diff options
Diffstat (limited to 'regress/servcfginclude.sh')
-rw-r--r-- | regress/servcfginclude.sh | 154 |
1 files changed, 154 insertions, 0 deletions
diff --git a/regress/servcfginclude.sh b/regress/servcfginclude.sh new file mode 100644 index 000000000..b25c8faa8 --- /dev/null +++ b/regress/servcfginclude.sh | |||
@@ -0,0 +1,154 @@ | |||
1 | # Placed in the Public Domain. | ||
2 | |||
3 | tid="server config include" | ||
4 | |||
5 | cat > $OBJ/sshd_config.i << _EOF | ||
6 | HostKey $OBJ/host.ssh-ed25519 | ||
7 | Match host a | ||
8 | Banner /aa | ||
9 | |||
10 | Match host b | ||
11 | Banner /bb | ||
12 | Include $OBJ/sshd_config.i.* | ||
13 | |||
14 | Match host c | ||
15 | Include $OBJ/sshd_config.i.* | ||
16 | Banner /cc | ||
17 | |||
18 | Match host m | ||
19 | Include $OBJ/sshd_config.i.* | ||
20 | |||
21 | Match Host d | ||
22 | Banner /dd | ||
23 | |||
24 | Match Host e | ||
25 | Banner /ee | ||
26 | Include $OBJ/sshd_config.i.* | ||
27 | |||
28 | Match Host f | ||
29 | Include $OBJ/sshd_config.i.* | ||
30 | Banner /ff | ||
31 | |||
32 | Match Host n | ||
33 | Include $OBJ/sshd_config.i.* | ||
34 | _EOF | ||
35 | |||
36 | cat > $OBJ/sshd_config.i.0 << _EOF | ||
37 | Match host xxxxxx | ||
38 | _EOF | ||
39 | |||
40 | cat > $OBJ/sshd_config.i.1 << _EOF | ||
41 | Match host a | ||
42 | Banner /aaa | ||
43 | |||
44 | Match host b | ||
45 | Banner /bbb | ||
46 | |||
47 | Match host c | ||
48 | Banner /ccc | ||
49 | |||
50 | Match Host d | ||
51 | Banner /ddd | ||
52 | |||
53 | Match Host e | ||
54 | Banner /eee | ||
55 | |||
56 | Match Host f | ||
57 | Banner /fff | ||
58 | _EOF | ||
59 | |||
60 | cat > $OBJ/sshd_config.i.2 << _EOF | ||
61 | Match host a | ||
62 | Banner /aaaa | ||
63 | |||
64 | Match host b | ||
65 | Banner /bbbb | ||
66 | |||
67 | Match host c | ||
68 | Banner /cccc | ||
69 | |||
70 | Match Host d | ||
71 | Banner /dddd | ||
72 | |||
73 | Match Host e | ||
74 | Banner /eeee | ||
75 | |||
76 | Match Host f | ||
77 | Banner /ffff | ||
78 | |||
79 | Match all | ||
80 | Banner /xxxx | ||
81 | _EOF | ||
82 | |||
83 | trial() { | ||
84 | _host="$1" | ||
85 | _exp="$2" | ||
86 | _desc="$3" | ||
87 | test -z "$_desc" && _desc="test match" | ||
88 | trace "$_desc host=$_host expect=$_exp" | ||
89 | ${SUDO} ${REAL_SSHD} -f $OBJ/sshd_config.i -T \ | ||
90 | -C "host=$_host,user=test,addr=127.0.0.1" > $OBJ/sshd_config.out || | ||
91 | fatal "ssh config parse failed: $_desc host=$_host expect=$_exp" | ||
92 | _got=`grep -i '^banner ' $OBJ/sshd_config.out | awk '{print $2}'` | ||
93 | if test "x$_exp" != "x$_got" ; then | ||
94 | fail "$desc_ host $_host include fail: expected $_exp got $_got" | ||
95 | fi | ||
96 | } | ||
97 | |||
98 | trial a /aa | ||
99 | trial b /bb | ||
100 | trial c /ccc | ||
101 | trial d /dd | ||
102 | trial e /ee | ||
103 | trial f /fff | ||
104 | trial m /xxxx | ||
105 | trial n /xxxx | ||
106 | trial x none | ||
107 | |||
108 | # Prepare an included config with an error. | ||
109 | |||
110 | cat > $OBJ/sshd_config.i.3 << _EOF | ||
111 | Banner xxxx | ||
112 | Junk | ||
113 | _EOF | ||
114 | |||
115 | trace "disallow invalid config host=a" | ||
116 | ${SUDO} ${REAL_SSHD} -f $OBJ/sshd_config.i \ | ||
117 | -C "host=a,user=test,addr=127.0.0.1" 2>/dev/null && \ | ||
118 | fail "sshd include allowed invalid config" | ||
119 | |||
120 | trace "disallow invalid config host=x" | ||
121 | ${SUDO} ${REAL_SSHD} -f $OBJ/sshd_config.i \ | ||
122 | -C "host=x,user=test,addr=127.0.0.1" 2>/dev/null && \ | ||
123 | fail "sshd include allowed invalid config" | ||
124 | |||
125 | rm -f $OBJ/sshd_config.i.* | ||
126 | |||
127 | # Ensure that a missing include is not fatal. | ||
128 | cat > $OBJ/sshd_config.i << _EOF | ||
129 | HostKey $OBJ/host.ssh-ed25519 | ||
130 | Include $OBJ/sshd_config.i.* | ||
131 | Banner /aa | ||
132 | _EOF | ||
133 | |||
134 | trial a /aa "missing include non-fatal" | ||
135 | |||
136 | # Ensure that Match/Host in an included config does not affect parent. | ||
137 | cat > $OBJ/sshd_config.i.x << _EOF | ||
138 | Match host x | ||
139 | _EOF | ||
140 | |||
141 | trial a /aa "included file does not affect match state" | ||
142 | |||
143 | # Ensure the empty include directive is not accepted | ||
144 | cat > $OBJ/sshd_config.i.x << _EOF | ||
145 | Include | ||
146 | _EOF | ||
147 | |||
148 | trace "disallow invalid with no argument" | ||
149 | ${SUDO} ${REAL_SSHD} -f $OBJ/sshd_config.i.x \ | ||
150 | -C "host=x,user=test,addr=127.0.0.1" 2>/dev/null && \ | ||
151 | fail "sshd allowed Include with no argument" | ||
152 | |||
153 | # cleanup | ||
154 | rm -f $OBJ/sshd_config.i $OBJ/sshd_config.i.* $OBJ/sshd_config.out | ||