1323136Sdes# $OpenBSD: test-exec.sh,v 1.59 2017/02/07 23:03:11 dtucker Exp $ 298937Sdes# Placed in the Public Domain. 398937Sdes 498937Sdes#SUDO=sudo 598937Sdes 6146998Sdes# Unbreak GNU head(1) 7146998Sdes_POSIX2_VERSION=199209 8146998Sdesexport _POSIX2_VERSION 9146998Sdes 10146998Sdescase `uname -s 2>/dev/null` in 11146998SdesOSF1*) 12146998Sdes BIN_SH=xpg4 13146998Sdes export BIN_SH 14146998Sdes ;; 15239849SdesCYGWIN_NT-5.0) 16239849Sdes os=cygwin 17239849Sdes TEST_SSH_IPV6=no 18239849Sdes ;; 19239849SdesCYGWIN*) 20239849Sdes os=cygwin 21239849Sdes ;; 22146998Sdesesac 23146998Sdes 24137015Sdesif [ ! -z "$TEST_SSH_PORT" ]; then 25137015Sdes PORT="$TEST_SSH_PORT" 26137015Sdeselse 27137015Sdes PORT=4242 28137015Sdesfi 29137015Sdes 30124208Sdesif [ -x /usr/ucb/whoami ]; then 31124208Sdes USER=`/usr/ucb/whoami` 32124208Sdeselif whoami >/dev/null 2>&1; then 33124208Sdes USER=`whoami` 34157016Sdeselif logname >/dev/null 2>&1; then 35157016Sdes USER=`logname` 36124208Sdeselse 37124208Sdes USER=`id -un` 38124208Sdesfi 39124208Sdes 4098937SdesOBJ=$1 4198937Sdesif [ "x$OBJ" = "x" ]; then 4298937Sdes echo '$OBJ not defined' 4398937Sdes exit 2 4498937Sdesfi 4598937Sdesif [ ! -d $OBJ ]; then 4698937Sdes echo "not a directory: $OBJ" 4798937Sdes exit 2 4898937Sdesfi 4998937SdesSCRIPT=$2 5098937Sdesif [ "x$SCRIPT" = "x" ]; then 5198937Sdes echo '$SCRIPT not defined' 5298937Sdes exit 2 5398937Sdesfi 5498937Sdesif [ ! -f $SCRIPT ]; then 5598937Sdes echo "not a file: $SCRIPT" 5698937Sdes exit 2 5798937Sdesfi 58126274Sdesif $TEST_SHELL -n $SCRIPT; then 5998937Sdes true 6098937Sdeselse 6198937Sdes echo "syntax error in $SCRIPT" 6298937Sdes exit 2 6398937Sdesfi 6498937Sdesunset SSH_AUTH_SOCK 6598937Sdes 66146998SdesSRC=`dirname ${SCRIPT}` 67146998Sdes 6898937Sdes# defaults 6998937SdesSSH=ssh 7098937SdesSSHD=sshd 7198937SdesSSHAGENT=ssh-agent 7298937SdesSSHADD=ssh-add 7398937SdesSSHKEYGEN=ssh-keygen 7498937SdesSSHKEYSCAN=ssh-keyscan 7598937SdesSFTP=sftp 7698937SdesSFTPSERVER=/usr/libexec/openssh/sftp-server 77137015SdesSCP=scp 7898937Sdes 79180746Sdes# Interop testing 80180750SdesPLINK=plink 81180750SdesPUTTYGEN=puttygen 82180750SdesCONCH=conch 83180746Sdes 8498937Sdesif [ "x$TEST_SSH_SSH" != "x" ]; then 85128456Sdes SSH="${TEST_SSH_SSH}" 8698937Sdesfi 8798937Sdesif [ "x$TEST_SSH_SSHD" != "x" ]; then 88128456Sdes SSHD="${TEST_SSH_SSHD}" 8998937Sdesfi 9098937Sdesif [ "x$TEST_SSH_SSHAGENT" != "x" ]; then 91128456Sdes SSHAGENT="${TEST_SSH_SSHAGENT}" 9298937Sdesfi 9398937Sdesif [ "x$TEST_SSH_SSHADD" != "x" ]; then 94128456Sdes SSHADD="${TEST_SSH_SSHADD}" 9598937Sdesfi 9698937Sdesif [ "x$TEST_SSH_SSHKEYGEN" != "x" ]; then 97128456Sdes SSHKEYGEN="${TEST_SSH_SSHKEYGEN}" 9898937Sdesfi 9998937Sdesif [ "x$TEST_SSH_SSHKEYSCAN" != "x" ]; then 100128456Sdes SSHKEYSCAN="${TEST_SSH_SSHKEYSCAN}" 10198937Sdesfi 10298937Sdesif [ "x$TEST_SSH_SFTP" != "x" ]; then 