diff options
-rw-r--r-- | ChangeLog | 6 | ||||
-rw-r--r-- | regress/Makefile | 4 | ||||
-rw-r--r-- | regress/sftp-perm.sh | 269 |
3 files changed, 278 insertions, 1 deletions
@@ -1,3 +1,9 @@ | |||
1 | 20131018 | ||
2 | - (djm) OpenBSD CVS Sync | ||
3 | - djm@cvs.openbsd.org 2013/10/09 23:44:14 | ||
4 | [regress/Makefile regress/sftp-perm.sh] | ||
5 | regression test for sftp request white/blacklisting and readonly mode. | ||
6 | |||
1 | 20131017 | 7 | 20131017 |
2 | - (djm) OpenBSD CVS Sync | 8 | - (djm) OpenBSD CVS Sync |
3 | - jmc@cvs.openbsd.org 2013/10/15 14:10:25 | 9 | - jmc@cvs.openbsd.org 2013/10/15 14:10:25 |
diff --git a/regress/Makefile b/regress/Makefile index ab2a6ae7b..4c64b576f 100644 --- a/regress/Makefile +++ b/regress/Makefile | |||
@@ -44,6 +44,7 @@ LTESTS= connect \ | |||
44 | sftp-badcmds \ | 44 | sftp-badcmds \ |
45 | sftp-batch \ | 45 | sftp-batch \ |
46 | sftp-glob \ | 46 | sftp-glob \ |
47 | sftp-perm \ | ||
47 | reconfigure \ | 48 | reconfigure \ |
48 | dynamic-forward \ | 49 | dynamic-forward \ |
49 | forwarding \ | 50 | forwarding \ |
@@ -86,7 +87,8 @@ CLEANFILES= t2.out t3.out t6.out1 t6.out2 t7.out t7.out.pub copy.1 copy.2 \ | |||
86 | authorized_principals_${USER} expect actual ready \ | 87 | authorized_principals_${USER} expect actual ready \ |
87 | sshd_proxy.* authorized_keys_${USER}.* modpipe revoked-* krl-* \ | 88 | sshd_proxy.* authorized_keys_${USER}.* modpipe revoked-* krl-* \ |
88 | ssh.log failed-ssh.log sshd.log failed-sshd.log \ | 89 | ssh.log failed-ssh.log sshd.log failed-sshd.log \ |
89 | regress.log failed-regress.log ssh-log-wrapper.sh | 90 | regress.log failed-regress.log ssh-log-wrapper.sh \ |
91 | sftp-server.sh sftp-server.log sftp.log | ||
90 | 92 | ||
91 | SUDO_CLEAN+= /var/run/testdata_${USER} /var/run/keycommand_${USER} | 93 | SUDO_CLEAN+= /var/run/testdata_${USER} /var/run/keycommand_${USER} |
92 | 94 | ||
diff --git a/regress/sftp-perm.sh b/regress/sftp-perm.sh new file mode 100644 index 000000000..3448740bc --- /dev/null +++ b/regress/sftp-perm.sh | |||
@@ -0,0 +1,269 @@ | |||
1 | # $OpenBSD: sftp-perm.sh,v 1.2 2013/10/17 22:00:18 djm Exp $ | ||
2 | # Placed in the Public Domain. | ||
3 | |||
4 | tid="sftp permissions" | ||
5 | |||
6 | SERVER_LOG=${OBJ}/sftp-server.log | ||
7 | CLIENT_LOG=${OBJ}/sftp.log | ||
8 | TEST_SFTP_SERVER=${OBJ}/sftp-server.sh | ||
9 | |||
10 | prepare_server() { | ||
11 | printf "#!/bin/sh\nexec $SFTPSERVER -el debug3 $* 2>$SERVER_LOG\n" \ | ||
12 | > $TEST_SFTP_SERVER | ||
13 | chmod a+x $TEST_SFTP_SERVER | ||
14 | } | ||
15 | |||
16 | run_client() { | ||
17 | echo "$@" | ${SFTP} -D ${TEST_SFTP_SERVER} -vvvb - >$CLIENT_LOG 2>&1 | ||
18 | } | ||
19 | |||
20 | prepare_files() { | ||
21 | _prep="$1" | ||
22 | rm -f ${COPY} ${COPY}.1 | ||
23 | test -d ${COPY}.dd && { rmdir ${COPY}.dd || fatal "rmdir ${COPY}.dd"; } | ||
24 | test -z "$_prep" && return | ||
25 | sh -c "$_prep" || fail "preparation failed: \"$_prep\"" | ||
26 | } | ||
27 | |||
28 | postcondition() { | ||
29 | _title="$1" | ||
30 | _check="$2" | ||
31 | test -z "$_check" && return | ||
32 | sh -c "$_check" || fail "postcondition check failed: $_title" | ||
33 | } | ||
34 | |||
35 | ro_test() { | ||
36 | _desc=$1 | ||
37 | _cmd="$2" | ||
38 | _prep="$3" | ||
39 | _expect_success_post="$4" | ||
40 | _expect_fail_post="$5" | ||
