openssh/regress/test-exec.sh

323136Sdes#	$OpenBSD: test-exec.sh,v 1.59 2017/02/07 23:03:11 dtucker Exp $
98937Sdes#	Placed in the Public Domain.
98937Sdes
98937Sdes#SUDO=sudo
98937Sdes
146998Sdes# Unbreak GNU head(1)
146998Sdes_POSIX2_VERSION=199209
146998Sdesexport _POSIX2_VERSION
146998Sdes
146998Sdescase `uname -s 2>/dev/null` in
146998SdesOSF1*)
146998Sdes	BIN_SH=xpg4
146998Sdes	export BIN_SH
146998Sdes	;;
239849SdesCYGWIN_NT-5.0)
239849Sdes	os=cygwin
239849Sdes	TEST_SSH_IPV6=no
239849Sdes	;;
239849SdesCYGWIN*)
239849Sdes	os=cygwin
239849Sdes	;;
146998Sdesesac
146998Sdes
137015Sdesif [ ! -z "$TEST_SSH_PORT" ]; then
137015Sdes	PORT="$TEST_SSH_PORT"
137015Sdeselse
137015Sdes	PORT=4242
137015Sdesfi
137015Sdes
124208Sdesif [ -x /usr/ucb/whoami ]; then
124208Sdes	USER=`/usr/ucb/whoami`
124208Sdeselif whoami >/dev/null 2>&1; then
124208Sdes	USER=`whoami`
157016Sdeselif logname >/dev/null 2>&1; then
157016Sdes	USER=`logname`
124208Sdeselse
124208Sdes	USER=`id -un`
124208Sdesfi
124208Sdes
98937SdesOBJ=$1
98937Sdesif [ "x$OBJ" = "x" ]; then
98937Sdes	echo '$OBJ not defined'
98937Sdes	exit 2
98937Sdesfi
98937Sdesif [ ! -d $OBJ ]; then
98937Sdes	echo "not a directory: $OBJ"
98937Sdes	exit 2
98937Sdesfi
98937SdesSCRIPT=$2
98937Sdesif [ "x$SCRIPT" = "x" ]; then
98937Sdes	echo '$SCRIPT not defined'
98937Sdes	exit 2
98937Sdesfi
98937Sdesif [ ! -f $SCRIPT ]; then
98937Sdes	echo "not a file: $SCRIPT"
98937Sdes	exit 2
98937Sdesfi
126274Sdesif $TEST_SHELL -n $SCRIPT; then
98937Sdes	true
98937Sdeselse
98937Sdes	echo "syntax error in $SCRIPT"
98937Sdes	exit 2
98937Sdesfi
98937Sdesunset SSH_AUTH_SOCK
98937Sdes
146998SdesSRC=`dirname ${SCRIPT}`
146998Sdes
98937Sdes# defaults
98937SdesSSH=ssh
98937SdesSSHD=sshd
98937SdesSSHAGENT=ssh-agent
98937SdesSSHADD=ssh-add
98937SdesSSHKEYGEN=ssh-keygen
98937SdesSSHKEYSCAN=ssh-keyscan
98937SdesSFTP=sftp
98937SdesSFTPSERVER=/usr/libexec/openssh/sftp-server
137015SdesSCP=scp
98937Sdes
180746Sdes# Interop testing
180750SdesPLINK=plink
180750SdesPUTTYGEN=puttygen
180750SdesCONCH=conch
180746Sdes
98937Sdesif [ "x$TEST_SSH_SSH" != "x" ]; then
128456Sdes	SSH="${TEST_SSH_SSH}"
98937Sdesfi
98937Sdesif [ "x$TEST_SSH_SSHD" != "x" ]; then
128456Sdes	SSHD="${TEST_SSH_SSHD}"
98937Sdesfi
98937Sdesif [ "x$TEST_SSH_SSHAGENT" != "x" ]; then
128456Sdes	SSHAGENT="${TEST_SSH_SSHAGENT}"
98937Sdesfi
98937Sdesif [ "x$TEST_SSH_SSHADD" != "x" ]; then
128456Sdes	SSHADD="${TEST_SSH_SSHADD}"
98937Sdesfi
98937Sdesif [ "x$TEST_SSH_SSHKEYGEN" != "x" ]; then
128456Sdes	SSHKEYGEN="${TEST_SSH_SSHKEYGEN}"