103128456Sdes SFTP="${TEST_SSH_SFTP}" 10498937Sdesfi 10598937Sdesif [ "x$TEST_SSH_SFTPSERVER" != "x" ]; then 106128456Sdes SFTPSERVER="${TEST_SSH_SFTPSERVER}" 10798937Sdesfi 108137015Sdesif [ "x$TEST_SSH_SCP" != "x" ]; then 109137015Sdes SCP="${TEST_SSH_SCP}" 110137015Sdesfi 111180746Sdesif [ "x$TEST_SSH_PLINK" != "x" ]; then 112180746Sdes # Find real binary, if it exists 113180746Sdes case "${TEST_SSH_PLINK}" in 114180746Sdes /*) PLINK="${TEST_SSH_PLINK}" ;; 115180746Sdes *) PLINK=`which ${TEST_SSH_PLINK} 2>/dev/null` ;; 116180746Sdes esac 117180746Sdesfi 118180746Sdesif [ "x$TEST_SSH_PUTTYGEN" != "x" ]; then 119180746Sdes # Find real binary, if it exists 120180746Sdes case "${TEST_SSH_PUTTYGEN}" in 121180746Sdes /*) PUTTYGEN="${TEST_SSH_PUTTYGEN}" ;; 122180746Sdes *) PUTTYGEN=`which ${TEST_SSH_PUTTYGEN} 2>/dev/null` ;; 123180746Sdes esac 124180746Sdesfi 125180750Sdesif [ "x$TEST_SSH_CONCH" != "x" ]; then 126180750Sdes # Find real binary, if it exists 127180750Sdes case "${TEST_SSH_CONCH}" in 128180750Sdes /*) CONCH="${TEST_SSH_CONCH}" ;; 129180750Sdes *) CONCH=`which ${TEST_SSH_CONCH} 2>/dev/null` ;; 130180750Sdes esac 131180750Sdesfi 13298937Sdes 133323134SdesSSH_PROTOCOLS=2 134323134Sdes#SSH_PROTOCOLS=`$SSH -Q protocol-version` 135294332Sdesif [ "x$TEST_SSH_PROTOCOLS" != "x" ]; then 136294332Sdes SSH_PROTOCOLS="${TEST_SSH_PROTOCOLS}" 137294332Sdesfi 138294332Sdes 139137015Sdes# Path to sshd must be absolute for rexec 140149749Sdescase "$SSHD" in 141149749Sdes/*) ;; 142261320Sdes*) SSHD=`which $SSHD` ;; 143149749Sdesesac 144137015Sdes 145261320Sdescase "$SSHAGENT" in 146261320Sdes/*) ;; 147261320Sdes*) SSHAGENT=`which $SSHAGENT` ;; 148261320Sdesesac 149261320Sdes 150294332Sdes# Record the actual binaries used. 151294332SdesSSH_BIN=${SSH} 152294332SdesSSHD_BIN=${SSHD} 153294332SdesSSHAGENT_BIN=${SSHAGENT} 154294332SdesSSHADD_BIN=${SSHADD} 155294332SdesSSHKEYGEN_BIN=${SSHKEYGEN} 156294332SdesSSHKEYSCAN_BIN=${SSHKEYSCAN} 157294332SdesSFTP_BIN=${SFTP} 158294332SdesSFTPSERVER_BIN=${SFTPSERVER} 159294332SdesSCP_BIN=${SCP} 160294332Sdes 161294332Sdesif [ "x$USE_VALGRIND" != "x" ]; then 162294332Sdes mkdir -p $OBJ/valgrind-out 163294332Sdes VG_TEST=`basename $SCRIPT .sh` 164294332Sdes 165294332Sdes # Some tests are difficult to fix. 166294332Sdes case "$VG_TEST" in 167294332Sdes connect-privsep|reexec) 168294332Sdes VG_SKIP=1 ;; 169294332Sdes esac 170294332Sdes 171294332Sdes if [ x"$VG_SKIP" = "x" ]; then 172294332Sdes VG_IGNORE="/bin/*,/sbin/*,/usr/*,/var/*" 173294332Sdes VG_LOG="$OBJ/valgrind-out/${VG_TEST}." 174294332Sdes VG_OPTS="--track-origins=yes --leak-check=full" 175294332Sdes VG_OPTS="$VG_OPTS --trace-children=yes" 176294332Sdes VG_OPTS="$VG_OPTS --trace-children-skip=${VG_IGNORE}" 177294332Sdes VG_PATH="valgrind" 178294332Sdes if [ "x$VALGRIND_PATH" != "x" ]; then 179294332Sdes VG_PATH="$VALGRIND_PATH" 180294332Sdes fi 181294332Sdes VG="$VG_PATH $VG_OPTS" 182294332Sdes SSH="$VG --log-file=${VG_LOG}ssh.