summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--ChangeLog5
-rw-r--r--regress/Makefile5
-rw-r--r--regress/reexec.sh87
-rw-r--r--regress/test-exec.sh26
4 files changed, 119 insertions, 4 deletions
diff --git a/ChangeLog b/ChangeLog
index 2e5b94c41..ce4c6b3fa 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -8,6 +8,9 @@
8 only perform tcp wrappers checks when the incoming connection is on a 8 only perform tcp wrappers checks when the incoming connection is on a
9 socket. silences useless warnings from regress tests that use 9 socket. silences useless warnings from regress tests that use
10 proxycommand="sshd -i". prompted by david@ ok markus@ 10 proxycommand="sshd -i". prompted by david@ ok markus@
11 - djm@cvs.openbsd.org 2004/06/24 19:32:00
12 [regress/Makefile regress/test-exec.sh, added regress/reexec.sh]
13 regress test for re-exec corner cases
11 14
1220040623 1520040623
13 - (dtucker) [auth1.c] Ensure do_pam_account is called for Protocol 1 16 - (dtucker) [auth1.c] Ensure do_pam_account is called for Protocol 1
@@ -1410,4 +1413,4 @@
1410 - (djm) Trim deprecated options from INSTALL. Mention UsePAM 1413 - (djm) Trim deprecated options from INSTALL. Mention UsePAM
1411 - (djm) Fix quote handling in sftp; Patch from admorten AT umich.edu 1414 - (djm) Fix quote handling in sftp; Patch from admorten AT umich.edu
1412 1415
1413$Id: ChangeLog,v 1.3445 2004/06/25 03:34:31 dtucker Exp $ 1416$Id: ChangeLog,v 1.3446 2004/06/25 03:45:18 dtucker Exp $
diff --git a/regress/Makefile b/regress/Makefile
index 64674521b..9e98e5880 100644
--- a/regress/Makefile
+++ b/regress/Makefile
@@ -1,4 +1,4 @@
1# $OpenBSD: Makefile,v 1.30 2004/06/13 15:04:08 djm Exp $ 1# $OpenBSD: Makefile,v 1.31 2004/06/24 19:32:00 djm Exp $
2 2
3REGRESS_TARGETS= t1 t2 t3 t4 t5 t6 t7 t-exec 3REGRESS_TARGETS= t1 t2 t3 t4 t5 t6 t7 t-exec
4tests: $(REGRESS_TARGETS) 4tests: $(REGRESS_TARGETS)
@@ -37,7 +37,8 @@ LTESTS= connect \
37 reconfigure \ 37 reconfigure \
38 dynamic-forward \ 38 dynamic-forward \
39 forwarding \ 39 forwarding \
40 multiplex 40 multiplex \
41 reexec
41 42
42USER!= id -un 43USER!= id -un
43CLEANFILES= t2.out t6.out1 t6.out2 t7.out t7.out.pub copy.1 copy.2 \ 44CLEANFILES= t2.out t6.out1 t6.out2 t7.out t7.out.pub copy.1 copy.2 \
diff --git a/regress/reexec.sh b/regress/reexec.sh
new file mode 100644
index 000000000..39fffefbc
--- /dev/null
+++ b/regress/reexec.sh
@@ -0,0 +1,87 @@
1# $OpenBSD: reexec.sh,v 1.3 2004/06/25 01:32:44 djm Exp $
2# Placed in the Public Domain.