98937Sdesfi
98937Sdesif [ "x$TEST_SSH_SSHKEYSCAN" != "x" ]; then
128456Sdes	SSHKEYSCAN="${TEST_SSH_SSHKEYSCAN}"
98937Sdesfi
98937Sdesif [ "x$TEST_SSH_SFTP" != "x" ]; then
128456Sdes	SFTP="${TEST_SSH_SFTP}"
98937Sdesfi
98937Sdesif [ "x$TEST_SSH_SFTPSERVER" != "x" ]; then
128456Sdes	SFTPSERVER="${TEST_SSH_SFTPSERVER}"
98937Sdesfi
137015Sdesif [ "x$TEST_SSH_SCP" != "x" ]; then
137015Sdes	SCP="${TEST_SSH_SCP}"
137015Sdesfi
180746Sdesif [ "x$TEST_SSH_PLINK" != "x" ]; then
180746Sdes	# Find real binary, if it exists
180746Sdes	case "${TEST_SSH_PLINK}" in
180746Sdes	/*) PLINK="${TEST_SSH_PLINK}" ;;
180746Sdes	*) PLINK=`which ${TEST_SSH_PLINK} 2>/dev/null` ;;
180746Sdes	esac
180746Sdesfi
180746Sdesif [ "x$TEST_SSH_PUTTYGEN" != "x" ]; then
180746Sdes	# Find real binary, if it exists
180746Sdes	case "${TEST_SSH_PUTTYGEN}" in
180746Sdes	/*) PUTTYGEN="${TEST_SSH_PUTTYGEN}" ;;
180746Sdes	*) PUTTYGEN=`which ${TEST_SSH_PUTTYGEN} 2>/dev/null` ;;
180746Sdes	esac
180746Sdesfi
180750Sdesif [ "x$TEST_SSH_CONCH" != "x" ]; then
180750Sdes	# Find real binary, if it exists
180750Sdes	case "${TEST_SSH_CONCH}" in
180750Sdes	/*) CONCH="${TEST_SSH_CONCH}" ;;
180750Sdes	*) CONCH=`which ${TEST_SSH_CONCH} 2>/dev/null` ;;
180750Sdes	esac
180750Sdesfi
98937Sdes
323134SdesSSH_PROTOCOLS=2
323134Sdes#SSH_PROTOCOLS=`$SSH -Q protocol-version`
294332Sdesif [ "x$TEST_SSH_PROTOCOLS" != "x" ]; then
294332Sdes	SSH_PROTOCOLS="${TEST_SSH_PROTOCOLS}"
294332Sdesfi
294332Sdes
137015Sdes# Path to sshd must be absolute for rexec
149749Sdescase "$SSHD" in
149749Sdes/*) ;;
261320Sdes*) SSHD=`which $SSHD` ;;
149749Sdesesac
137015Sdes
261320Sdescase "$SSHAGENT" in
261320Sdes/*) ;;
261320Sdes*) SSHAGENT=`which $SSHAGENT` ;;
261320Sdesesac
261320Sdes
294332Sdes# Record the actual binaries used.
294332SdesSSH_BIN=${SSH}
294332SdesSSHD_BIN=${SSHD}
294332SdesSSHAGENT_BIN=${SSHAGENT}
294332SdesSSHADD_BIN=${SSHADD}
294332SdesSSHKEYGEN_BIN=${SSHKEYGEN}
294332SdesSSHKEYSCAN_BIN=${SSHKEYSCAN}
294332SdesSFTP_BIN=${SFTP}
294332SdesSFTPSERVER_BIN=${SFTPSERVER}
294332SdesSCP_BIN=${SCP}
294332Sdes
294332Sdesif [ "x$USE_VALGRIND" != "x" ]; then
294332Sdes	mkdir -p $OBJ/valgrind-out
294332Sdes	VG_TEST=`basename $SCRIPT .sh`
294332Sdes
294332Sdes	# Some tests are difficult to fix.
294332Sdes	case "$VG_TEST" in
294332Sdes	connect-privsep|reexec)
294332Sdes		VG_SKIP=1 ;;
294332Sdes	esac
294332Sdes
294332Sdes	if [ x"$VG_SKIP" = "x" ]; then
294332Sdes		VG_IGNORE="/bin/*,/sbin/*,/usr/*,/var/*"
294332Sdes		VG_LOG="$OBJ/valgrind-out/${VG_TEST}."
