summaryrefslogtreecommitdiff
path: root/regress
diff options
context:
space:
mode:
Diffstat (limited to 'regress')
-rw-r--r--regress/Makefile69
-rw-r--r--regress/agent-getpeereid.sh9
-rw-r--r--regress/agent-ptrace.sh2
-rw-r--r--regress/cert-hostkey.sh31
-rw-r--r--regress/cert-userkey.sh25
-rw-r--r--regress/host-expand.sh18
-rw-r--r--regress/kextype.sh30
-rw-r--r--regress/keytype.sh55
-rw-r--r--regress/multiplex.sh3
-rw-r--r--regress/sftp-cmds.sh10
-rw-r--r--regress/sftp-glob.sh23
-rw-r--r--regress/test-exec.sh11
12 files changed, 236 insertions, 50 deletions
diff --git a/regress/Makefile b/regress/Makefile
index 9762ab204..f114c27e9 100644
--- a/regress/Makefile
+++ b/regress/Makefile
@@ -1,6 +1,6 @@
1# $OpenBSD: Makefile,v 1.54 2010/06/27 19:19:56 phessler Exp $ 1# $OpenBSD: Makefile,v 1.58 2011/01/06 22:46:21 djm Exp $
2 2
3REGRESS_TARGETS= t1 t2 t3 t4 t5 t6 t7 t-exec 3REGRESS_TARGETS= t1 t2 t3 t4 t5 t6 t7 t8 t9 t-exec
4tests: $(REGRESS_TARGETS) 4tests: $(REGRESS_TARGETS)
5 5
6# Interop tests are not run by default 6# Interop tests are not run by default
@@ -53,14 +53,20 @@ LTESTS= connect \
53 localcommand \ 53 localcommand \
54 forcecommand \ 54 forcecommand \
55 portnum \ 55 portnum \
56 keytype \
57 kextype \
56 cert-hostkey \ 58 cert-hostkey \
57 cert-userkey 59 cert-userkey \
60 host-expand
58 61
59INTEROP_TESTS= putty-transfer putty-ciphers putty-kex conch-ciphers 62INTEROP_TESTS= putty-transfer putty-ciphers putty-kex conch-ciphers
60#INTEROP_TESTS+=ssh-com ssh-com-client ssh-com-keygen ssh-com-sftp 63#INTEROP_TESTS+=ssh-com ssh-com-client ssh-com-keygen ssh-com-sftp
61 64
65#LTESTS= cipher-speed
66
62USER!= id -un 67USER!= id -un
63CLEANFILES= t2.out t6.out1 t6.out2 t7.out t7.out.pub copy.1 copy.2 \ 68CLEANFILES= t2.out t3.out t6.out1 t6.out2 t7.out t7.out.pub copy.1 copy.2 \
69 t8.out t8.out.pub t9.out t9.out.pub \
64 authorized_keys_${USER} known_hosts pidfile \ 70 authorized_keys_${USER} known_hosts pidfile \
65 ssh_config sshd_config.orig ssh_proxy sshd_config sshd_proxy \ 71 ssh_config sshd_config.orig ssh_proxy sshd_config sshd_proxy \
66 rsa.pub rsa rsa1.pub rsa1 host.rsa host.rsa1 \ 72 rsa.pub rsa rsa1.pub rsa1 host.rsa host.rsa1 \
@@ -69,45 +75,68 @@ CLEANFILES= t2.out t6.out1 t6.out2 t7.out t7.out.pub copy.1 copy.2 \
69 scp-ssh-wrapper.scp ssh_proxy_envpass remote_pid \ 75 scp-ssh-wrapper.scp ssh_proxy_envpass remote_pid \
70 sshd_proxy_bak rsa_ssh2_cr.prv rsa_ssh2_crnl.prv \ 76 sshd_proxy_bak rsa_ssh2_cr.prv rsa_ssh2_crnl.prv \
