- (djm) Sync regress with OpenBSD -current
diff --git a/ChangeLog b/ChangeLog
index f4c7704..96bc77e 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -6,6 +6,7 @@
The default can still be overriden by using -t in ssh-add.
OK markus@
- (djm) Reorganise PAM & SIA password handling to eliminate some common code
+ - (djm) Sync regress with OpenBSD -current
20030120
- (djm) Fix compilation for NetBSD from dtucker@zip.com.au
@@ -1049,4 +1050,4 @@
save auth method before monitor_reset_key_state(); bugzilla bug #284;
ok provos@
-$Id: ChangeLog,v 1.2580 2003/01/22 04:42:26 djm Exp $
+$Id: ChangeLog,v 1.2581 2003/01/22 06:53:16 djm Exp $
diff --git a/regress/Makefile b/regress/Makefile
index 26224cd..6e20293 100644
--- a/regress/Makefile
+++ b/regress/Makefile
@@ -1,8 +1,8 @@
-# $OpenBSD: Makefile,v 1.13 2002/04/01 22:15:08 markus Exp $
+# $OpenBSD: Makefile,v 1.20 2003/01/08 23:54:22 djm Exp $
-REGRESSTARGETS= t1 t2 t3 t4 t5 t6 t7
+REGRESS_TARGETS= t1 t2 t3 t4 t5 t6 t7
-CLEANFILES+= t2.out t6.out1 t6.out2 t7.out t7.out.pub
+CLEANFILES+= t2.out t6.out1 t6.out2 t7.out t7.out.pub copy.1 copy.2
LTESTS= connect \
proxy-connect \
@@ -17,8 +17,14 @@
try-ciphers \
yes-head \
agent \
+ agent-getpeereid \
+ agent-timeout \
+ agent-ptrace \
keyscan \
+ keygen-change \
sftp \
+ sftp-cmds \
+ sftp-batch \
forwarding
USER!= id -un
@@ -65,7 +71,7 @@
ssh-keygen -Bf t7.out > /dev/null
.for t in ${LTESTS}
-REGRESSTARGETS+=t-${t}
+REGRESS_TARGETS+=t-${t}
t-${t}:
sh ${.CURDIR}/test-exec.sh ${.OBJDIR} ${.CURDIR}/${t}.sh
.endfor
diff --git a/regress/agent-getpeereid.sh b/regress/agent-getpeereid.sh
new file mode 100644
index 0000000..0889fe8
--- /dev/null
+++ b/regress/agent-getpeereid.sh
@@ -0,0 +1,34 @@
+# $OpenBSD: agent-getpeereid.sh,v 1.1 2002/12/09 16:05:02 markus Exp $
+# Placed in the Public Domain.
+
+tid="disallow agent attach from other uid"
+
+UNPRIV=nobody
+ASOCK=${OBJ}/agent
+SSH_AUTH_SOCK=/nonexistant
+
+trace "start agent"
+eval `${SSHAGENT} -s -a ${ASOCK}` > /dev/null
+r=$?
+if [ $r -ne 0 ]; then
+ fail "could not start ssh-agent: exit code $r"
+else
+ chmod 644 ${SSH_AUTH_SOCK}
+
+ ssh-add -l > /dev/null 2>&1
+ r=$?
+ if [ $r -ne 1 ]; then
+ fail "ssh-add failed with $r != 1"
+ fi
+
+ < /dev/null sudo -S -u ${UNPRIV} ssh-add -l > /dev/null 2>&1
+ r=$?
+ if [ $r -lt 2 ]; then
+ fail "ssh-add did not fail for ${UNPRIV}: $r < 2"
+ fi
+
+ trace "kill agent"
+ ${SSHAGENT} -k > /dev/null
+fi
+
+rm -f ${OBJ}/agent
diff --git a/regress/agent-ptrace.sh b/regress/agent-ptrace.sh
new file mode 100644
index 0000000..9f9c999
--- /dev/null
+++ b/regress/agent-ptrace.sh
@@ -0,0 +1,28 @@
+# $OpenBSD: agent-ptrace.sh,v 1.1 2002/12/09 15:38:30 markus Exp $
+# Placed in the Public Domain.
