Blame - regress/agent.sh - platform/external/openssh

blob: 7111056c9be4514c719ff919deaa3a3db60d2f88 [file] [log] [blame]

djm@openbsd.org	c5a6cbd	2017-12-19 00:49:30 +0000	[diff] [blame]	1	# $OpenBSD: agent.sh,v 1.13 2017/12/19 00:49:30 djm Exp $
Damien Miller	38cd435	2002-05-01 13:17:33 +1000	[diff] [blame]	2	# Placed in the Public Domain.
				3
				4	tid="simple agent test"
				5
Damien Miller	d666d8e	2008-03-12 23:58:55 +1100	[diff] [blame]	6	SSH_AUTH_SOCK=/nonexistent ${SSHADD} -l > /dev/null 2>&1
Damien Miller	38cd435	2002-05-01 13:17:33 +1000	[diff] [blame]	7	if [ $? -ne 2 ]; then
				8	fail "ssh-add -l did not fail with exit code 2"
				9	fi
				10
				11	trace "start agent"
				12	eval `${SSHAGENT} -s` > /dev/null
				13	r=$?
				14	if [ $r -ne 0 ]; then
djm@openbsd.org	c5a6cbd	2017-12-19 00:49:30 +0000	[diff] [blame]	15	fatal "could not start ssh-agent: exit code $r"
				16	fi
Damien Miller	38cd435	2002-05-01 13:17:33 +1000	[diff] [blame]	17
djm@openbsd.org	c5a6cbd	2017-12-19 00:49:30 +0000	[diff] [blame]	18	${SSHADD} -l > /dev/null 2>&1
				19	if [ $? -ne 1 ]; then
				20	fail "ssh-add -l did not fail with exit code 1"
				21	fi
				22
				23	rm -f $OBJ/user_ca_key $OBJ/user_ca_key.pub
				24	${SSHKEYGEN} -q -N '' -t ed25519 -f $OBJ/user_ca_key \
				25	\|\| fatal "ssh-keygen failed"
				26
				27	trace "overwrite authorized keys"
				28	printf '' > $OBJ/authorized_keys_$USER
				29
				30	for t in ${SSH_KEYTYPES}; do
				31	# generate user key for agent
				32	rm -f $OBJ/$t-agent $OBJ/$t-agent.pub*
				33	${SSHKEYGEN} -q -N '' -t $t -f $OBJ/$t-agent \|\|\
				34	fatal "ssh-keygen for $t-agent failed"
				35	# Make a certificate for each too.
				36	${SSHKEYGEN} -qs $OBJ/user_ca_key -I "$t cert" \
				37	-n estragon $OBJ/$t-agent.pub \|\| fatal "ca sign failed"
				38
				39	# add to authorized keys
				40	cat $OBJ/$t-agent.pub >> $OBJ/authorized_keys_$USER
				41	# add privat key to agent
				42	${SSHADD} $OBJ/$t-agent > /dev/null 2>&1
				43	if [ $? -ne 0 ]; then
				44	fail "ssh-add did succeed exit code 0"
				45	fi
				46	# Remove private key to ensure that we aren't accidentally using it.
				47	rm -f $OBJ/$t-agent
				48	done
				49
				50	# Remove explicit identity directives from ssh_proxy
				51	mv $OBJ/ssh_proxy $OBJ/ssh_proxy_bak
				52	grep -vi identityfile $OBJ/ssh_proxy_bak > $OBJ/ssh_proxy
				53
				54	${SSHADD} -l > /dev/null 2>&1
				55	r=$?
				56	if [ $r -ne 0 ]; then
				57	fail "ssh-add -l failed: exit code $r"
				58	fi
				59	# the same for full pubkey output
				60	${SSHADD} -L > /dev/null 2>&1
				61	r=$?
				62	if [ $r -ne 0 ]; then
				63	fail "ssh-add -L failed: exit code $r"
				64	fi
				65
				66	trace "simple connect via agent"
				67	${SSH} -F $OBJ/ssh_proxy somehost exit 52
				68	r=$?
				69	if [ $r -ne 52 ]; then
				70	fail "ssh connect with failed (exit code $r)"
				71	fi
				72
				73	for t in ${SSH_KEYTYPES}; do
				74	trace "connect via agent using $t key"
				75	${SSH} -F $OBJ/ssh_proxy -i $OBJ/$t-agent.pub -oIdentitiesOnly=yes \
				76	somehost exit 52
djm@openbsd.org	dd36932	2017-04-30 23:34:55 +0000	[diff] [blame]	77	r=$?
				78	if [ $r -ne 52 ]; then
				79	fail "ssh connect with failed (exit code $r)"
				80	fi
djm@openbsd.org	c5a6cbd	2017-12-19 00:49:30 +0000	[diff] [blame]	81	done
Damien Miller	38cd435	2002-05-01 13:17:33 +1000	[diff] [blame]	82
djm@openbsd.org	c5a6cbd	2017-12-19 00:49:30 +0000	[diff] [blame]	83	trace "agent forwarding"
				84	${SSH} -A -F $OBJ/ssh_proxy somehost ${SSHADD} -l > /dev/null 2>&1
				85	r=$?
				86	if [ $r -ne 0 ]; then
				87	fail "ssh-add -l via agent fwd failed (exit code $r)"
				88	fi
				89	${SSH} -A -F $OBJ/ssh_proxy somehost \
				90	"${SSH} -F $OBJ/ssh_proxy somehost exit 52"
				91	r=$?
				92	if [ $r -ne 52 ]; then
				93	fail "agent fwd failed (exit code $r)"
				94	fi
				95
				96	(printf 'cert-authority,principals="estragon" '; cat $OBJ/user_ca_key.pub) \
				97	> $OBJ/authorized_keys_$USER
				98	for t in ${SSH_KEYTYPES}; do
				99	trace "connect via agent using $t key"
				100	${SSH} -F $OBJ/ssh_proxy -i $OBJ/$t-agent.pub \
				101	-oCertificateFile=$OBJ/$t-agent-cert.pub \
				102	-oIdentitiesOnly=yes somehost exit 52
djm@openbsd.org	dd36932	2017-04-30 23:34:55 +0000	[diff] [blame]	103	r=$?
				104	if [ $r -ne 52 ]; then
djm@openbsd.org	c5a6cbd	2017-12-19 00:49:30 +0000	[diff] [blame]	105	fail "ssh connect with failed (exit code $r)"
djm@openbsd.org	dd36932	2017-04-30 23:34:55 +0000	[diff] [blame]	106	fi
djm@openbsd.org	c5a6cbd	2017-12-19 00:49:30 +0000	[diff] [blame]	107	done
Damien Miller	38cd435	2002-05-01 13:17:33 +1000	[diff] [blame]	108
djm@openbsd.org	c5a6cbd	2017-12-19 00:49:30 +0000	[diff] [blame]	109	trace "delete all agent keys"
				110	${SSHADD} -D > /dev/null 2>&1
				111	r=$?
				112	if [ $r -ne 0 ]; then
				113	fail "ssh-add -D failed: exit code $r"
Damien Miller	38cd435	2002-05-01 13:17:33 +1000	[diff] [blame]	114	fi
djm@openbsd.org	c5a6cbd	2017-12-19 00:49:30 +0000	[diff] [blame]	115
				116	trace "kill agent"
				117	${SSHAGENT} -k > /dev/null