diff options
-rw-r--r-- | ChangeLog | 5 | ||||
-rw-r--r-- | regress/Makefile | 5 | ||||
-rw-r--r-- | regress/reexec.sh | 87 | ||||
-rw-r--r-- | regress/test-exec.sh | 26 |
4 files changed, 119 insertions, 4 deletions
@@ -8,6 +8,9 @@ | |||
8 | only perform tcp wrappers checks when the incoming connection is on a | 8 | only perform tcp wrappers checks when the incoming connection is on a |
9 | socket. silences useless warnings from regress tests that use | 9 | socket. silences useless warnings from regress tests that use |
10 | proxycommand="sshd -i". prompted by david@ ok markus@ | 10 | proxycommand="sshd -i". prompted by david@ ok markus@ |
11 | - djm@cvs.openbsd.org 2004/06/24 19:32:00 | ||
12 | [regress/Makefile regress/test-exec.sh, added regress/reexec.sh] | ||
13 | regress test for re-exec corner cases | ||
11 | 14 | ||
12 | 20040623 | 15 | 20040623 |
13 | - (dtucker) [auth1.c] Ensure do_pam_account is called for Protocol 1 | 16 | - (dtucker) [auth1.c] Ensure do_pam_account is called for Protocol 1 |
@@ -1410,4 +1413,4 @@ | |||
1410 | - (djm) Trim deprecated options from INSTALL. Mention UsePAM | 1413 | - (djm) Trim deprecated options from INSTALL. Mention UsePAM |
1411 | - (djm) Fix quote handling in sftp; Patch from admorten AT umich.edu | 1414 | - (djm) Fix quote handling in sftp; Patch from admorten AT umich.edu |
1412 | 1415 | ||
1413 | $Id: ChangeLog,v 1.3445 2004/06/25 03:34:31 dtucker Exp $ | 1416 | $Id: ChangeLog,v 1.3446 2004/06/25 03:45:18 dtucker Exp $ |
diff --git a/regress/Makefile b/regress/Makefile index 64674521b..9e98e5880 100644 --- a/regress/Makefile +++ b/regress/Makefile | |||
@@ -1,4 +1,4 @@ | |||
1 | # $OpenBSD: Makefile,v 1.30 2004/06/13 15:04:08 djm Exp $ | 1 | # $OpenBSD: Makefile,v 1.31 2004/06/24 19:32:00 djm Exp $ |
2 | 2 | ||
3 | REGRESS_TARGETS= t1 t2 t3 t4 t5 t6 t7 t-exec | 3 | REGRESS_TARGETS= t1 t2 t3 t4 t5 t6 t7 t-exec |
4 | tests: $(REGRESS_TARGETS) | 4 | tests: $(REGRESS_TARGETS) |
@@ -37,7 +37,8 @@ LTESTS= connect \ | |||
37 | reconfigure \ | 37 | reconfigure \ |
38 | dynamic-forward \ | 38 | dynamic-forward \ |
39 | forwarding \ | 39 | forwarding \ |
40 | multiplex | 40 | multiplex \ |
41 | reexec | ||
41 | 42 | ||
42 | USER!= id -un | 43 | USER!= id -un |
43 | CLEANFILES= t2.out t6.out1 t6.out2 t7.out t7.out.pub copy.1 copy.2 \ | 44 | CLEANFILES= t2.out t6.out1 t6.out2 t7.out t7.out.pub copy.1 copy.2 \ |
diff --git a/regress/reexec.sh b/regress/reexec.sh new file mode 100644 index 000000000..39fffefbc --- /dev/null +++ b/regress/reexec.sh | |||
@@ -0,0 +1,87 @@ | |||
1 | # $OpenBSD: reexec.sh,v 1.3 2004/06/25 01:32:44 djm Exp $ | ||
2 | # Placed in the Public Domain. | ||
3 | |||
4 | tid="reexec tests" | ||
5 | |||
6 | DATA=/bin/ls | ||
7 | COPY=${OBJ}/copy | ||
8 | SSHD_ORIG=$SSHD | ||
9 | SSHD_COPY=$OBJ/sshd.copy | ||
10 | |||
11 | # Start a sshd and then delete it | ||
12 | start_sshd_copy_zap () | ||
13 | { | ||
14 | cp $SSHD_ORIG $SSHD_COPY | ||
15 | SSHD=$SSHD_COPY | ||
16 | start_sshd | ||
17 | rm -f $SSHD_COPY | ||
18 | SSHD=$SSHD_ORIG | ||
19 | } | ||
20 | |||
21 | verbose "test config passing" | ||
22 | cp $OBJ/sshd_config $OBJ/sshd_config.orig | ||
23 | |||
24 | start_sshd | ||
25 | |||
26 | echo "InvalidXXX=no" >> $OBJ/sshd_config | ||
27 | |||
28 | rm -f ${COPY} | ||
29 | for p in 1 2; do | ||
30 | verbose "$tid: proto $p" | ||
31 | ${SSH} -nqo "Protocol=$p" -F $OBJ/ssh_config somehost \ | ||
32 | cat ${DATA} > ${COPY} | ||
33 | if [ $? -ne 0 ]; then | ||
34 | fail "ssh cat $DATA failed" | ||
35 | fi | ||