294332Sdes		VG_OPTS="--track-origins=yes --leak-check=full"
294332Sdes		VG_OPTS="$VG_OPTS --trace-children=yes"
294332Sdes		VG_OPTS="$VG_OPTS --trace-children-skip=${VG_IGNORE}"
294332Sdes		VG_PATH="valgrind"
294332Sdes		if [ "x$VALGRIND_PATH" != "x" ]; then
294332Sdes			VG_PATH="$VALGRIND_PATH"
294332Sdes		fi
294332Sdes		VG="$VG_PATH $VG_OPTS"
294332Sdes		SSH="$VG --log-file=${VG_LOG}ssh.%p $SSH"
294332Sdes		SSHD="$VG --log-file=${VG_LOG}sshd.%p $SSHD"
294332Sdes		SSHAGENT="$VG --log-file=${VG_LOG}ssh-agent.%p $SSHAGENT"
294332Sdes		SSHADD="$VG --log-file=${VG_LOG}ssh-add.%p $SSHADD"
294332Sdes		SSHKEYGEN="$VG --log-file=${VG_LOG}ssh-keygen.%p $SSHKEYGEN"
294332Sdes		SSHKEYSCAN="$VG --log-file=${VG_LOG}ssh-keyscan.%p $SSHKEYSCAN"
294332Sdes		SFTP="$VG --log-file=${VG_LOG}sftp.%p ${SFTP}"
294332Sdes		SCP="$VG --log-file=${VG_LOG}scp.%p $SCP"
294332Sdes		cat > $OBJ/valgrind-sftp-server.sh << EOF
294332Sdes#!/bin/sh
294332Sdesexec $VG --log-file=${VG_LOG}sftp-server.%p $SFTPSERVER "\$@"
294332SdesEOF
294332Sdes		chmod a+rx $OBJ/valgrind-sftp-server.sh
294332Sdes		SFTPSERVER="$OBJ/valgrind-sftp-server.sh"
294332Sdes	fi
294332Sdesfi
294332Sdes
255670Sdes# Logfiles.
255670Sdes# SSH_LOGFILE should be the debug output of ssh(1) only
255670Sdes# SSHD_LOGFILE should be the debug output of sshd(8) only
255670Sdes# REGRESS_LOGFILE is the output of the test itself stdout and stderr
146998Sdesif [ "x$TEST_SSH_LOGFILE" = "x" ]; then
255670Sdes	TEST_SSH_LOGFILE=$OBJ/ssh.log
146998Sdesfi
255670Sdesif [ "x$TEST_SSHD_LOGFILE" = "x" ]; then
255670Sdes	TEST_SSHD_LOGFILE=$OBJ/sshd.log
255670Sdesfi
255670Sdesif [ "x$TEST_REGRESS_LOGFILE" = "x" ]; then
255670Sdes	TEST_REGRESS_LOGFILE=$OBJ/regress.log
255670Sdesfi
146998Sdes
255670Sdes# truncate logfiles
255670Sdes>$TEST_SSH_LOGFILE
255670Sdes>$TEST_SSHD_LOGFILE
255670Sdes>$TEST_REGRESS_LOGFILE
248613Sdes
255670Sdes# Create wrapper ssh with logging.  We can't just specify "SSH=ssh -E..."
255670Sdes# because sftp and scp don't handle spaces in arguments.
255670SdesSSHLOGWRAP=$OBJ/ssh-log-wrapper.sh
255670Sdesecho "#!/bin/sh" > $SSHLOGWRAP
255670Sdesecho "exec ${SSH} -E${TEST_SSH_LOGFILE} "'"$@"' >>$SSHLOGWRAP
255670Sdes
255670Sdeschmod a+rx $OBJ/ssh-log-wrapper.sh
323129SdesREAL_SSH="$SSH"
255670SdesSSH="$SSHLOGWRAP"
255670Sdes
255670Sdes# Some test data.  We make a copy because some tests will overwrite it.
255670Sdes# The tests may assume that $DATA exists and is writable and $COPY does
261320Sdes# not exist.  Tests requiring larger data files can call increase_datafile_size
261320Sdes# [kbytes] to ensure the file is at least that large.