71 known_hosts-cert host_ca_key* cert_host_key* \ 77 known_hosts-cert host_ca_key* cert_host_key* \
72 putty.rsa2 sshd_proxy_orig \ 78 putty.rsa2 sshd_proxy_orig ssh_proxy_bak \
73 authorized_principals_${USER} 79 key.rsa-* key.dsa-* key.ecdsa-* \
80 authorized_principals_${USER} expect actual
74 81
75# Enable all malloc(3) randomisations and checks 82# Enable all malloc(3) randomisations and checks
76TEST_ENV= "MALLOC_OPTIONS=AFGJPRX" 83TEST_ENV= "MALLOC_OPTIONS=AFGJPRX"
77 84
85TEST_SSH_SSHKEYGEN?=ssh-keygen
86
78t1: 87t1:
79 ssh-keygen -if ${.CURDIR}/rsa_ssh2.prv | diff - ${.CURDIR}/rsa_openssh.prv 88 ${TEST_SSH_SSHKEYGEN} -if ${.CURDIR}/rsa_ssh2.prv | diff - ${.CURDIR}/rsa_openssh.prv
89 tr '\n' '\r' <${.CURDIR}/rsa_ssh2.prv > ${.OBJDIR}/rsa_ssh2_cr.prv
90 ${TEST_SSH_SSHKEYGEN} -if ${.OBJDIR}/rsa_ssh2_cr.prv | diff - ${.CURDIR}/rsa_openssh.prv
91 awk '{print $$0 "\r"}' ${.CURDIR}/rsa_ssh2.prv > ${.OBJDIR}/rsa_ssh2_crnl.prv
92 ${TEST_SSH_SSHKEYGEN} -if ${.OBJDIR}/rsa_ssh2_crnl.prv | diff - ${.CURDIR}/rsa_openssh.prv
80 93
81t2: 94t2:
82 cat ${.CURDIR}/rsa_openssh.prv > $(OBJ)/t2.out 95 cat ${.CURDIR}/rsa_openssh.prv > $(OBJ)/t2.out
83 chmod 600 $(OBJ)/t2.out 96 chmod 600 $(OBJ)/t2.out
84 ssh-keygen -yf $(OBJ)/t2.out | diff - ${.CURDIR}/rsa_openssh.pub 97 ${TEST_SSH_SSHKEYGEN} -yf $(OBJ)/t2.out | diff - ${.CURDIR}/rsa_openssh.pub
85 98
86t3: 99t3:
87 ssh-keygen -ef ${.CURDIR}/rsa_openssh.pub >$(OBJ)/rsa_secsh.pub 100 ${TEST_SSH_SSHKEYGEN} -ef ${.CURDIR}/rsa_openssh.pub >$(OBJ)/t3.out
88 ssh-keygen -if $(OBJ)/rsa_secsh.pub | diff - ${.CURDIR}/rsa_openssh.pub 101 ${TEST_SSH_SSHKEYGEN} -if $(OBJ)/t3.out | diff - ${.CURDIR}/rsa_openssh.pub
89 rm -f ${.CURDIR}/rsa_secsh.pub
90 102
91t4: 103t4:
92 ssh-keygen -lf ${.CURDIR}/rsa_openssh.pub |\ 104 ${TEST_SSH_SSHKEYGEN} -lf ${.CURDIR}/rsa_openssh.pub |\
93 awk '{print $$2}' | diff - ${.CURDIR}/t4.ok 105 awk '{print $$2}' | diff - ${.CURDIR}/t4.ok
94 106
95t5: 107t5:
96 ssh-keygen -Bf ${.CURDIR}/rsa_openssh.pub |\ 108 ${TEST_SSH_SSHKEYGEN} -Bf ${.CURDIR}/rsa_openssh.pub |\
97 awk '{print $$2}' | diff - ${.CURDIR}/t5.ok 109 awk '{print $$2}' | diff - ${.CURDIR}/t5.ok
98 110
99t6: 111t6:
100 ssh-keygen -if ${.CURDIR}/dsa_ssh2.prv > $(OBJ)/t6.out1 112 ${TEST_SSH_SSHKEYGEN} -if ${.CURDIR}/dsa_ssh2.prv > $(OBJ)/t6.out1
101 ssh-keygen -if ${.CURDIR}/dsa_ssh2.pub > $(OBJ)/t6.out2 113 ${TEST_SSH_SSHKEYGEN} -if ${.CURDIR}/dsa_ssh2.pub > $(OBJ)/t6.out2
102 chmod 600 $(OBJ)/t6.out1 114 chmod 600 $(OBJ)/t6.out1