36 | cmp ${DATA} ${COPY} || fail "corrupted copy" | ||
37 | rm -f ${COPY} | ||
38 | done | ||
39 | |||
40 | $SUDO kill `cat $PIDFILE` | ||
41 | rm -f $PIDFILE | ||
42 | |||
43 | cp $OBJ/sshd_config.orig $OBJ/sshd_config | ||
44 | |||
45 | verbose "test reexec fallback" | ||
46 | |||
47 | start_sshd_copy_zap | ||
48 | |||
49 | rm -f ${COPY} | ||
50 | for p in 1 2; do | ||
51 | verbose "$tid: proto $p" | ||
52 | ${SSH} -nqo "Protocol=$p" -F $OBJ/ssh_config somehost \ | ||
53 | cat ${DATA} > ${COPY} | ||
54 | if [ $? -ne 0 ]; then | ||
55 | fail "ssh cat $DATA failed" | ||
56 | fi | ||
57 | cmp ${DATA} ${COPY} || fail "corrupted copy" | ||
58 | rm -f ${COPY} | ||
59 | done | ||
60 | |||
61 | $SUDO kill `cat $PIDFILE` | ||
62 | rm -f $PIDFILE | ||
63 | |||
64 | verbose "test reexec fallback without privsep" | ||
65 | |||
66 | cp $OBJ/sshd_config.orig $OBJ/sshd_config | ||
67 | echo "UsePrivilegeSeparation=no" >> $OBJ/sshd_config | ||
68 | |||
69 | start_sshd_copy_zap | ||
70 | |||
71 | rm -f ${COPY} | ||
72 | for p in 1 2; do | ||
73 | verbose "$tid: proto $p" | ||
74 | ${SSH} -nqo "Protocol=$p" -F $OBJ/ssh_config somehost \ | ||
75 | cat ${DATA} > ${COPY} | ||
76 | if [ $? -ne 0 ]; then | ||
77 | fail "ssh cat $DATA failed" | ||
78 | fi | ||
79 | cmp ${DATA} ${COPY} || fail "corrupted copy" | ||
80 | rm -f ${COPY} | ||
81 | done | ||
82 | |||
83 | $SUDO kill `cat $PIDFILE` | ||
84 | rm -f $PIDFILE | ||
85 | |||
86 | cp $OBJ/sshd_config.orig $OBJ/sshd_config | ||
87 | |||
diff --git a/regress/test-exec.sh b/regress/test-exec.sh index b0ac64e9e..e626dd78a 100644 --- a/regress/test-exec.sh +++ b/regress/test-exec.sh | |||
@@ -1,4 +1,4 @@ | |||
1 | # $OpenBSD: test-exec.sh,v 1.20 2004/06/22 22:45:52 dtucker Exp $ | 1 | # $OpenBSD: test-exec.sh,v 1.22 2004/06/24 19:32:00 djm Exp $ |
2 | # Placed in the Public Domain. | 2 | # Placed in the Public Domain. |
3 | 3 | ||
4 | #SUDO=sudo | 4 | #SUDO=sudo |
@@ -82,6 +82,9 @@ if [ "x$TEST_SSH_SCP" != "x" ]; then | |||
82 | SCP="${TEST_SSH_SCP}" | 82 | SCP="${TEST_SSH_SCP}" |
83 | fi | 83 | fi |
84 | 84 | ||
85 | # Path to sshd must be absolute for rexec | ||
86 | SSHD=`which sshd` | ||
87 | |||
85 | # these should be used in tests | 88 | # these should be used in tests |
86 | export SSH SSHD SSHAGENT SSHADD SSHKEYGEN SSHKEYSCAN SFTP SFTPSERVER SCP | 89 | export SSH SSHD SSHAGENT SSHADD SSHKEYGEN SSHKEYSCAN SFTP SFTPSERVER SCP |
87 | #echo $SSH $SSHD $SSHAGENT $SSHADD $SSHKEYGEN $SSHKEYSCAN $SFTP $SFTPSERVER $SCP | 90 | #echo $SSH $SSHD $SSHAGENT $SSHADD $SSHKEYGEN $SSHKEYSCAN $SFTP $SFTPSERVER $SCP |
@@ -265,6 +268,27 @@ start_sshd () | |||
265 | test -f $PIDFILE || fatal "no sshd running on port $PORT" | 268 | test -f $PIDFILE || fatal "no sshd running on port $PORT" |
266 | } | 269 | } |
267 | 270 | ||
271 | # Start a sshd and then delete it | ||
272 | start_sshd_copy_zap () | ||
273 | { | ||
274 | cp ${SSHD} $OBJ/sshd.copy | ||
275 | SSHD_CPY=`which $OBJ/sshd.copy` | ||
276 | |||
277 | # start sshd | ||
278 | $SUDO $SSHD_CPY -f $OBJ/sshd_config -t || fatal "sshd_config broken" | ||
279 | $SUDO $SSHD_CPY -f $OBJ/sshd_config | ||
280 | |||
281 | trace "wait for sshd" | ||
282 | i=0; | ||
283 | while [ ! -f $PIDFILE -a $i -lt 5 ]; do | ||
284 | i=`expr $i + 1` | ||
285 | sleep $i | ||
286 | done | ||
287 | |||
288 | test -f $PIDFILE || fatal "no sshd running on port $PORT" | ||
289 | rm -f $OBJ/sshd.copy | ||
290 | } | ||
291 | |||
268 | # source test body | 292 | # source test body |
269 | . $SCRIPT | 293 | . $SCRIPT |
270 | 294 | ||