%p $SSH" 183294332Sdes SSHD="$VG --log-file=${VG_LOG}sshd.%p $SSHD" 184294332Sdes SSHAGENT="$VG --log-file=${VG_LOG}ssh-agent.%p $SSHAGENT" 185294332Sdes SSHADD="$VG --log-file=${VG_LOG}ssh-add.%p $SSHADD" 186294332Sdes SSHKEYGEN="$VG --log-file=${VG_LOG}ssh-keygen.%p $SSHKEYGEN" 187294332Sdes SSHKEYSCAN="$VG --log-file=${VG_LOG}ssh-keyscan.%p $SSHKEYSCAN" 188294332Sdes SFTP="$VG --log-file=${VG_LOG}sftp.%p ${SFTP}" 189294332Sdes SCP="$VG --log-file=${VG_LOG}scp.%p $SCP" 190294332Sdes cat > $OBJ/valgrind-sftp-server.sh << EOF 191294332Sdes#!/bin/sh 192294332Sdesexec $VG --log-file=${VG_LOG}sftp-server.%p $SFTPSERVER "\$@" 193294332SdesEOF 194294332Sdes chmod a+rx $OBJ/valgrind-sftp-server.sh 195294332Sdes SFTPSERVER="$OBJ/valgrind-sftp-server.sh" 196294332Sdes fi 197294332Sdesfi 198294332Sdes 199255670Sdes# Logfiles. 200255670Sdes# SSH_LOGFILE should be the debug output of ssh(1) only 201255670Sdes# SSHD_LOGFILE should be the debug output of sshd(8) only 202255670Sdes# REGRESS_LOGFILE is the output of the test itself stdout and stderr 203146998Sdesif [ "x$TEST_SSH_LOGFILE" = "x" ]; then 204255670Sdes TEST_SSH_LOGFILE=$OBJ/ssh.log 205146998Sdesfi 206255670Sdesif [ "x$TEST_SSHD_LOGFILE" = "x" ]; then 207255670Sdes TEST_SSHD_LOGFILE=$OBJ/sshd.log 208255670Sdesfi 209255670Sdesif [ "x$TEST_REGRESS_LOGFILE" = "x" ]; then 210255670Sdes TEST_REGRESS_LOGFILE=$OBJ/regress.log 211255670Sdesfi 212146998Sdes 213255670Sdes# truncate logfiles 214255670Sdes>$TEST_SSH_LOGFILE 215255670Sdes>$TEST_SSHD_LOGFILE 216255670Sdes>$TEST_REGRESS_LOGFILE 217248613Sdes 218255670Sdes# Create wrapper ssh with logging. We can't just specify "SSH=ssh -E..." 219255670Sdes# because sftp and scp don't handle spaces in arguments. 220255670SdesSSHLOGWRAP=$OBJ/ssh-log-wrapper.sh 221255670Sdesecho "#!/bin/sh" > $SSHLOGWRAP 222255670Sdesecho "exec ${SSH} -E${TEST_SSH_LOGFILE} "'"$@"' >>$SSHLOGWRAP 223255670Sdes 224255670Sdeschmod a+rx $OBJ/ssh-log-wrapper.sh 225323129SdesREAL_SSH="$SSH" 226255670SdesSSH="$SSHLOGWRAP" 227255670Sdes 228255670Sdes# Some test data. We make a copy because some tests will overwrite it. 229255670Sdes# The tests may assume that $DATA exists and is writable and $COPY does 230261320Sdes# not exist. Tests requiring larger data files can call increase_datafile_size 231261320Sdes# [kbytes] to ensure the file is at least that large. 