255670SdesDATANAME=data
255670SdesDATA=$OBJ/${DATANAME}
294332Sdescat ${SSHAGENT_BIN} >${DATA}
255670Sdeschmod u+w ${DATA}
255670SdesCOPY=$OBJ/copy
255670Sdesrm -f ${COPY}
255670Sdes
261320Sdesincrease_datafile_size()
261320Sdes{
261320Sdes	while [ `du -k ${DATA} | cut -f1` -lt $1 ]; do
294332Sdes		cat ${SSHAGENT_BIN} >>${DATA}
261320Sdes	done
261320Sdes}
261320Sdes
98937Sdes# these should be used in tests
137015Sdesexport SSH SSHD SSHAGENT SSHADD SSHKEYGEN SSHKEYSCAN SFTP SFTPSERVER SCP
137015Sdes#echo $SSH $SSHD $SSHAGENT $SSHADD $SSHKEYGEN $SSHKEYSCAN $SFTP $SFTPSERVER $SCP
98937Sdes
255670Sdes# Portable specific functions
124208Sdeshave_prog()
124208Sdes{
124208Sdes	saved_IFS="$IFS"
124208Sdes	IFS=":"
124208Sdes	for i in $PATH
124208Sdes	do
124208Sdes		if [ -x $i/$1 ]; then
124208Sdes			IFS="$saved_IFS"
124208Sdes			return 0
124208Sdes		fi
124208Sdes	done
124208Sdes	IFS="$saved_IFS"
124208Sdes	return 1
124208Sdes}
124208Sdes
255670Sdesjot() {
255670Sdes	awk "BEGIN { for (i = $2; i < $2 + $1; i++) { printf \"%d\n\", i } exit }"
255670Sdes}
255670Sdes
255670Sdes# Check whether preprocessor symbols are defined in config.h.
255670Sdesconfig_defined ()
255670Sdes{
255670Sdes	str=$1
255670Sdes	while test "x$2" != "x" ; do
255670Sdes		str="$str|$2"
255670Sdes		shift
255670Sdes	done
255670Sdes	egrep "^#define.*($str)" ${BUILDDIR}/config.h >/dev/null 2>&1
255670Sdes}
255670Sdes
255670Sdesmd5 () {
255670Sdes	if have_prog md5sum; then
255670Sdes		md5sum
255670Sdes	elif have_prog openssl; then
255670Sdes		openssl md5
255670Sdes	elif have_prog cksum; then
255670Sdes		cksum
255670Sdes	elif have_prog sum; then
255670Sdes		sum
255670Sdes	else
255670Sdes		wc -c
255670Sdes	fi
255670Sdes}
255670Sdes# End of portable specific functions
255670Sdes
323134Sdesstop_sshd ()
98937Sdes{
98937Sdes	if [ -f $PIDFILE ]; then
214979Sdes		pid=`$SUDO cat $PIDFILE`
98937Sdes		if [ "X$pid" = "X" ]; then
98937Sdes			echo no sshd running
98937Sdes		else
98937Sdes			if [ $pid -lt 2 ]; then
294328Sdes				echo bad pid for sshd: $pid
98937Sdes			else
98937Sdes				$SUDO kill $pid
204861Sdes				trace "wait for sshd to exit"
204861Sdes				i=0;
204861Sdes				while [ -f $PIDFILE -a $i -lt 5 ]; do
204861Sdes					i=`expr $i + 1`
204861Sdes					sleep $i
204861Sdes				done
204861Sdes				test -f $PIDFILE && \
204861Sdes				    fatal "sshd didn't exit port $PORT pid $pid"
98937Sdes			fi
98937Sdes		fi
98937Sdes	fi
98937Sdes}
98937Sdes
323134Sdes# helper
323134Sdescleanup ()
323134Sdes{
323134Sdes	if [ "x$SSH_PID" != "x" ]; then
323134Sdes		if [ $SSH_PID -lt 2 ]; then