103 ssh-keygen -yf $(OBJ)/t6.out1 | diff - $(OBJ)/t6.out2 115 ${TEST_SSH_SSHKEYGEN} -yf $(OBJ)/t6.out1 | diff - $(OBJ)/t6.out2
104 116
105$(OBJ)/t7.out: 117$(OBJ)/t7.out:
106 ssh-keygen -q -t rsa -N '' -f $@ 118 ${TEST_SSH_SSHKEYGEN} -q -t rsa -N '' -f $@
107 119
108t7: $(OBJ)/t7.out 120t7: $(OBJ)/t7.out
109 ssh-keygen -lf $(OBJ)/t7.out > /dev/null 121 ${TEST_SSH_SSHKEYGEN} -lf $(OBJ)/t7.out > /dev/null
110 ssh-keygen -Bf $(OBJ)/t7.out > /dev/null 122 ${TEST_SSH_SSHKEYGEN} -Bf $(OBJ)/t7.out > /dev/null
123
124$(OBJ)/t8.out:
125 ${TEST_SSH_SSHKEYGEN} -q -t dsa -N '' -f $@
126
127t8: $(OBJ)/t8.out
128 ${TEST_SSH_SSHKEYGEN} -lf $(OBJ)/t8.out > /dev/null
129 ${TEST_SSH_SSHKEYGEN} -Bf $(OBJ)/t8.out > /dev/null
130
131$(OBJ)/t9.out:
132 test "${TEST_SSH_ECC}" != yes || \
133 ${TEST_SSH_SSHKEYGEN} -q -t ecdsa -N '' -f $@
134
135t9: $(OBJ)/t9.out
136 test "${TEST_SSH_ECC}" != yes || \
137 ${TEST_SSH_SSHKEYGEN} -lf $(OBJ)/t9.out > /dev/null
138 test "${TEST_SSH_ECC}" != yes || \
139 ${TEST_SSH_SSHKEYGEN} -Bf $(OBJ)/t9.out > /dev/null
111 140
112t-exec: ${LTESTS:=.sh} 141t-exec: ${LTESTS:=.sh}
113 @if [ "x$?" = "x" ]; then exit 0; fi; \ 142 @if [ "x$?" = "x" ]; then exit 0; fi; \
@@ -123,3 +152,5 @@ t-exec-interop: ${INTEROP_TESTS:=.sh}
123 (env SUDO="${SUDO}" TEST_ENV=${TEST_ENV} sh ${.CURDIR}/test-exec.sh ${.OBJDIR} ${.CURDIR}/$${TEST}) || exit $$?; \ 152 (env SUDO="${SUDO}" TEST_ENV=${TEST_ENV} sh ${.CURDIR}/test-exec.sh ${.OBJDIR} ${.CURDIR}/$${TEST}) || exit $$?; \
124 done 153 done
125 154
155# Not run by default
156interop: ${INTEROP_TARGETS}
diff --git a/regress/agent-getpeereid.sh b/regress/agent-getpeereid.sh
index 5d7f73291..faf654c04 100644
--- a/regress/agent-getpeereid.sh
+++ b/regress/agent-getpeereid.sh
@@ -7,10 +7,9 @@ UNPRIV=nobody
7ASOCK=${OBJ}/agent 7ASOCK=${OBJ}/agent
8SSH_AUTH_SOCK=/nonexistent 8SSH_AUTH_SOCK=/nonexistent
9 9
10if grep "#undef.*HAVE_GETPEEREID" ${BUILDDIR}/config.h >/dev/null 2>&1 && \ 10if config_defined HAVE_GETPEEREID HAVE_GETPEERUCRED HAVE_SO_PEERCRED ; then
11 grep "#undef.*HAVE_GETPEERUCRED" ${BUILDDIR}/config.h >/dev/null && \ 11 :
12 grep "#undef.*HAVE_SO_PEERCRED" ${BUILDDIR}/config.h >/dev/null 12else
13then
14 echo "skipped (not supported on this platform)" 13 echo "skipped (not supported on this platform)"
15 exit 0 14 exit 0
16fi 15fi
@@ -34,7 +33,7 @@ else
34 fail "ssh-add failed with $r != 1" 33 fail "ssh-add failed with $r != 1"
35 fi 34 fi
36 35
37 < /dev/null ${SUDO} -S -u ${UNPRIV} ssh-add -l > /dev/null 2>&1 36 < /dev/null ${SUDO} -S -u ${UNPRIV} ssh-add -l 2>/dev/null
38 r=$? 37 r=$?