41 | verbose "$tid: read-only $_desc" | ||
42 | # Plain (no options, mostly to test that _cmd is good) | ||
43 | prepare_files "$_prep" | ||
44 | prepare_server | ||
45 | run_client "$_cmd" || fail "plain $_desc failed" | ||
46 | postcondition "$_desc no-readonly" "$_expect_success_post" | ||
47 | # Read-only enabled | ||
48 | prepare_files "$_prep" | ||
49 | prepare_server -R | ||
50 | run_client "$_cmd" && fail "read-only $_desc succeeded" | ||
51 | postcondition "$_desc readonly" "$_expect_fail_post" | ||
52 | } | ||
53 | |||
54 | perm_test() { | ||
55 | _op=$1 | ||
56 | _whitelist_ops=$2 | ||
57 | _cmd="$3" | ||
58 | _prep="$4" | ||
59 | _expect_success_post="$5" | ||
60 | _expect_fail_post="$6" | ||
61 | verbose "$tid: explicit $_op" | ||
62 | # Plain (no options, mostly to test that _cmd is good) | ||
63 | prepare_files "$_prep" | ||
64 | prepare_server | ||
65 | run_client "$_cmd" || fail "plain $_op failed" | ||
66 | postcondition "$_op no white/blacklists" "$_expect_success_post" | ||
67 | # Whitelist | ||
68 | prepare_files "$_prep" | ||
69 | prepare_server -p $_op,$_whitelist_ops | ||
70 | run_client "$_cmd" || fail "whitelisted $_op failed" | ||
71 | postcondition "$_op whitelisted" "$_expect_success_post" | ||
72 | # Blacklist | ||
73 | prepare_files "$_prep" | ||
74 | prepare_server -P $_op | ||
75 | run_client "$_cmd" && fail "blacklisted $_op succeeded" | ||
76 | postcondition "$_op blacklisted" "$_expect_fail_post" | ||
77 | # Whitelist with op missing. | ||
78 | prepare_files "$_prep" | ||
79 | prepare_server -p $_whitelist_ops | ||
80 | run_client "$_cmd" && fail "no whitelist $_op succeeded" | ||
81 | postcondition "$_op not in whitelist" "$_expect_fail_post" | ||
82 | } | ||
83 | |||
84 | ro_test \ | ||
85 | "upload" \ | ||
86 | "put $DATA $COPY" \ | ||
87 | "" \ | ||
88 | "cmp $DATA $COPY" \ | ||
89 | "test ! -f $COPY" | ||
90 | |||
91 | ro_test \ | ||
92 | "setstat" \ | ||
93 | "chmod 0700 $COPY" \ | ||
94 | "touch $COPY; chmod 0400 $COPY" \ | ||
95 | "test -x $COPY" \ | ||
96 | "test ! -x $COPY" | ||
97 | |||
98 | ro_test \ | ||
99 | "rm" \ | ||
100 | "rm $COPY" \ | ||
101 | "touch $COPY" \ | ||
102 | "test ! -f $COPY" \ | ||
103 | "test -f $COPY" | ||
104 | |||
105 | ro_test \ | ||
106 | "mkdir" \ | ||
107 | "mkdir ${COPY}.dd" \ | ||
108 | "" \ | ||
109 | "test -d ${COPY}.dd" \ | ||
110 | "test ! -d ${COPY}.dd" | ||
111 | |||
112 | ro_test \ | ||
113 | "rmdir" \ | ||
114 | "rmdir ${COPY}.dd" \ | ||
115 | "mkdir ${COPY}.dd" \ | ||
116 | "test ! -d ${COPY}.dd" \ | ||
117 | "test -d ${COPY}.dd" | ||
118 | |||
119 | ro_test \ | ||
120 | "posix-rename" \ | ||
121 | "rename $COPY ${COPY}.1" \ | ||
122 | "touch $COPY" \ | ||
123 | "test -f ${COPY}.1 -a ! -f $COPY" \ | ||
124 | "test -f $COPY -a ! -f ${COPY}.1" | ||
125 | |||
126 | ro_test \ | ||
127 | "oldrename" \ | ||
128 | "rename -l $COPY ${COPY}.1" \ | ||
129 | "touch $COPY" \ | ||
130 | "test -f ${COPY}.1 -a ! -f $COPY" \ | ||
131 | "test -f $COPY -a ! -f ${COPY}.1" | ||
132 | |||
133 | ro_test \ | ||
134 | "symlink" \ | ||
135 | "ln -s $COPY ${COPY}.1" \ | ||
136 | "touch $COPY" \ | ||
137 | "test -h ${COPY}.1" \ | ||
138 | "test ! -h ${COPY}.1" | ||
139 | |||
140 | ro_test \ | ||
141 | "hardlink" \ | ||
142 | "ln $COPY ${COPY}.1" \ | ||
143 | "touch $COPY" \ | ||
144 | "test -f ${COPY}.1" \ | ||
