integrity.sh revision 323121 
1#	$OpenBSD: integrity.sh,v 1.16 2015/03/24 20:22:17 markus Exp $
2#	Placed in the Public Domain.
3
4tid="integrity"
5cp $OBJ/sshd_proxy $OBJ/sshd_proxy_bak
6
7# start at byte 2900 (i.e. after kex) and corrupt at different offsets
8# XXX the test hangs if we modify the low bytes of the packet length
9# XXX and ssh tries to read...
10tries=10
11startoffset=2900
12macs=`${SSH} -Q mac`
13# The following are not MACs, but ciphers with integrated integrity. They are
14# handled specially below.
15macs="$macs `${SSH} -Q cipher-auth`"
16
17# avoid DH group exchange as the extra traffic makes it harder to get the
18# offset into the stream right.
19echo "KexAlgorithms diffie-hellman-group14-sha1,diffie-hellman-group1-sha1" \
20	>> $OBJ/ssh_proxy
21
22# sshd-command for proxy (see test-exec.sh)
23cmd="$SUDO sh ${SRC}/sshd-log-wrapper.sh ${TEST_SSHD_LOGFILE} ${SSHD} -i -f $OBJ/sshd_proxy"
24
25for m in $macs; do
26	trace "test $tid: mac $m"
27	elen=0
28	epad=0
29	emac=0
30	ecnt=0
31	skip=0
32	for off in `jot $tries $startoffset`; do
33		skip=`expr $skip - 1`
34		if [ $skip -gt 0 ]; then
35			# avoid modifying the high bytes of the length
36			continue
37		fi
38		cp $OBJ/sshd_proxy_bak $OBJ/sshd_proxy
39		# modify output from sshd at offset $off
40		pxy="proxycommand=$cmd | $OBJ/modpipe -wm xor:$off:1"
41		if ${SSH} -Q cipher-auth | grep "^${m}\$" >/dev/null 2>&1 ; then
42			echo "Ciphers=$m" >> $OBJ/sshd_proxy
43			macopt="-c $m"
44		else
45			echo "Ciphers=aes128-ctr" >> $OBJ/sshd_proxy
46			echo "MACs=$m" >> $OBJ/sshd_proxy
47			macopt="-m $m -c aes128-ctr"
48		fi
49		verbose "test $tid: $m @$off"
50		${SSH} $macopt -2F $OBJ/ssh_proxy -o "$pxy" \
51		    -oServerAliveInterval=1 -oServerAliveCountMax=30 \
52		    999.999.999.999 'printf "%4096s" " "' >/dev/null
53		if [ $? -eq 0 ]; then
54			fail "ssh -m $m succeeds with bit-flip at $off"
55		fi
56		ecnt=`expr $ecnt + 1`
57		out=$(tail -2 $TEST_SSH_LOGFILE | egrep -v "^debug" | \
58		     tr -s '\r\n' '.')
59		case "$out" in
60		Bad?packet*)	elen=`expr $elen + 1`; skip=3;;
61		Corrupted?MAC* | *message?authentication?code?incorrect*)
62				emac=`expr $emac + 1`; skip=0;;
63		padding*)	epad=`expr $epad + 1`; skip=0;;
64		*)		fail "unexpected error mac $m at $off: $out";;
65		esac
66	done
67	verbose "test $tid: $ecnt errors: mac $emac padding $epad length $elen"
68	if [ $emac -eq 0 ]; then
69		fail "$m: no mac errors"
70	fi
71	expect=`expr $ecnt - $epad - $elen`
72	if [ $emac -ne $expect ]; then
73		fail "$m: expected $expect mac errors, got $emac"
74	fi
75done
76