323134Sdes			echo bad pid for ssh: $SSH_PID
323134Sdes		else
323134Sdes			kill $SSH_PID
323134Sdes		fi
323134Sdes	fi
323134Sdes	stop_sshd
323134Sdes}
323134Sdes
255670Sdesstart_debug_log ()
255670Sdes{
255670Sdes	echo "trace: $@" >$TEST_REGRESS_LOGFILE
255670Sdes	echo "trace: $@" >$TEST_SSH_LOGFILE
255670Sdes	echo "trace: $@" >$TEST_SSHD_LOGFILE
255670Sdes}
255670Sdes
255670Sdessave_debug_log ()
255670Sdes{
255670Sdes	echo $@ >>$TEST_REGRESS_LOGFILE
255670Sdes	echo $@ >>$TEST_SSH_LOGFILE
255670Sdes	echo $@ >>$TEST_SSHD_LOGFILE
255670Sdes	(cat $TEST_REGRESS_LOGFILE; echo) >>$OBJ/failed-regress.log
255670Sdes	(cat $TEST_SSH_LOGFILE; echo) >>$OBJ/failed-ssh.log
255670Sdes	(cat $TEST_SSHD_LOGFILE; echo) >>$OBJ/failed-sshd.log
255670Sdes}
255670Sdes
98937Sdestrace ()
98937Sdes{
255670Sdes	start_debug_log $@
98937Sdes	if [ "X$TEST_SSH_TRACE" = "Xyes" ]; then
98937Sdes		echo "$@"
98937Sdes	fi
98937Sdes}
98937Sdes
98937Sdesverbose ()
98937Sdes{
255670Sdes	start_debug_log $@
98937Sdes	if [ "X$TEST_SSH_QUIET" != "Xyes" ]; then
98937Sdes		echo "$@"
98937Sdes	fi
98937Sdes}
98937Sdes
225825Sdeswarn ()
225825Sdes{
225825Sdes	echo "WARNING: $@" >>$TEST_SSH_LOGFILE
225825Sdes	echo "WARNING: $@"
225825Sdes}
98937Sdes
98937Sdesfail ()
98937Sdes{
255670Sdes	save_debug_log "FAIL: $@"
98937Sdes	RESULT=1
98937Sdes	echo "$@"
255670Sdes
98937Sdes}
98937Sdes
98937Sdesfatal ()
98937Sdes{
255670Sdes	save_debug_log "FATAL: $@"
255670Sdes	printf "FATAL: "
98937Sdes	fail "$@"
98937Sdes	cleanup
98937Sdes	exit $RESULT
98937Sdes}
98937Sdes
294332Sdesssh_version ()
294332Sdes{
294332Sdes	echo ${SSH_PROTOCOLS} | grep "$1" >/dev/null
294332Sdes}
294332Sdes
98937SdesRESULT=0
98937SdesPIDFILE=$OBJ/pidfile
98937Sdes
98937Sdestrap fatal 3 2
98937Sdes
294332Sdesif ssh_version 1; then
294332Sdes	PROTO="2,1"
294332Sdeselse
294332Sdes	PROTO="2"
294332Sdesfi
294332Sdes
98937Sdes# create server config
98937Sdescat << EOF > $OBJ/sshd_config
137015Sdes	StrictModes		no
98937Sdes	Port			$PORT
157016Sdes	AddressFamily		inet
98937Sdes	ListenAddress		127.0.0.1
98937Sdes	#ListenAddress		::1
98937Sdes	PidFile			$PIDFILE
98937Sdes	AuthorizedKeysFile	$OBJ/authorized_keys_%u
255670Sdes	LogLevel		DEBUG3
137015Sdes	AcceptEnv		_XXX_TEST_*
137015Sdes	AcceptEnv		_XXX_TEST
137015Sdes	Subsystem	sftp	$SFTPSERVER
98937SdesEOF
98937Sdes
323129Sdes# This may be necessary if /usr/src and/or /usr/obj are group-writable,
323129Sdes# but if you aren't careful with permissions then the unit tests could
323129Sdes# be abused to locally escalate privileges.