232255670SdesDATANAME=data 233255670SdesDATA=$OBJ/${DATANAME} 234294332Sdescat ${SSHAGENT_BIN} >${DATA} 235255670Sdeschmod u+w ${DATA} 236255670SdesCOPY=$OBJ/copy 237255670Sdesrm -f ${COPY} 238255670Sdes 239261320Sdesincrease_datafile_size() 240261320Sdes{ 241261320Sdes while [ `du -k ${DATA} | cut -f1` -lt $1 ]; do 242294332Sdes cat ${SSHAGENT_BIN} >>${DATA} 243261320Sdes done 244261320Sdes} 245261320Sdes 24698937Sdes# these should be used in tests 247137015Sdesexport SSH SSHD SSHAGENT SSHADD SSHKEYGEN SSHKEYSCAN SFTP SFTPSERVER SCP 248137015Sdes#echo $SSH $SSHD $SSHAGENT $SSHADD $SSHKEYGEN $SSHKEYSCAN $SFTP $SFTPSERVER $SCP 24998937Sdes 250255670Sdes# Portable specific functions 251124208Sdeshave_prog() 252124208Sdes{ 253124208Sdes saved_IFS="$IFS" 254124208Sdes IFS=":" 255124208Sdes for i in $PATH 256124208Sdes do 257124208Sdes if [ -x $i/$1 ]; then 258124208Sdes IFS="$saved_IFS" 259124208Sdes return 0 260124208Sdes fi 261124208Sdes done 262124208Sdes IFS="$saved_IFS" 263124208Sdes return 1 264124208Sdes} 265124208Sdes 266255670Sdesjot() { 267255670Sdes awk "BEGIN { for (i = $2; i < $2 + $1; i++) { printf \"%d\n\", i } exit }" 268255670Sdes} 269255670Sdes 270255670Sdes# Check whether preprocessor symbols are defined in config.h. 271255670Sdesconfig_defined () 272255670Sdes{ 273255670Sdes str=$1 274255670Sdes while test "x$2" != "x" ; do 275255670Sdes str="$str|$2" 276255670Sdes shift 277255670Sdes done 278255670Sdes egrep "^#define.*($str)" ${BUILDDIR}/config.h >/dev/null 2>&1 279255670Sdes} 280255670Sdes 281255670Sdesmd5 () { 282255670Sdes if have_prog md5sum; then 283255670Sdes md5sum 284255670Sdes elif have_prog openssl; then 285255670Sdes openssl md5 286255670Sdes elif have_prog cksum; then 287255670Sdes cksum 288255670Sdes elif have_prog sum; then 289255670Sdes sum 290255670Sdes else 291255670Sdes wc -c 292255670Sdes fi 293255670Sdes} 294255670Sdes# End of portable specific functions 295255670Sdes 296323134Sdesstop_sshd () 29798937Sdes{ 29898937Sdes if [ -f $PIDFILE ]; then 299214979Sdes pid=`$SUDO cat $PIDFILE` 30098937Sdes if [ "X$pid" = "X" ]; then 30198937Sdes echo no sshd running 30298937Sdes else 30398937Sdes if [ $pid -lt 2 ]; then 304294328Sdes echo bad pid for sshd: $pid 30598937Sdes else 30698937Sdes $SUDO kill $pid 307204861Sdes trace "wait for sshd to exit" 308204861Sdes i=0; 309204861Sdes while [ -f $PIDFILE -a $i -lt 5 ]; do 310204861Sdes i=`expr $i + 1` 311204861Sdes sleep $i 312204861Sdes done 313204861Sdes test -f $PIDFILE && \ 314204861Sdes fatal "sshd didn't exit port $PORT pid $pid" 31598937Sdes fi 31698937Sdes fi 31798937Sdes fi 31898937Sdes} 31998937Sdes 320323134Sdes# helper 321323134Sdescleanup () 322323134Sdes{ 323323134Sdes if [ "x$SSH_PID" != "x" ]; then 324323134Sdes if [ $SSH_PID -lt 2 ]; then 325323134Sdes echo bad pid for ssh: $SSH_PID 326323134Sdes else 327323134Sdes kill $SSH_PID 328323134Sdes fi 329323134Sdes fi 330323134Sdes stop_sshd 331323134Sdes} 332323134Sdes 333255670Sdesstart_debug_log () 334255670Sdes{ 335255670Sdes echo "trace: $@" >$TEST_REGRESS_LOGFILE 336255670Sdes echo "trace: $@" >$TEST_SSH_LOGFILE 337255670Sdes echo "trace: $@" >$TEST_SSHD_LOGFILE 338255670Sdes} 339255670Sdes 340255670Sdessave_debug_log () 341255670Sdes{ 342255670Sdes