3
4tid="reexec tests"
5
6DATA=/bin/ls
7COPY=${OBJ}/copy
8SSHD_ORIG=$SSHD
9SSHD_COPY=$OBJ/sshd.copy
10
11# Start a sshd and then delete it
12start_sshd_copy_zap ()
13{
14 cp $SSHD_ORIG $SSHD_COPY
15 SSHD=$SSHD_COPY
16 start_sshd
17 rm -f $SSHD_COPY
18 SSHD=$SSHD_ORIG
19}
20
21verbose "test config passing"
22cp $OBJ/sshd_config $OBJ/sshd_config.orig
23
24start_sshd
25
26echo "InvalidXXX=no" >> $OBJ/sshd_config
27
28rm -f ${COPY}
29for p in 1 2; do
30 verbose "$tid: proto $p"
31 ${SSH} -nqo "Protocol=$p" -F $OBJ/ssh_config somehost \
32 cat ${DATA} > ${COPY}
33 if [ $? -ne 0 ]; then
34 fail "ssh cat $DATA failed"
35 fi
36 cmp ${DATA} ${COPY} || fail "corrupted copy"
37 rm -f ${COPY}
38done
39
40$SUDO kill `cat $PIDFILE`
41rm -f $PIDFILE
42
43cp $OBJ/sshd_config.orig $OBJ/sshd_config
44
45verbose "test reexec fallback"
46
47start_sshd_copy_zap
48
49rm -f ${COPY}
50for p in 1 2; do
51 verbose "$tid: proto $p"
52 ${SSH} -nqo "Protocol=$p" -F $OBJ/ssh_config somehost \
53 cat ${DATA} > ${COPY}
54 if [ $? -ne 0 ]; then
55 fail "ssh cat $DATA failed"
56 fi
57 cmp ${DATA} ${COPY} || fail "corrupted copy"
58 rm -f ${COPY}
59done
60
61$SUDO kill `cat $PIDFILE`
62rm -f $PIDFILE
63
64verbose "test reexec fallback without privsep"
65
66cp $OBJ/sshd_config.orig $OBJ/sshd_config
67echo "UsePrivilegeSeparation=no" >> $OBJ/sshd_config
68
69start_sshd_copy_zap
70
71rm -f ${COPY}
72for p in 1 2; do
73 verbose "$tid: proto $p"
74 ${SSH} -nqo "Protocol=$p" -F $OBJ/ssh_config somehost \
75 cat ${DATA} > ${COPY}
76 if [ $? -ne 0 ]; then
77 fail "ssh cat $DATA failed"
78 fi
79 cmp ${DATA} ${COPY} || fail "corrupted copy"
80 rm -f ${COPY}
81done
82
83$SUDO kill `cat $PIDFILE`
84rm -f $PIDFILE
85
86cp $OBJ/sshd_config.orig $OBJ/sshd_config
87
diff --git a/regress/test-exec.sh b/regress/test-exec.sh
index b0ac64e9e..e626dd78a 100644
--- a/regress/test-exec.sh
+++ b/regress/test-exec.sh
@@ -1,4 +1,4 @@
1# $OpenBSD: test-exec.sh,v 1.20 2004/06/22 22:45:52 dtucker Exp $ 1# $OpenBSD: test-exec.sh,v 1.22 2004/06/24 19:32:00 djm Exp $
2# Placed in the Public Domain. 2# Placed in the Public Domain.
3 3
4#SUDO=sudo 4#SUDO=sudo
@@ -82,6 +82,9 @@ if [ "x$TEST_SSH_SCP" != "x" ]; then
82 SCP="${TEST_SSH_SCP}" 82 SCP="${TEST_SSH_SCP}"
83fi 83fi
84 84
85# Path to sshd must be absolute for rexec
86SSHD=`which sshd`
87
85# these should be used in tests 88# these should be used in tests
86export SSH SSHD SSHAGENT SSHADD SSHKEYGEN SSHKEYSCAN SFTP SFTPSERVER SCP 89export SSH SSHD SSHAGENT SSHADD SSHKEYGEN SSHKEYSCAN SFTP SFTPSERVER SCP
87#echo $SSH $SSHD $SSHAGENT $SSHADD $SSHKEYGEN $SSHKEYSCAN $SFTP $SFTPSERVER $SCP 90#echo $SSH $SSHD $SSHAGENT $SSHADD $SSHKEYGEN $SSHKEYSCAN $SFTP $SFTPSERVER $SCP
@@ -265,6 +268,27 @@ start_sshd ()
265 test -f $PIDFILE || fatal "no sshd running on port $PORT" 268 test -f $PIDFILE || fatal "no sshd running on port $PORT"
266} 269}
267 270
271# Start a sshd and then delete it
272start_sshd_copy_zap ()
273{
274 cp ${SSHD} $OBJ/sshd.copy
275 SSHD_CPY=`which $OBJ/sshd.copy`
276
277 # start sshd
278 $SUDO $SSHD_CPY -f $OBJ/sshd_config -t || fatal "sshd_config broken"
279 $SUDO $SSHD_CPY -f $OBJ/sshd_config
280
281 trace "wait for sshd"
282 i=0;
283 while [ ! -f $PIDFILE -a $i -lt 5 ]; do
284 i=`expr $i + 1`
285 sleep $i
286 done
287
288 test -f $PIDFILE || fatal "no sshd running on port $PORT"
289 rm -f $OBJ/sshd.copy
290}
291
268# source test body 292# source test body
269. $SCRIPT 293. $SCRIPT
270 294