
 239
 240 # create server config
 241 cat << EOF > $OBJ/sshd_config
 242         StrictModes             no
 243         Port                    $PORT
 244         Protocol                2,1
 245         AddressFamily           inet
 246         ListenAddress           127.0.0.1
 247         #ListenAddress          ::1
 248         PidFile                 $PIDFILE
 249         AuthorizedKeysFile      $OBJ/authorized_keys_%u
 250         LogLevel                VERBOSE
 251         AcceptEnv               _XXX_TEST_*
 252         AcceptEnv               _XXX_TEST
 253         Subsystem       sftp    $SFTPSERVER
 254 EOF
 255
 256 if [ ! -z "$TEST_SSH_SSHD_CONFOPTS" ]; then
 257         trace "adding sshd_config option $TEST_SSH_SSHD_CONFOPTS"
 258         echo "$TEST_SSH_SSHD_CONFOPTS" >> $OBJ/sshd_config
 259 fi
 260
 261 # server config for proxy connects
 262 cp $OBJ/sshd_config $OBJ/sshd_proxy
 263
 264 # allow group-writable directories in proxy-mode
 265 echo 'StrictModes no' >> $OBJ/sshd_proxy
 266
 267 # create client config
 268 cat << EOF > $OBJ/ssh_config
 269 Host *
 270         Protocol                2,1
 271         Hostname                127.0.0.1
 272         HostKeyAlias            localhost-with-alias
 273         Port                    $PORT
 274         User                    $USER
 275         GlobalKnownHostsFile    $OBJ/known_hosts
 276         UserKnownHostsFile      $OBJ/known_hosts
 277         RSAAuthentication       yes
 278         PubkeyAuthentication    yes
 279         ChallengeResponseAuthentication no
 280         HostbasedAuthentication no
 281         PasswordAuthentication  no
 282         BatchMode               yes
 283         StrictHostKeyChecking   yes
 284 EOF
 285
 286 if [ ! -z "$TEST_SSH_SSH_CONFOPTS" ]; then
 287         trace "adding ssh_config option $TEST_SSH_SSHD_CONFOPTS"
 288         echo "$TEST_SSH_SSH_CONFOPTS" >> $OBJ/ssh_config
 289 fi
 290
 291 rm -f $OBJ/known_hosts $OBJ/authorized_keys_$USER
 292
 293 trace "generate keys"
 294 for t in rsa rsa1; do
 295         # generate user key
 296         rm -f $OBJ/$t
 297         ${SSHKEYGEN} -b 1024 -q -N '' -t $t  -f $OBJ/$t ||\
 298                 fail "ssh-keygen for $t failed"
 299
 300         # known hosts file for client
 301         (
 302                 echon 'localhost-with-alias,127.0.0.1,::1 '
 303                 cat $OBJ/$t.pub
 304         ) >> $OBJ/known_hosts
 305
 306         # setup authorized keys
 307         cat $OBJ/$t.pub >> $OBJ/authorized_keys_$USER
 308         echo IdentityFile $OBJ/$t >> $OBJ/ssh_config
 309
 310         # use key as host key, too
 311         $SUDO cp $OBJ/$t $OBJ/host.$t
 312         echo HostKey $OBJ/host.$t >> $OBJ/sshd_config
 313
 314         # don't use SUDO for proxy connect
 315         echo HostKey $OBJ/$t >> $OBJ/sshd_proxy
 316 done
 317 chmod 644 $OBJ/authorized_keys_$USER
 318
 319 # Activate Twisted Conch tests if the binary is present
 320 REGRESS_INTEROP_CONCH=no
 321 if test -x "$CONCH" ; then
 322         REGRESS_INTEROP_CONCH=yes
 323 fi
 324
 325 # If PuTTY is present and we are running a PuTTY test, prepare keys and
 326 # configuration
 327 REGRESS_INTEROP_PUTTY=no
 328 if test -x "$PUTTYGEN" -a -x "$PLINK" ; then
 329         REGRESS_INTEROP_PUTTY=yes
 330 fi
 331 case "$SCRIPT" in
 332 *putty*)        ;;
 333 *)              REGRESS_INTEROP_PUTTY=no ;;
 334 esac
 335
 336 if test "$REGRESS_INTEROP_PUTTY" = "yes" ; then
 337         mkdir -p ${OBJ}/.putty
 338
 339         # Add a PuTTY key to authorized_keys
 340         rm -f ${OBJ}/putty.rsa2
 341         puttygen -t rsa -o ${OBJ}/putty.rsa2 < /dev/null > /dev/null
 342         puttygen -O public-openssh ${OBJ}/putty.rsa2 \
 343             >> $OBJ/authorized_keys_$USER
 344
 345         # Convert rsa2 host key to PuTTY format
 346         ${SRC}/ssh2putty.sh 127.0.0.1 $PORT $OBJ/rsa > \
 347             ${OBJ}/.putty/sshhostkeys
 348         ${SRC}/ssh2putty.sh 127.0.0.1 22 $OBJ/rsa >> \
 349             ${OBJ}/.putty/sshhostkeys
 350
 351         # Setup proxied session
 352         mkdir -p ${OBJ}/.putty/sessions
 353         rm -f ${OBJ}/.putty/sessions/localhost_proxy
 354         echo "Hostname=127.0.0.1" >> ${OBJ}/.putty/sessions/localhost_proxy
 355         echo "PortNumber=$PORT" >> ${OBJ}/.putty/sessions/localhost_proxy
 356         echo "ProxyMethod=5" >> ${OBJ}/.putty/sessions/localhost_proxy
 357         echo "ProxyTelnetCommand=sh ${SRC}/sshd-log-wrapper.sh ${SSHD} ${TEST_SSH_LOGFILE} -i -f $OBJ/sshd_proxy" >> ${OBJ}/.putty/sessions/localhost_proxy
 358
 359         REGRESS_INTEROP_PUTTY=yes
 360 fi
 361
 362 # create a proxy version of the client config
 363 (
 364         cat $OBJ/ssh_config
 365         echo proxycommand ${SUDO} sh ${SRC}/sshd-log-wrapper.sh ${SSHD} ${TEST_SSH_LOGFILE} -i -f $OBJ/sshd_proxy
 366 ) > $OBJ/ssh_proxy
 367
 368 # check proxy config
 369 ${SSHD} -t -f $OBJ/sshd_proxy   || fatal "sshd_proxy broken"
 370
 371 start_sshd ()
 372 {
 373         # start sshd
 374         $SUDO ${SSHD} -f $OBJ/sshd_config "$@" -t || fatal "sshd_config broken"
 375         $SUDO ${SSHD} -f $OBJ/sshd_config -e "$@" >>$TEST_SSH_LOGFILE 2>&1
 376
 377         trace "wait for sshd"
 378         i=0;
 379         while [ ! -f $PIDFILE -a $i -lt 10 ]; do
 380                 i=`expr $i + 1`
 381                 sleep $i
 382         done
 383
 384         test -f $PIDFILE || fatal "no sshd running on port $PORT"
 385 }
 386
 387 # source test body
 388 . $SCRIPT
 389
 390 # kill sshd
 391 cleanup
 392 if [ $RESULT -eq 0 ]; then
 393         verbose ok $tid
 394 else
 395         echo failed $tid
 396 fi
 397 exit $RESULT