echo $@ >>$TEST_REGRESS_LOGFILE 343255670Sdes echo $@ >>$TEST_SSH_LOGFILE 344255670Sdes echo $@ >>$TEST_SSHD_LOGFILE 345255670Sdes (cat $TEST_REGRESS_LOGFILE; echo) >>$OBJ/failed-regress.log 346255670Sdes (cat $TEST_SSH_LOGFILE; echo) >>$OBJ/failed-ssh.log 347255670Sdes (cat $TEST_SSHD_LOGFILE; echo) >>$OBJ/failed-sshd.log 348255670Sdes} 349255670Sdes 35098937Sdestrace () 35198937Sdes{ 352255670Sdes start_debug_log $@ 35398937Sdes if [ "X$TEST_SSH_TRACE" = "Xyes" ]; then 35498937Sdes echo "$@" 35598937Sdes fi 35698937Sdes} 35798937Sdes 35898937Sdesverbose () 35998937Sdes{ 360255670Sdes start_debug_log $@ 36198937Sdes if [ "X$TEST_SSH_QUIET" != "Xyes" ]; then 36298937Sdes echo "$@" 36398937Sdes fi 36498937Sdes} 36598937Sdes 366225825Sdeswarn () 367225825Sdes{ 368225825Sdes echo "WARNING: $@" >>$TEST_SSH_LOGFILE 369225825Sdes echo "WARNING: $@" 370225825Sdes} 37198937Sdes 37298937Sdesfail () 37398937Sdes{ 374255670Sdes save_debug_log "FAIL: $@" 37598937Sdes RESULT=1 37698937Sdes echo "$@" 377255670Sdes 37898937Sdes} 37998937Sdes 38098937Sdesfatal () 38198937Sdes{ 382255670Sdes save_debug_log "FATAL: $@" 383255670Sdes printf "FATAL: " 38498937Sdes fail "$@" 38598937Sdes cleanup 38698937Sdes exit $RESULT 38798937Sdes} 38898937Sdes 389294332Sdesssh_version () 390294332Sdes{ 391294332Sdes echo ${SSH_PROTOCOLS} | grep "$1" >/dev/null 392294332Sdes} 393294332Sdes 39498937SdesRESULT=0 39598937SdesPIDFILE=$OBJ/pidfile 39698937Sdes 39798937Sdestrap fatal 3 2 39898937Sdes 399294332Sdesif ssh_version 1; then 400294332Sdes PROTO="2,1" 401294332Sdeselse 402294332Sdes PROTO="2" 403294332Sdesfi 404294332Sdes 40598937Sdes# create server config 40698937Sdescat << EOF > $OBJ/sshd_config 407137015Sdes StrictModes no 40898937Sdes Port $PORT 409157016Sdes AddressFamily inet 41098937Sdes ListenAddress 127.0.0.1 41198937Sdes #ListenAddress ::1 41298937Sdes PidFile $PIDFILE 41398937Sdes AuthorizedKeysFile $OBJ/authorized_keys_%u 414255670Sdes LogLevel DEBUG3 415137015Sdes AcceptEnv _XXX_TEST_* 416137015Sdes AcceptEnv _XXX_TEST 417137015Sdes Subsystem sftp $SFTPSERVER 41898937SdesEOF 41998937Sdes 420323129Sdes# This may be necessary if /usr/src and/or /usr/obj are group-writable, 421323129Sdes# but if you aren't careful with permissions then the unit tests could 422323129Sdes# be abused to locally escalate privileges. 423323129Sdesif [ ! -z "$TEST_SSH_UNSAFE_PERMISSIONS" ]; then 424323129Sdes echo "StrictModes no" >> $OBJ/sshd_config 425323129Sdesfi 426323129Sdes 427137015Sdesif [ ! -z "$TEST_SSH_SSHD_CONFOPTS" ]; then 428137015Sdes trace "adding sshd_config option $TEST_SSH_SSHD_CONFOPTS" 429137015Sdes echo "$TEST_SSH_SSHD_CONFOPTS" >> $OBJ/sshd_config 430137015Sdesfi 431137015Sdes 43298937Sdes# server config for proxy connects 43398937Sdescp $OBJ/sshd_config $OBJ/sshd_proxy 43498937Sdes 43598937Sdes# allow group-writable directories