39 if [ $r -lt 2 ]; then 38 if [ $r -lt 2 ]; then
40 fail "ssh-add did not fail for ${UNPRIV}: $r < 2" 39 fail "ssh-add did not fail for ${UNPRIV}: $r < 2"
diff --git a/regress/agent-ptrace.sh b/regress/agent-ptrace.sh
index d5892ed03..9f29464c5 100644
--- a/regress/agent-ptrace.sh
+++ b/regress/agent-ptrace.sh
@@ -41,7 +41,7 @@ EOF
41 if [ $? -ne 0 ]; then 41 if [ $? -ne 0 ]; then
42 fail "gdb failed: exit code $?" 42 fail "gdb failed: exit code $?"
43 fi 43 fi
44 egrep 'ptrace: Operation not permitted.|procfs:.*Permission denied.|ttrace.*Permission denied.|procfs:.*: Invalid argument.' >/dev/null ${OBJ}/gdb.out 44 egrep 'ptrace: Operation not permitted.|procfs:.*Permission denied.|ttrace.*Permission denied.|procfs:.*: Invalid argument.|Unable to access task ' >/dev/null ${OBJ}/gdb.out
45 r=$? 45 r=$?
46 rm -f ${OBJ}/gdb.out 46 rm -f ${OBJ}/gdb.out
47 if [ $r -ne 0 ]; then 47 if [ $r -ne 0 ]; then
diff --git a/regress/cert-hostkey.sh b/regress/cert-hostkey.sh
index 0265e8f6b..3b147b9f7 100644
--- a/regress/cert-hostkey.sh
+++ b/regress/cert-hostkey.sh
@@ -1,8 +1,14 @@
1# $OpenBSD: cert-hostkey.sh,v 1.4 2010/04/16 01:58:45 djm Exp $ 1# $OpenBSD: cert-hostkey.sh,v 1.5 2010/08/31 12:24:09 djm Exp $
2# Placed in the Public Domain. 2# Placed in the Public Domain.