323129Sdesif [ ! -z "$TEST_SSH_UNSAFE_PERMISSIONS" ]; then
323129Sdes	echo "StrictModes no" >> $OBJ/sshd_config
323129Sdesfi
323129Sdes
137015Sdesif [ ! -z "$TEST_SSH_SSHD_CONFOPTS" ]; then
137015Sdes	trace "adding sshd_config option $TEST_SSH_SSHD_CONFOPTS"
137015Sdes	echo "$TEST_SSH_SSHD_CONFOPTS" >> $OBJ/sshd_config
137015Sdesfi
137015Sdes
98937Sdes# server config for proxy connects
98937Sdescp $OBJ/sshd_config $OBJ/sshd_proxy
98937Sdes
98937Sdes# allow group-writable directories in proxy-mode
98937Sdesecho 'StrictModes no' >> $OBJ/sshd_proxy
98937Sdes
98937Sdes# create client config
98937Sdescat << EOF > $OBJ/ssh_config
98937SdesHost *
98937Sdes	Hostname		127.0.0.1
98937Sdes	HostKeyAlias		localhost-with-alias
98937Sdes	Port			$PORT
98937Sdes	User			$USER
98937Sdes	GlobalKnownHostsFile	$OBJ/known_hosts
98937Sdes	UserKnownHostsFile	$OBJ/known_hosts
98937Sdes	PubkeyAuthentication	yes
98937Sdes	ChallengeResponseAuthentication	no
98937Sdes	HostbasedAuthentication	no
98937Sdes	PasswordAuthentication	no
98937Sdes	BatchMode		yes
98937Sdes	StrictHostKeyChecking	yes
255670Sdes	LogLevel		DEBUG3
98937SdesEOF
98937Sdes
137015Sdesif [ ! -z "$TEST_SSH_SSH_CONFOPTS" ]; then
294336Sdes	trace "adding ssh_config option $TEST_SSH_SSH_CONFOPTS"
137015Sdes	echo "$TEST_SSH_SSH_CONFOPTS" >> $OBJ/ssh_config
137015Sdesfi
137015Sdes
98937Sdesrm -f $OBJ/known_hosts $OBJ/authorized_keys_$USER
98937Sdes
294332Sdesif ssh_version 1; then
294332Sdes	SSH_KEYTYPES="rsa rsa1"
294332Sdeselse
294332Sdes	SSH_KEYTYPES="rsa ed25519"
294332Sdesfi
98937Sdestrace "generate keys"
294332Sdesfor t in ${SSH_KEYTYPES}; do
98937Sdes	# generate user key
294332Sdes	if [ ! -f $OBJ/$t ] || [ ${SSHKEYGEN_BIN} -nt $OBJ/$t ]; then
255670Sdes		rm -f $OBJ/$t
255670Sdes		${SSHKEYGEN} -q -N '' -t $t  -f $OBJ/$t ||\
255670Sdes			fail "ssh-keygen for $t failed"
255670Sdes	fi
98937Sdes
98937Sdes	# known hosts file for client
98937Sdes	(
255670Sdes		printf 'localhost-with-alias,127.0.0.1,::1 '
98937Sdes		cat $OBJ/$t.pub
98937Sdes	) >> $OBJ/known_hosts
98937Sdes
98937Sdes	# setup authorized keys
98937Sdes	cat $OBJ/$t.pub >> $OBJ/authorized_keys_$USER
98937Sdes	echo IdentityFile $OBJ/$t >> $OBJ/ssh_config
98937Sdes
98937Sdes	# use key as host key, too
98937Sdes	$SUDO cp $OBJ/$t $OBJ/host.$t
98937Sdes	echo HostKey $OBJ/host.$t >> $OBJ/sshd_config
98937Sdes
98937Sdes	# don't use SUDO for proxy connect
98937Sdes	echo HostKey $OBJ/$t >> $OBJ/sshd_proxy
98937Sdesdone
98937Sdeschmod 644 $OBJ/authorized_keys_$USER
98937Sdes
180750Sdes# Activate Twisted Conch tests if the binary is present
180750SdesREGRESS_INTEROP_CONCH=no
180750Sdesif test -x "$CONCH" ; then
180750Sdes	REGRESS_INTEROP_CONCH=yes
180750Sdesfi
180750Sdes
180750Sdes# If PuTTY is present and we are running a PuTTY test, prepare keys and
180750Sdes# configuration
180746SdesREGRESS_INTEROP_PUTTY=no
180746Sdesif test -x "$PUTTYGEN" -a -x "$PLINK" ; then