in proxy-mode 43698937Sdesecho 'StrictModes no' >> $OBJ/sshd_proxy 43798937Sdes 43898937Sdes# create client config 43998937Sdescat << EOF > $OBJ/ssh_config 44098937SdesHost * 44198937Sdes Hostname 127.0.0.1 44298937Sdes HostKeyAlias localhost-with-alias 44398937Sdes Port $PORT 44498937Sdes User $USER 44598937Sdes GlobalKnownHostsFile $OBJ/known_hosts 44698937Sdes UserKnownHostsFile $OBJ/known_hosts 44798937Sdes PubkeyAuthentication yes 44898937Sdes ChallengeResponseAuthentication no 44998937Sdes HostbasedAuthentication no 45098937Sdes PasswordAuthentication no 45198937Sdes BatchMode yes 45298937Sdes StrictHostKeyChecking yes 453255670Sdes LogLevel DEBUG3 45498937SdesEOF 45598937Sdes 456137015Sdesif [ ! -z "$TEST_SSH_SSH_CONFOPTS" ]; then 457294336Sdes trace "adding ssh_config option $TEST_SSH_SSH_CONFOPTS" 458137015Sdes echo "$TEST_SSH_SSH_CONFOPTS" >> $OBJ/ssh_config 459137015Sdesfi 460137015Sdes 46198937Sdesrm -f $OBJ/known_hosts $OBJ/authorized_keys_$USER 46298937Sdes 463294332Sdesif ssh_version 1; then 464294332Sdes SSH_KEYTYPES="rsa rsa1" 465294332Sdeselse 466294332Sdes SSH_KEYTYPES="rsa ed25519" 467294332Sdesfi 46898937Sdestrace "generate keys" 469294332Sdesfor t in ${SSH_KEYTYPES}; do 47098937Sdes # generate user key 471294332Sdes if [ ! -f $OBJ/$t ] || [ ${SSHKEYGEN_BIN} -nt $OBJ/$t ]; then 472255670Sdes rm -f $OBJ/$t 473255670Sdes ${SSHKEYGEN} -q -N '' -t $t -f $OBJ/$t ||\ 474255670Sdes fail "ssh-keygen for $t failed" 475255670Sdes fi 47698937Sdes 47798937Sdes # known hosts file for client 47898937Sdes ( 479255670Sdes printf 'localhost-with-alias,127.0.0.1,::1 ' 48098937Sdes cat $OBJ/$t.pub 48198937Sdes ) >> $OBJ/known_hosts 48298937Sdes 48398937Sdes # setup authorized keys 48498937Sdes cat $OBJ/$t.pub >> $OBJ/authorized_keys_$USER 48598937Sdes echo IdentityFile $OBJ/$t >> $OBJ/ssh_config 48698937Sdes 48798937Sdes # use key as host key, too 48898937Sdes $SUDO cp $OBJ/$t $OBJ/host.$t 48998937Sdes echo HostKey $OBJ/host.$t >> $OBJ/sshd_config 49098937Sdes 49198937Sdes # don't use SUDO for proxy connect 49298937Sdes echo HostKey $OBJ/$t >> $OBJ/sshd_proxy 49398937Sdesdone 49498937Sdeschmod 644 $OBJ/authorized_keys_$USER 49598937Sdes 496180750Sdes# Activate Twisted Conch tests if the binary is present 497180750SdesREGRESS_INTEROP_CONCH=no 498180750Sdesif test -x "$CONCH" ; then 499180750Sdes REGRESS_INTEROP_CONCH=yes 500180750Sdesfi 501180750Sdes 502180750Sdes# If PuTTY is present and we are running a PuTTY test, prepare keys and 503180750Sdes# configuration 504180746SdesREGRESS_INTEROP_PUTTY=no 505180746Sdesif test -x "$PUTTYGEN" -a -x "$PLINK" ; then 506180750Sdes REGRESS_INTEROP_PUTTY=yes 507180750Sdesfi 508180750Sdescase "$SCRIPT" in 509180750Sdes*putty*) ;; 510180750Sdes*) REGRESS_INTEROP_PUTTY=no ;; 511180750Sdesesac 512180750Sdes 513180750Sdesif test "$REGRESS_INTEROP_PUTTY" = "yes" ; then 514180746Sdes