+
+tid="disallow agent ptrace attach"
+
+trace "start agent"
+eval `${SSHAGENT} -s` > /dev/null
+r=$?
+if [ $r -ne 0 ]; then
+ fail "could not start ssh-agent: exit code $r"
+else
+ # ls -l ${SSH_AUTH_SOCK}
+ gdb ${SSHAGENT} ${SSH_AGENT_PID} > ${OBJ}/gdb.out 2>&1 << EOF
+ quit
+EOF
+ if [ $? -ne 0 ]; then
+ fail "gdb failed: exit code $?"
+ fi
+ grep -q 'ptrace: Operation not permitted.' ${OBJ}/gdb.out
+ r=$?
+ rm -f ${OBJ}/gdb.out
+ if [ $r -ne 0 ]; then
+ fail "ptrace succeeded?: exit code $r"
+ fi
+
+ trace "kill agent"
+ ${SSHAGENT} -k > /dev/null
+fi
diff --git a/regress/agent-timeout.sh b/regress/agent-timeout.sh
new file mode 100644
index 0000000..28b1be0
--- /dev/null
+++ b/regress/agent-timeout.sh
@@ -0,0 +1,36 @@
+# $OpenBSD: agent-timeout.sh,v 1.1 2002/06/06 00:38:40 markus Exp $
+# Placed in the Public Domain.
+
+tid="agent timeout test"
+
+TIMEOUT=5
+
+trace "start agent"
+eval `${SSHAGENT} -s` > /dev/null
+r=$?
+if [ $r -ne 0 ]; then
+ fail "could not start ssh-agent: exit code $r"
+else
+ trace "add keys with timeout"
+ for t in rsa rsa1; do
+ ${SSHADD} -t ${TIMEOUT} $OBJ/$t > /dev/null 2>&1
+ if [ $? -ne 0 ]; then
+ fail "ssh-add did succeed exit code 0"
+ fi
+ done
+ n=`${SSHADD} -l 2> /dev/null | wc -l`
+ trace "agent has $n keys"
+ if [ $n -ne 2 ]; then
+ fail "ssh-add -l did not return 2 keys: $n"
+ fi
+ trace "sleeping 2*${TIMEOUT} seconds"
+ sleep ${TIMEOUT}
+ sleep ${TIMEOUT}
+ ${SSHADD} -l 2> /dev/null | grep -q 'The agent has no identities.'
+ if [ $? -ne 0 ]; then
+ fail "ssh-add -l still returns keys after timeout"
+ fi
+
+ trace "kill agent"
+ ${SSHAGENT} -k > /dev/null
+fi
diff --git a/regress/keygen-change.sh b/regress/keygen-change.sh
new file mode 100644
index 0000000..08d3590
--- /dev/null
+++ b/regress/keygen-change.sh
@@ -0,0 +1,23 @@
+# $OpenBSD: keygen-change.sh,v 1.2 2002/07/16 09:15:55 markus Exp $
+# Placed in the Public Domain.
+
+tid="change passphrase for key"
+
+S1="secret1"
+S2="2secret"
+
+for t in rsa dsa rsa1; do
+ # generate user key for agent
+ trace "generating $t key"
+ rm -f $OBJ/$t-key
+ ${SSHKEYGEN} -q -N ${S1} -t $t -f $OBJ/$t-key
+ if [ $? -eq 0 ]; then
+ ${SSHKEYGEN} -p -P ${S1} -N ${S2} -f $OBJ/$t-key > /dev/null
+ if [ $? -ne 0 ]; then
+ fail "ssh-keygen -p failed for $t-key"
+ fi
+ else
+ fail "ssh-keygen for $t-key failed"