180750Sdes	REGRESS_INTEROP_PUTTY=yes
180750Sdesfi
180750Sdescase "$SCRIPT" in
180750Sdes*putty*)	;;
180750Sdes*)		REGRESS_INTEROP_PUTTY=no ;;
180750Sdesesac
180750Sdes
180750Sdesif test "$REGRESS_INTEROP_PUTTY" = "yes" ; then
180746Sdes	mkdir -p ${OBJ}/.putty
180746Sdes
180746Sdes	# Add a PuTTY key to authorized_keys
180746Sdes	rm -f ${OBJ}/putty.rsa2
323134Sdes	if ! puttygen -t rsa -o ${OBJ}/putty.rsa2 \
323134Sdes	    --new-passphrase /dev/null < /dev/null > /dev/null; then
323134Sdes		echo "Your installed version of PuTTY is too old to support --new-passphrase; trying without (may require manual interaction) ..." >&2
323134Sdes		puttygen -t rsa -o ${OBJ}/putty.rsa2 < /dev/null > /dev/null
323134Sdes	fi
180746Sdes	puttygen -O public-openssh ${OBJ}/putty.rsa2 \
180746Sdes	    >> $OBJ/authorized_keys_$USER
180746Sdes
180746Sdes	# Convert rsa2 host key to PuTTY format
180746Sdes	${SRC}/ssh2putty.sh 127.0.0.1 $PORT $OBJ/rsa > \
180746Sdes	    ${OBJ}/.putty/sshhostkeys
180746Sdes	${SRC}/ssh2putty.sh 127.0.0.1 22 $OBJ/rsa >> \
180746Sdes	    ${OBJ}/.putty/sshhostkeys
180746Sdes
180746Sdes	# Setup proxied session
180746Sdes	mkdir -p ${OBJ}/.putty/sessions
180746Sdes	rm -f ${OBJ}/.putty/sessions/localhost_proxy
323134Sdes	echo "Protocol=ssh" >> ${OBJ}/.putty/sessions/localhost_proxy
323134Sdes	echo "HostName=127.0.0.1" >> ${OBJ}/.putty/sessions/localhost_proxy
180746Sdes	echo "PortNumber=$PORT" >> ${OBJ}/.putty/sessions/localhost_proxy
180746Sdes	echo "ProxyMethod=5" >> ${OBJ}/.putty/sessions/localhost_proxy
294332Sdes	echo "ProxyTelnetCommand=sh ${SRC}/sshd-log-wrapper.sh ${TEST_SSHD_LOGFILE} ${SSHD} -i -f $OBJ/sshd_proxy" >> ${OBJ}/.putty/sessions/localhost_proxy
323134Sdes	echo "ProxyLocalhost=1" >> ${OBJ}/.putty/sessions/localhost_proxy
180746Sdes
180746Sdes	REGRESS_INTEROP_PUTTY=yes
180746Sdesfi
180746Sdes
98937Sdes# create a proxy version of the client config
98937Sdes(
98937Sdes	cat $OBJ/ssh_config
294332Sdes	echo proxycommand ${SUDO} sh ${SRC}/sshd-log-wrapper.sh ${TEST_SSHD_LOGFILE} ${SSHD} -i -f $OBJ/sshd_proxy
98937Sdes) > $OBJ/ssh_proxy
98937Sdes
98937Sdes# check proxy config
98937Sdes${SSHD} -t -f $OBJ/sshd_proxy	|| fatal "sshd_proxy broken"
98937Sdes
98937Sdesstart_sshd ()
98937Sdes{
98937Sdes	# start sshd
180746Sdes	$SUDO ${SSHD} -f $OBJ/sshd_config "$@" -t || fatal "sshd_config broken"
255670Sdes	$SUDO ${SSHD} -f $OBJ/sshd_config "$@" -E$TEST_SSHD_LOGFILE
98937Sdes
98937Sdes	trace "wait for sshd"
98937Sdes	i=0;
124208Sdes	while [ ! -f $PIDFILE -a $i -lt 10 ]; do
98937Sdes		i=`expr $i + 1`
98937Sdes		sleep $i
98937Sdes	done
98937Sdes
98937Sdes	test -f $PIDFILE || fatal "no sshd running on port $PORT"
98937Sdes}
98937Sdes
98937Sdes# source test body
98937Sdes. $SCRIPT
98937Sdes
98937Sdes# kill sshd
98937Sdescleanup
98937Sdesif [ $RESULT -eq 0 ]; then
98937Sdes	verbose ok $tid
98937Sdeselse
98937Sdes	echo failed $tid
98937Sdesfi
98937Sdesexit $RESULT