3 3
4tid="certified host keys" 4tid="certified host keys"
5 5
6# used to disable ECC based tests on platforms without ECC
7ecdsa=""
8if test "x$TEST_SSH_ECC" = "xyes"; then
9 ecdsa=ecdsa
10fi
11
6rm -f $OBJ/known_hosts-cert $OBJ/host_ca_key* $OBJ/cert_host_key* 12rm -f $OBJ/known_hosts-cert $OBJ/host_ca_key* $OBJ/cert_host_key*
7cp $OBJ/sshd_proxy $OBJ/sshd_proxy_bak 13cp $OBJ/sshd_proxy $OBJ/sshd_proxy_bak
8 14
@@ -18,7 +24,7 @@ ${SSHKEYGEN} -q -N '' -t rsa -f $OBJ/host_ca_key ||\
18) > $OBJ/known_hosts-cert 24) > $OBJ/known_hosts-cert
19 25
20# Generate and sign host keys 26# Generate and sign host keys
21for ktype in rsa dsa ; do 27for ktype in rsa dsa $ecdsa ; do
22 verbose "$tid: sign host ${ktype} cert" 28 verbose "$tid: sign host ${ktype} cert"
23 # Generate and sign a host key 29 # Generate and sign a host key
24 ${SSHKEYGEN} -q -N '' -t ${ktype} \ 30 ${SSHKEYGEN} -q -N '' -t ${ktype} \
@@ -28,6 +34,8 @@ for ktype in rsa dsa ; do
28 -I "regress host key for $USER" \ 34 -I "regress host key for $USER" \
29 -n $HOSTS $OBJ/cert_host_key_${ktype} || 35 -n $HOSTS $OBJ/cert_host_key_${ktype} ||
30 fail "couldn't sign cert_host_key_${ktype}" 36 fail "couldn't sign cert_host_key_${ktype}"
37 # v00 ecdsa certs do not exist
38 test "${ktype}" = "ecdsa" && continue
31 cp $OBJ/cert_host_key_${ktype} $OBJ/cert_host_key_${ktype}_v00 39 cp $OBJ/cert_host_key_${ktype} $OBJ/cert_host_key_${ktype}_v00
32 cp $OBJ/cert_host_key_${ktype}.pub $OBJ/cert_host_key_${ktype}_v00.pub 40 cp $OBJ/cert_host_key_${ktype}.pub $OBJ/cert_host_key_${ktype}_v00.pub
33 ${SSHKEYGEN} -t v00 -h -q -s $OBJ/host_ca_key \ 41 ${SSHKEYGEN} -t v00 -h -q -s $OBJ/host_ca_key \
@@ -38,7 +46,7 @@ done
38 46
39# Basic connect tests 47# Basic connect tests
40for privsep in yes no ; do 48for privsep in yes no ; do
41 for ktype in rsa dsa rsa_v00 dsa_v00; do 49 for ktype in rsa dsa $ecdsa rsa_v00 dsa_v00; do
42 verbose "$tid: host ${ktype} cert connect privsep $privsep" 50 verbose "$tid: host ${ktype} cert connect privsep $privsep"
43 ( 51 (
44 cat $OBJ/sshd_proxy_bak 52 cat $OBJ/sshd_proxy_bak
@@ -64,6 +72,11 @@ done
64 echon '@revoked ' 72 echon '@revoked '
65 echon "* " 73 echon "* "
66 cat $OBJ/cert_host_key_rsa.pub 74 cat $OBJ/cert_host_key_rsa.pub
75 if test "x$TEST_SSH_ECC" = "xyes"; then
76 echon '@revoked '
77 echon "* "
78 cat $OBJ/cert_host_key_ecdsa.pub
79 fi
67 echon '@revoked ' 80 echon '@revoked '
68 echon "* " 81 echon "* "
69 cat $OBJ/cert_host_key_dsa.pub 82 cat $OBJ/cert_host_key_dsa.pub
@@ -75,7 +88,7 @@ done
75 cat $OBJ/cert_host_key_dsa_v00.pub 88 cat $OBJ/cert_host_key_dsa_v00.pub
76) > $OBJ/known_hosts-cert 89) > $OBJ/known_hosts-cert
77for privsep in yes no ; do 90for privsep in yes no ; do
78 for ktype in rsa dsa rsa_v00 dsa_v00; do 91 for ktype in rsa dsa $ecdsa rsa_v00 dsa_v00; do
79 verbose "$tid: host ${ktype} revoked cert privsep $privsep" 92 verbose "$tid: host ${ktype} revoked cert privsep $privsep"
80 ( 93 (
81 cat $OBJ/sshd_proxy_bak 94 cat $OBJ/sshd_proxy_bak
@@ -102,7 +115,7 @@ done
102 echon "* " 115 echon "* "
103 cat $OBJ/host_ca_key.pub 116 cat $OBJ/host_ca_key.pub
104) > $OBJ/known_hosts-cert 117) > $OBJ/known_hosts-cert
105for ktype in rsa dsa rsa_v00 dsa_v00 ; do 118for ktype in rsa dsa $ecdsa rsa_v00 dsa_v00 ; do
106 verbose "$tid: host ${ktype} revoked cert" 119 verbose "$tid: host ${ktype} revoked cert"
107 ( 120 (
108 cat $OBJ/sshd_proxy_bak 121 cat $OBJ/sshd_proxy_bak
@@ -173,7 +186,9 @@ test_one "cert has constraints" failure "-h -Oforce-command=false"
173 186
174# Check downgrade of cert to raw key when no CA found 187# Check downgrade of cert to raw key when no CA found
175for v in v01 v00 ; do 188for v in v01 v00 ; do
176 for ktype in rsa dsa ; do 189 for ktype in rsa dsa $ecdsa ; do
190 # v00 ecdsa certs do not exist.