+ fi
+ rm -f $OBJ/$t-key $OBJ/$t-key.pub
+done
diff --git a/regress/proxy-connect.sh b/regress/proxy-connect.sh
index bf1940f..6a36b25 100644
--- a/regress/proxy-connect.sh
+++ b/regress/proxy-connect.sh
@@ -1,4 +1,4 @@
-# $OpenBSD: proxy-connect.sh,v 1.4 2002/03/15 13:08:56 markus Exp $
+# $OpenBSD: proxy-connect.sh,v 1.5 2002/12/09 15:28:46 markus Exp $
# Placed in the Public Domain.
tid="proxy connect"
@@ -8,4 +8,11 @@
if [ $? -ne 0 ]; then
fail "ssh proxyconnect protocol $p failed"
fi
+ SSH_CONNECTION=`${SSH} -$p -F $OBJ/ssh_proxy 999.999.999.999 'echo $SSH_CONNECTION'`
+ if [ $? -ne 0 ]; then
+ fail "ssh proxyconnect protocol $p failed"
+ fi
+ if [ "$SSH_CONNECTION" != "UNKNOWN 65535 UNKNOWN 65535" ]; then
+ fail "bad SSH_CONNECTION"
+ fi
done
diff --git a/regress/sftp-batch.sh b/regress/sftp-batch.sh
new file mode 100644
index 0000000..cffacb6
--- /dev/null
+++ b/regress/sftp-batch.sh
@@ -0,0 +1,57 @@
+# $OpenBSD: sftp-batch.sh,v 1.2 2003/01/10 07:52:41 djm Exp $
+# Placed in the Public Domain.
+
+tid="sftp batchfile"
+
+DATA=/bin/ls
+COPY=${OBJ}/copy
+BATCH=${OBJ}/sftp-batch
+
+rm -rf ${COPY} ${COPY}.1 ${COPY}.2 ${COPY}.dd ${BATCH}.*
+
+cat << EOF > ${BATCH}.pass.1
+ get $DATA $COPY
+ put ${COPY} ${COPY}.1
+ rm ${COPY}
+ -put ${COPY} ${COPY}.2
+EOF
+
+cat << EOF > ${BATCH}.pass.2
+ # This is a comment
+
+ # That was a blank line
+ ls
+EOF
+
+cat << EOF > ${BATCH}.fail.1
+ get $DATA $COPY
+ put ${COPY} ${COPY}.3
+ rm ${COPY}.*
+ # The next command should fail
+ put ${COPY}.3 ${COPY}.4
+EOF
+
+cat << EOF > ${BATCH}.fail.2
+ # The next command should fail
+ jajajajaja
+EOF
+
+verbose "$tid: good commands"
+${SFTP} -b ${BATCH}.pass.1 -P ${SFTPSERVER} >/dev/null 2>&1 \
+ || fail "good commands failed"
+
+verbose "$tid: bad commands"
+${SFTP} -b ${BATCH}.fail.1 -P ${SFTPSERVER} >/dev/null 2>&1 \
+ && fail "bad commands succeeded"
+
+verbose "$tid: comments and blanks"
+${SFTP} -b ${BATCH}.pass.2 -P ${SFTPSERVER} >/dev/null 2>&1 \
+ || fail "comments & blanks failed"
+
+verbose "$tid: junk command"
+${SFTP} -b ${BATCH}.fail.2 -P ${SFTPSERVER} >/dev/null 2>&1 \
+ && fail "junk command succeeded"
+
+rm -rf ${COPY} ${COPY}.1 ${COPY}.2 ${COPY}.dd ${BATCH}.*
+
+
diff --git a/regress/sftp-cmds.sh b/regress/sftp-cmds.sh
new file mode 100644
index 0000000..462c680
--- /dev/null
+++ b/regress/sftp-cmds.sh
@@ -0,0 +1,100 @@
+# $OpenBSD: sftp-cmds.sh,v 1.2 2003/01/10 07:52:41 djm Exp $
+# Placed in the Public Domain.
