1323124Sdes#	$OpenBSD: forwarding.sh,v 1.16 2016/04/14 23:57:17 djm Exp $
298937Sdes#	Placed in the Public Domain.
398937Sdes
498937Sdestid="local and remote forwarding"
5255670Sdes
6124208SdesDATA=/bin/ls${EXEEXT}
798937Sdes
898937Sdesstart_sshd
998937Sdes
1098937Sdesbase=33
1198937Sdeslast=$PORT
1298937Sdesfwd=""
13295367SdesCTL=$OBJ/ctl-sock
14295367Sdesrm -f $CTL
15295367Sdes
1698937Sdesfor j in 0 1 2; do
1798937Sdes	for i in 0 1 2; do
1898937Sdes		a=$base$j$i
1998937Sdes		b=`expr $a + 50`
2098937Sdes		c=$last
2198937Sdes		# fwd chain: $a -> $b -> $c
2298937Sdes		fwd="$fwd -L$a:127.0.0.1:$b -R$b:127.0.0.1:$c"
2398937Sdes		last=$a
2498937Sdes	done
2598937Sdesdone
26295367Sdesfor p in ${SSH_PROTOCOLS}; do
2798937Sdes	q=`expr 3 - $p`
28295367Sdes	if ! ssh_version $q; then
29295367Sdes		q=$p
30295367Sdes	fi
3198937Sdes	trace "start forwarding, fork to background"
3298937Sdes	${SSH} -$p -F $OBJ/ssh_config -f $fwd somehost sleep 10
3398937Sdes
3498937Sdes	trace "transfer over forwarded channels and check result"
3598937Sdes	${SSH} -$q -F $OBJ/ssh_config -p$last -o 'ConnectionAttempts=4' \
36255670Sdes		somehost cat ${DATA} > ${COPY}
37295367Sdes	test -s ${COPY}		|| fail "failed copy of ${DATA}"
38255670Sdes	cmp ${DATA} ${COPY}	|| fail "corrupted copy of ${DATA}"
3998937Sdes
4098937Sdes	sleep 10
4198937Sdesdone
42157016Sdes
43295367Sdesfor p in ${SSH_PROTOCOLS}; do
44162852Sdesfor d in L R; do
45162852Sdes	trace "exit on -$d forward failure, proto $p"
46162852Sdes
47162852Sdes	# this one should succeed
48162852Sdes	${SSH} -$p -F $OBJ/ssh_config \
49162852Sdes	    -$d ${base}01:127.0.0.1:$PORT \
50162852Sdes	    -$d ${base}02:127.0.0.1:$PORT \
51162852Sdes	    -$d ${base}03:127.0.0.1:$PORT \
52162852Sdes	    -$d ${base}04:127.0.0.1:$PORT \
53162852Sdes	    -oExitOnForwardFailure=yes somehost true
54162852Sdes	if [ $? != 0 ]; then
55162852Sdes		fail "connection failed, should not"
56162852Sdes	else
57162852Sdes		# this one should fail
58162852Sdes		${SSH} -q -$p -F $OBJ/ssh_config \
59162852Sdes		    -$d ${base}01:127.0.0.1:$PORT \
60162852Sdes		    -$d ${base}02:127.0.0.1:$PORT \
61162852Sdes		    -$d ${base}03:127.0.0.1:$PORT \
62323124Sdes		    -$d ${base}01:localhost:$PORT \
63162852Sdes		    -$d ${base}04:127.0.0.1:$PORT \
64162852Sdes		    -oExitOnForwardFailure=yes somehost true
65162852Sdes		r=$?
