blob: a7a8ddbe606f0bc24f45792433829abc7e523eca [file] [log] [blame]
Damien Miller38cd4352002-05-01 13:17:33 +10001# $OpenBSD: test-exec.sh,v 1.14 2002/04/15 15:19:48 markus Exp $
2# Placed in the Public Domain.
3
4PORT=4242
5USER=`id -un`
6SUDO=
7#SUDO=sudo
8
9OBJ=$1
10if [ "x$OBJ" = "x" ]; then
11 echo '$OBJ not defined'
12 exit 2
13fi
14if [ ! -d $OBJ ]; then
15 echo "not a directory: $OBJ"
16 exit 2
17fi
18SCRIPT=$2
19if [ "x$SCRIPT" = "x" ]; then
20 echo '$SCRIPT not defined'
21 exit 2
22fi
23if [ ! -f $SCRIPT ]; then
24 echo "not a file: $SCRIPT"
25 exit 2
26fi
27if sh -n $SCRIPT; then
28 true
29else
30 echo "syntax error in $SCRIPT"
31 exit 2
32fi
33unset SSH_AUTH_SOCK
34
35# defaults
36SSH=ssh
37SSHD=sshd
38SSHAGENT=ssh-agent
39SSHADD=ssh-add
40SSHKEYGEN=ssh-keygen
41SSHKEYSCAN=ssh-keyscan
42SFTP=sftp
43SFTPSERVER=/usr/libexec/openssh/sftp-server
44
45if [ "x$TEST_SSH_SSH" != "x" ]; then
46 SSH=${TEST_SSH_SSH}
47fi
48if [ "x$TEST_SSH_SSHD" != "x" ]; then
49 SSHD=${TEST_SSH_SSHD}
50fi
51if [ "x$TEST_SSH_SSHAGENT" != "x" ]; then
52 SSHAGENT=${TEST_SSH_SSHAGENT}
53fi
54if [ "x$TEST_SSH_SSHADD" != "x" ]; then
55 SSHADD=${TEST_SSH_SSHADD}
56fi
57if [ "x$TEST_SSH_SSHKEYGEN" != "x" ]; then
58 SSHKEYGEN=${TEST_SSH_SSHKEYGEN}
59fi
60if [ "x$TEST_SSH_SSHKEYSCAN" != "x" ]; then
61 SSHKEYSCAN=${TEST_SSH_SSHKEYSCAN}
62fi
63if [ "x$TEST_SSH_SFTP" != "x" ]; then
64 SFTP=${TEST_SSH_SFTP}
65fi
66if [ "x$TEST_SSH_SFTPSERVER" != "x" ]; then
67 SFTPSERVER=${TEST_SSH_SFTPSERVER}
68fi
69
70# these should be used in tests
71export SSH SSHD SSHAGENT SSHADD SSHKEYGEN SSHKEYSCAN SFTP SFTPSERVER
72#echo $SSH $SSHD $SSHAGENT $SSHADD $SSHKEYGEN $SSHKEYSCAN $SFTP $SFTPSERVER
73
74# helper
75cleanup ()
76{
77 if [ -f $PIDFILE ]; then
78 pid=`cat $PIDFILE`
79 if [ "X$pid" = "X" ]; then
80 echo no sshd running
81 else
82 if [ $pid -lt 2 ]; then
83 echo bad pid for ssd: $pid
84 else
85 $SUDO kill $pid
86 fi
87 fi
88 fi
89}
90
91trace ()
92{
93 if [ "X$TEST_SSH_TRACE" = "Xyes" ]; then
94 echo "$@"
95 fi
96}
97
98verbose ()
99{
100 if [ "X$TEST_SSH_QUIET" != "Xyes" ]; then
101 echo "$@"
102 fi
103}
104
105
106fail ()
107{
108 RESULT=1
109 echo "$@"
110}
111
112fatal ()
113{
114 echo -n "FATAL: "
115 fail "$@"
116 cleanup
117 exit $RESULT
118}
119
120RESULT=0
121PIDFILE=$OBJ/pidfile
122
123trap fatal 3 2
124
125# create server config
126cat << EOF > $OBJ/sshd_config
127 Port $PORT
128 ListenAddress 127.0.0.1
129 #ListenAddress ::1
130 PidFile $PIDFILE
131 AuthorizedKeysFile $OBJ/authorized_keys_%u
132 LogLevel QUIET
133EOF
134
135# server config for proxy connects
136cp $OBJ/sshd_config $OBJ/sshd_proxy
137
138# allow group-writable directories in proxy-mode
139echo 'StrictModes no' >> $OBJ/sshd_proxy
140
141# create client config
142cat << EOF > $OBJ/ssh_config
143Host *
144 Hostname 127.0.0.1
145 HostKeyAlias localhost-with-alias
146 Port $PORT
147 User $USER
148 GlobalKnownHostsFile $OBJ/known_hosts
149 UserKnownHostsFile $OBJ/known_hosts
150 RSAAuthentication yes
151 PubkeyAuthentication yes
152 ChallengeResponseAuthentication no
153 HostbasedAuthentication no
154 PasswordAuthentication no
155 RhostsAuthentication no
156 RhostsRSAAuthentication no
157 BatchMode yes
158 StrictHostKeyChecking yes
159EOF
160
161rm -f $OBJ/known_hosts $OBJ/authorized_keys_$USER
162
163trace "generate keys"
164for t in rsa rsa1; do
165 # generate user key
166 rm -f $OBJ/$t
167 ${SSHKEYGEN} -q -N '' -t $t -f $OBJ/$t ||\
168 fail "ssh-keygen for $t failed"
169
170 # known hosts file for client
171 (
172 echo -n 'localhost-with-alias,127.0.0.1,::1 '
173 cat $OBJ/$t.pub
174 ) >> $OBJ/known_hosts
175
176 # setup authorized keys
177 cat $OBJ/$t.pub >> $OBJ/authorized_keys_$USER
178 echo IdentityFile $OBJ/$t >> $OBJ/ssh_config
179
180 # use key as host key, too
181 $SUDO cp $OBJ/$t $OBJ/host.$t
182 echo HostKey $OBJ/host.$t >> $OBJ/sshd_config
183
184 # don't use SUDO for proxy connect
185 echo HostKey $OBJ/$t >> $OBJ/sshd_proxy
186done
187chmod 644 $OBJ/authorized_keys_$USER
188
189# create a proxy version of the client config
190(
191 cat $OBJ/ssh_config
192 echo proxycommand ${SSHD} -i -f $OBJ/sshd_proxy
193) > $OBJ/ssh_proxy
194
195# check proxy config
196${SSHD} -t -f $OBJ/sshd_proxy || fatal "sshd_proxy broken"
197
198start_sshd ()
199{
200 # start sshd
201 $SUDO ${SSHD} -f $OBJ/sshd_config -t || fatal "sshd_config broken"
202 $SUDO ${SSHD} -f $OBJ/sshd_config
203
204 trace "wait for sshd"
205 i=0;
206 while [ ! -f $PIDFILE -a $i -lt 5 ]; do
207 i=`expr $i + 1`
208 sleep $i
209 done
210
211 test -f $PIDFILE || fatal "no sshd running on port $PORT"
212}
213
214# source test body
215. $SCRIPT
216
217# kill sshd
218cleanup
219if [ $RESULT -eq 0 ]; then
220 verbose ok $tid
221else
222 echo failed $tid
223fi
224exit $RESULT