mkdir -p ${OBJ}/.putty 515180746Sdes 516180746Sdes # Add a PuTTY key to authorized_keys 517180746Sdes rm -f ${OBJ}/putty.rsa2 518323134Sdes if ! puttygen -t rsa -o ${OBJ}/putty.rsa2 \ 519323134Sdes --new-passphrase /dev/null < /dev/null > /dev/null; then 520323134Sdes echo "Your installed version of PuTTY is too old to support --new-passphrase; trying without (may require manual interaction) ..." >&2 521323134Sdes puttygen -t rsa -o ${OBJ}/putty.rsa2 < /dev/null > /dev/null 522323134Sdes fi 523180746Sdes puttygen -O public-openssh ${OBJ}/putty.rsa2 \ 524180746Sdes >> $OBJ/authorized_keys_$USER 525180746Sdes 526180746Sdes # Convert rsa2 host key to PuTTY format 527180746Sdes ${SRC}/ssh2putty.sh 127.0.0.1 $PORT $OBJ/rsa > \ 528180746Sdes ${OBJ}/.putty/sshhostkeys 529180746Sdes ${SRC}/ssh2putty.sh 127.0.0.1 22 $OBJ/rsa >> \ 530180746Sdes ${OBJ}/.putty/sshhostkeys 531180746Sdes 532180746Sdes # Setup proxied session 533180746Sdes mkdir -p ${OBJ}/.putty/sessions 534180746Sdes rm -f ${OBJ}/.putty/sessions/localhost_proxy 535323134Sdes echo "Protocol=ssh" >> ${OBJ}/.putty/sessions/localhost_proxy 536323134Sdes echo "HostName=127.0.0.1" >> ${OBJ}/.putty/sessions/localhost_proxy 537180746Sdes echo "PortNumber=$PORT" >> ${OBJ}/.putty/sessions/localhost_proxy 538180746Sdes echo "ProxyMethod=5" >> ${OBJ}/.putty/sessions/localhost_proxy 539294332Sdes echo "ProxyTelnetCommand=sh ${SRC}/sshd-log-wrapper.sh ${TEST_SSHD_LOGFILE} ${SSHD} -i -f $OBJ/sshd_proxy" >> ${OBJ}/.putty/sessions/localhost_proxy 540323134Sdes echo "ProxyLocalhost=1" >> ${OBJ}/.putty/sessions/localhost_proxy 541180746Sdes 542180746Sdes REGRESS_INTEROP_PUTTY=yes 543180746Sdesfi 544180746Sdes 54598937Sdes# create a proxy version of the client config 54698937Sdes( 54798937Sdes cat $OBJ/ssh_config 548294332Sdes echo proxycommand ${SUDO} sh ${SRC}/sshd-log-wrapper.sh ${TEST_SSHD_LOGFILE} ${SSHD} -i -f $OBJ/sshd_proxy 54998937Sdes) > $OBJ/ssh_proxy 55098937Sdes 55198937Sdes# check proxy config 55298937Sdes${SSHD} -t -f $OBJ/sshd_proxy || fatal "sshd_proxy broken" 55398937Sdes 55498937Sdesstart_sshd () 55598937Sdes{ 55698937Sdes # start sshd 557180746Sdes $SUDO ${SSHD} -f $OBJ/sshd_config "$@" -t || fatal "sshd_config broken" 558255670Sdes $SUDO ${SSHD} -f $OBJ/sshd_config "$@" -E$TEST_SSHD_LOGFILE 55998937Sdes 56098937Sdes trace "wait for sshd" 56198937Sdes i=0; 562124208Sdes while [ ! -f $PIDFILE -a $i -lt 10 ]; do 56398937Sdes i=`expr $i + 1` 56498937Sdes sleep $i 56598937Sdes done 56698937Sdes 56798937Sdes test -f $PIDFILE || fatal "no sshd running on port $PORT" 56898937Sdes} 56998937Sdes 57098937Sdes# source test body 57198937Sdes. $SCRIPT 57298937Sdes 57398937Sdes# kill sshd 57498937Sdescleanup 57598937Sdesif [ $RESULT -eq 0 ]; then 57698937Sdes verbose ok $tid 57798937Sdeselse 57898937Sdes echo failed $tid 57998937Sdesfi 58098937Sdesexit $RESULT 581