66162852Sdes		if [ $r != 255 ]; then
67162852Sdes			fail "connection not termintated, but should ($r)"
68162852Sdes		fi
69162852Sdes	fi
70162852Sdesdone
71162852Sdesdone
72162852Sdes
73295367Sdesfor p in ${SSH_PROTOCOLS}; do
74157016Sdes	trace "simple clear forwarding proto $p"
75157016Sdes	${SSH} -$p -F $OBJ/ssh_config -oClearAllForwardings=yes somehost true
76157016Sdes
77157016Sdes	trace "clear local forward proto $p"
78157016Sdes	${SSH} -$p -f -F $OBJ/ssh_config -L ${base}01:127.0.0.1:$PORT \
79157016Sdes	    -oClearAllForwardings=yes somehost sleep 10
80157016Sdes	if [ $? != 0 ]; then
81157016Sdes		fail "connection failed with cleared local forwarding"
82157016Sdes	else
83157016Sdes		# this one should fail
84157016Sdes		${SSH} -$p -F $OBJ/ssh_config -p ${base}01 true \
85255670Sdes		     >>$TEST_REGRESS_LOGFILE 2>&1 && \
86157016Sdes			fail "local forwarding not cleared"
87157016Sdes	fi
88157016Sdes	sleep 10
89157016Sdes	
90157016Sdes	trace "clear remote forward proto $p"
91157016Sdes	${SSH} -$p -f -F $OBJ/ssh_config -R ${base}01:127.0.0.1:$PORT \
92157016Sdes	    -oClearAllForwardings=yes somehost sleep 10
93157016Sdes	if [ $? != 0 ]; then
94157016Sdes		fail "connection failed with cleared remote forwarding"
95157016Sdes	else
96157016Sdes		# this one should fail
97157016Sdes		${SSH} -$p -F $OBJ/ssh_config -p ${base}01 true \
98255670Sdes		     >>$TEST_REGRESS_LOGFILE 2>&1 && \
99157016Sdes			fail "remote forwarding not cleared"
100157016Sdes	fi
101157016Sdes	sleep 10
102157016Sdesdone
103204861Sdes
104204861Sdesfor p in 2; do
105204861Sdes	trace "stdio forwarding proto $p"
106204861Sdes	cmd="${SSH} -$p -F $OBJ/ssh_config"
107204861Sdes	$cmd -o "ProxyCommand $cmd -q -W localhost:$PORT somehost" \
108204861Sdes		somehost true
109204861Sdes	if [ $? != 0 ]; then
110204861Sdes		fail "stdio forwarding proto $p"
111204861Sdes	fi
112204861Sdesdone
113255670Sdes
114255670Sdesecho "LocalForward ${base}01 127.0.0.1:$PORT" >> $OBJ/ssh_config
115255670Sdesecho "RemoteForward ${base}02 127.0.0.1:${base}01" >> $OBJ/ssh_config
116295367Sdesfor p in ${SSH_PROTOCOLS}; do
117255670Sdes	trace "config file: start forwarding, fork to background"
118295367Sdes	${SSH} -S $CTL -M -$p -F $OBJ/ssh_config -f somehost sleep 10
119255670Sdes
120255670Sdes	trace "config file: transfer over forwarded channels and check result"
121255670Sdes	${SSH} -F $OBJ/ssh_config -p${base}02 -o 'ConnectionAttempts=4' \
122255670Sdes		somehost cat ${DATA} > ${COPY}
123295367Sdes	test -s ${COPY}		|| fail "failed copy of ${DATA}"
124255670Sdes	cmp ${DATA} ${COPY}	|| fail "corrupted copy of ${DATA}"
125255670Sdes
126295367Sdes	${SSH} -S $CTL -O exit somehost
127255670Sdesdone
128295367Sdes
129295367Sdesfor p in 2; do
130295367Sdes	trace "transfer over chained unix domain socket forwards and check result"
131295367Sdes	rm -f $OBJ/unix-[123].fwd
132295367Sdes	${SSH} -f -F $OBJ/ssh_config -R${base}01:[$OBJ/unix-1.fwd] somehost sleep 10
133295367Sdes	${SSH} -f -F $OBJ/ssh_config -L[$OBJ/unix-1.fwd]:[$OBJ/unix-2.fwd] somehost sleep 10
134295367Sdes	${SSH} -f -F $OBJ/ssh_config -R[$OBJ/unix-2.fwd]:[$OBJ/unix-3.fwd] somehost sleep 10
135295367Sdes	${SSH} -f -F $OBJ/ssh_config -L[$OBJ/unix-3.fwd]:127.0.0.1:$PORT somehost sleep 10
136295367Sdes	${SSH} -F $OBJ/ssh_config -p${base}01 -o 'ConnectionAttempts=4' \
137295367Sdes		somehost cat ${DATA} > ${COPY}
138295367Sdes	test -s ${COPY}			|| fail "failed copy ${DATA}"
139295367Sdes	cmp ${DATA} ${COPY}		|| fail "corrupted copy of ${DATA}"
140295367Sdes
141295367Sdes	#wait
142295367Sdes	sleep 10
143295367Sdesdone
144