145 | "test ! -f ${COPY}.1" | ||
146 | |||
147 | # Test explicit permissions | ||
148 | |||
149 | perm_test \ | ||
150 | "open" \ | ||
151 | "realpath,stat,lstat,read,close" \ | ||
152 | "get $DATA $COPY" \ | ||
153 | "" \ | ||
154 | "cmp $DATA $COPY" \ | ||
155 | "! cmp $DATA $COPY 2>/dev/null" | ||
156 | |||
157 | perm_test \ | ||
158 | "read" \ | ||
159 | "realpath,stat,lstat,open,close" \ | ||
160 | "get $DATA $COPY" \ | ||
161 | "" \ | ||
162 | "cmp $DATA $COPY" \ | ||
163 | "! cmp $DATA $COPY 2>/dev/null" | ||
164 | |||
165 | perm_test \ | ||
166 | "write" \ | ||
167 | "realpath,stat,lstat,open,close" \ | ||
168 | "put $DATA $COPY" \ | ||
169 | "" \ | ||
170 | "cmp $DATA $COPY" \ | ||
171 | "! cmp $DATA $COPY 2>/dev/null" | ||
172 | |||
173 | perm_test \ | ||
174 | "lstat" \ | ||
175 | "realpath,stat,open,read,close" \ | ||
176 | "get $DATA $COPY" \ | ||
177 | "" \ | ||
178 | "cmp $DATA $COPY" \ | ||
179 | "! cmp $DATA $COPY 2>/dev/null" | ||
180 | |||
181 | perm_test \ | ||
182 | "opendir" \ | ||
183 | "realpath,readdir,stat,lstat" \ | ||
184 | "ls -ln $OBJ" | ||
185 | |||
186 | perm_test \ | ||
187 | "readdir" \ | ||
188 | "realpath,opendir,stat,lstat" \ | ||
189 | "ls -ln $OBJ" | ||
190 | |||
191 | perm_test \ | ||
192 | "setstat" \ | ||
193 | "realpath,stat,lstat" \ | ||
194 | "chmod 0700 $COPY" \ | ||
195 | "touch $COPY; chmod 0400 $COPY" \ | ||
196 | "test -x $COPY" \ | ||
197 | "test ! -x $COPY" | ||
198 | |||
199 | perm_test \ | ||
200 | "remove" \ | ||
201 | "realpath,stat,lstat" \ | ||
202 | "rm $COPY" \ | ||
203 | "touch $COPY" \ | ||
204 | "test ! -f $COPY" \ | ||
205 | "test -f $COPY" | ||
206 | |||
207 | perm_test \ | ||
208 | "mkdir" \ | ||
209 | "realpath,stat,lstat" \ | ||
210 | "mkdir ${COPY}.dd" \ | ||
211 | "" \ | ||
212 | "test -d ${COPY}.dd" \ | ||
213 | "test ! -d ${COPY}.dd" | ||
214 | |||
215 | perm_test \ | ||
216 | "rmdir" \ | ||
217 | "realpath,stat,lstat" \ | ||
218 | "rmdir ${COPY}.dd" \ | ||
219 | "mkdir ${COPY}.dd" \ | ||
220 | "test ! -d ${COPY}.dd" \ | ||
221 | "test -d ${COPY}.dd" | ||
222 | |||
223 | perm_test \ | ||
224 | "posix-rename" \ | ||
225 | "realpath,stat,lstat" \ | ||
226 | "rename $COPY ${COPY}.1" \ | ||
227 | "touch $COPY" \ | ||
228 | "test -f ${COPY}.1 -a ! -f $COPY" \ | ||
229 | "test -f $COPY -a ! -f ${COPY}.1" | ||
230 | |||
231 | perm_test \ | ||
232 | "rename" \ | ||
233 | "realpath,stat,lstat" \ | ||
234 | "rename -l $COPY ${COPY}.1" \ | ||
235 | "touch $COPY" \ | ||
236 | "test -f ${COPY}.1 -a ! -f $COPY" \ | ||
237 | "test -f $COPY -a ! -f ${COPY}.1" | ||
238 | |||
239 | perm_test \ | ||
240 | "symlink" \ | ||
241 | "realpath,stat,lstat" \ | ||
242 | "ln -s $COPY ${COPY}.1" \ | ||
243 | "touch $COPY" \ | ||
244 | "test -h ${COPY}.1" \ | ||
245 | "test ! -h ${COPY}.1" | ||
246 | |||
247 | perm_test \ | ||
248 | "hardlink" \ | ||
249 | "realpath,stat,lstat" \ | ||
250 | "ln $COPY ${COPY}.1" \ | ||
251 | "touch $COPY" \ | ||
252 | "test -f ${COPY}.1" \ | ||
253 | "test ! -f ${COPY}.1" | ||
254 | |||
255 | perm_test \ | ||
256 | "statvfs" \ | ||
257 | "realpath,stat,lstat" \ | ||
258 | "df /" | ||
259 | |||
260 | # XXX need good tests for: | ||
261 | # fstat | ||
262 | # fsetstat | ||
263 | # realpath | ||
264 | # stat | ||
265 | # readlink | ||
266 | # fstatvfs | ||
267 | |||
268 | rm -rf ${COPY} ${COPY}.1 ${COPY}.dd | ||
269 | |||