+
+# XXX - TODO:
+# - globbed operations
+# - chmod / chown / chgrp
+# - -p flag for get & put
+
+tid="sftp commands"
+
+DATA=/bin/ls
+COPY=${OBJ}/copy
+
+rm -rf ${COPY} ${COPY}.1 ${COPY}.2 ${COPY}.dd ${BATCH}.*
+
+verbose "$tid: lls"
+echo "lls ${OBJ}" | ${SFTP} -P ${SFTPSERVER} >/dev/null 2>&1 \
+ || fail "lls failed"
+# XXX always successful
+
+verbose "$tid: ls"
+echo "ls ${OBJ}" | ${SFTP} -P ${SFTPSERVER} >/dev/null 2>&1 \
+ || fail "ls failed"
+# XXX always successful
+
+verbose "$tid: shell"
+echo "!echo hi there" | ${SFTP} -P ${SFTPSERVER} >/dev/null 2>&1 \
+ || fail "shell failed"
+# XXX always successful
+
+verbose "$tid: pwd"
+echo "pwd" | ${SFTP} -P ${SFTPSERVER} >/dev/null 2>&1 \
+ || fail "pwd failed"
+# XXX always successful
+
+verbose "$tid: lpwd"
+echo "lpwd" | ${SFTP} -P ${SFTPSERVER} >/dev/null 2>&1 \
+ || fail "lpwd failed"
+# XXX always successful
+
+verbose "$tid: quit"
+echo "quit" | ${SFTP} -P ${SFTPSERVER} >/dev/null 2>&1 \
+ || fail "quit failed"
+# XXX always successful
+
+verbose "$tid: help"
+echo "help" | ${SFTP} -P ${SFTPSERVER} >/dev/null 2>&1 \
+ || fail "help failed"
+# XXX always successful
+
+rm -f ${COPY}
+verbose "$tid: get"
+echo "get $DATA $COPY" | ${SFTP} -P ${SFTPSERVER} >/dev/null 2>&1 \
+ || fail "get failed"
+cmp $DATA ${COPY} || fail "corrupted copy after get"
+
+rm -f ${COPY}
+verbose "$tid: put"
+echo "put $DATA $COPY" | ${SFTP} -P ${SFTPSERVER} >/dev/null 2>&1 \
+ || fail "put failed"
+cmp $DATA ${COPY} || fail "corrupted copy after put"
+
+verbose "$tid: rename"
+echo "rename $COPY ${COPY}.1" | ${SFTP} -P ${SFTPSERVER} >/dev/null 2>&1 \
+ || fail "rename failed"
+test -f ${COPY}.1 || fail "missing file after rename"
+cmp $DATA ${COPY}.1 >/dev/null 2>&1 || fail "corrupted copy after rename"
+
+verbose "$tid: ln"
+echo "ln ${COPY}.1 ${COPY}.2" | ${SFTP} -P ${SFTPSERVER} >/dev/null 2>&1 || fail "ln failed"
+test -L ${COPY}.2 || fail "missing file after ln"
+
+verbose "$tid: mkdir"
+echo "mkdir ${COPY}.dd" | ${SFTP} -P ${SFTPSERVER} >/dev/null 2>&1 \
+ || fail "mkdir failed"
+test -d ${COPY}.dd || fail "missing directory after mkdir"
+
+# XXX do more here
+verbose "$tid: chdir"
+echo "chdir ${COPY}.dd" | ${SFTP} -P ${SFTPSERVER} >/dev/null 2>&1 \
+ || fail "chdir failed"
+
+verbose "$tid: rmdir"
+echo "rmdir ${COPY}.dd" | ${SFTP} -P ${SFTPSERVER} >/dev/null 2>&1 \
+ || fail "rmdir failed"
+test -d ${COPY}.1 && fail "present directory after rmdir"
+
+verbose "$tid: lmkdir"
+echo "lmkdir ${COPY}.dd" | ${SFTP} -P ${SFTPSERVER} >/dev/null 2>&1 \
+ || fail "lmkdir failed"
+test -d ${COPY}.dd || fail "missing directory after lmkdir"
+
+# XXX do more here
+verbose "$tid: lchdir"
+echo "lchdir ${COPY}.dd" | ${SFTP} -P ${SFTPSERVER} >/dev/null 2>&1 \
+ || fail "lchdir failed"
+
+rm -rf ${COPY} ${COPY}.1 ${COPY}.2 ${COPY}.dd ${BATCH}.*
+
+
diff --git a/regress/ssh-com-client.sh b/regress/ssh-com-client.sh
index 84b0b47..015ebbb 100644
--- a/regress/ssh-com-client.sh
+++ b/regress/ssh-com-client.sh
@@ -1,4 +1,4 @@
-# $OpenBSD: ssh-com-client.sh,v 1.3 2002/04/10 08:45:30 markus Exp $
+# $OpenBSD: ssh-com-client.sh,v 1.4 2002/07/16 08:58:16 markus Exp $
# Placed in the Public Domain.
tid="connect with ssh.com client"
@@ -15,7 +15,9 @@
2.3.1
2.4.0
3.0.0
- 3.1.0"
+ 3.1.0
+ 3.2.0
+ 3.3.0"
# 2.0.10 2.0.12 2.0.13 don't like the test setup
diff --git a/regress/ssh-com-keygen.sh b/regress/ssh-com-keygen.sh
index 90ba2fc..e93dc78 100644
--- a/regress/ssh-com-keygen.sh
+++ b/regress/ssh-com-keygen.sh
@@ -1,4 +1,4 @@
-# $OpenBSD: ssh-com-keygen.sh,v 1.1 2002/03/27 22:40:27 markus Exp $
+# $OpenBSD: ssh-com-keygen.sh,v 1.2 2002/07/16 08:58:16 markus Exp $
# Placed in the Public Domain.
tid="ssh.com key import"
@@ -18,7 +18,9 @@
2.3.1
2.4.0
3.0.0
- 3.1.0"
+ 3.1.0
+ 3.2.0
+ 3.3.0"
COMPRV=${OBJ}/comkey
COMPUB=${COMPRV}.pub
diff --git a/regress/ssh-com-sftp.sh b/regress/ssh-com-sftp.sh
index 231efa1..f08018b 100644
--- a/regress/ssh-com-sftp.sh
+++ b/regress/ssh-com-sftp.sh
@@ -1,4 +1,4 @@
-# $OpenBSD: ssh-com-sftp.sh,v 1.2 2002/04/10 08:45:30 markus Exp $
+# $OpenBSD: ssh-com-sftp.sh,v 1.3 2002/07/16 08:58:16 markus Exp $
# Placed in the Public Domain.
tid="basic sftp put/get with ssh.com server"
@@ -24,7 +24,9 @@
2.3.1
2.4.0
3.0.0
- 3.1.0"
+ 3.1.0
+ 3.2.0
+ 3.3.0"
# go for it
for v in ${VERSIONS}; do
diff --git a/regress/ssh-com.sh b/regress/ssh-com.sh
index 6a199fa..c2bd153 100644
--- a/regress/ssh-com.sh
+++ b/regress/ssh-com.sh
@@ -1,4 +1,4 @@
-# $OpenBSD: ssh-com.sh,v 1.3 2002/03/15 13:08:56 markus Exp $
+# $OpenBSD: ssh-com.sh,v 1.4 2002/07/16 08:58:16 markus Exp $
# Placed in the Public Domain.
tid="connect to ssh.com server"
@@ -14,17 +14,19 @@
2.1.0
2.2.0
2.3.0
- 2.3.1
2.4.0
3.0.0
- 3.1.0"
+ 3.1.0
+ 3.2.0
+ 3.3.0"
# 2.0.10 does not support UserConfigDirectory
+# 2.3.1 requires a config in $HOME/.ssh2
SRC=`dirname ${SCRIPT}`
# ssh.com
cat << EOF > $OBJ/sshd2_config
-*:
+#*:
# Port and ListenAdress are not used.
QuietMode yes
Port 4343