191 test "${v}${ktype}" = "v00ecdsa" && continue
177 rm -f $OBJ/known_hosts-cert $OBJ/cert_host_key* 192 rm -f $OBJ/known_hosts-cert $OBJ/cert_host_key*
178 verbose "$tid: host ${ktype} ${v} cert downgrade to raw key" 193 verbose "$tid: host ${ktype} ${v} cert downgrade to raw key"
179 # Generate and sign a host key 194 # Generate and sign a host key
@@ -210,7 +225,9 @@ done
210 cat $OBJ/host_ca_key.pub 225 cat $OBJ/host_ca_key.pub
211) > $OBJ/known_hosts-cert 226) > $OBJ/known_hosts-cert
212for v in v01 v00 ; do 227for v in v01 v00 ; do
213 for kt in rsa dsa ; do 228 for kt in rsa dsa $ecdsa ; do
229 # v00 ecdsa certs do not exist.
230 test "${v}${ktype}" = "v00ecdsa" && continue
214 rm -f $OBJ/cert_host_key* 231 rm -f $OBJ/cert_host_key*
215 # Self-sign key 232 # Self-sign key
216 ${SSHKEYGEN} -q -N '' -t ${kt} \ 233 ${SSHKEYGEN} -q -N '' -t ${kt} \
diff --git a/regress/cert-userkey.sh b/regress/cert-userkey.sh
index a41a9a9c0..fcca3708b 100644
--- a/regress/cert-userkey.sh
+++ b/regress/cert-userkey.sh
@@ -1,8 +1,14 @@
1# $OpenBSD: cert-userkey.sh,v 1.6 2010/06/29 23:59:54 djm Exp $ 1# $OpenBSD: cert-userkey.sh,v 1.7 2010/08/31 12:24:09 djm Exp $
2# Placed in the Public Domain. 2# Placed in the Public Domain.
3 3
4tid="certified user keys" 4tid="certified user keys"
5 5
6# used to disable ECC based tests on platforms without ECC
7ecdsa=""
8if test "x$TEST_SSH_ECC" = "xyes"; then
9 ecdsa=ecdsa
10fi
11
6rm -f $OBJ/authorized_keys_$USER $OBJ/user_ca_key* $OBJ/cert_user_key* 12rm -f $OBJ/authorized_keys_$USER $OBJ/user_ca_key* $OBJ/cert_user_key*
7cp $OBJ/sshd_proxy $OBJ/sshd_proxy_bak 13cp $OBJ/sshd_proxy $OBJ/sshd_proxy_bak
8 14
@@ -11,7 +17,7 @@ ${SSHKEYGEN} -q -N '' -t rsa -f $OBJ/user_ca_key ||\
11 fail "ssh-keygen of user_ca_key failed" 17 fail "ssh-keygen of user_ca_key failed"
12 18
13# Generate and sign user keys 19# Generate and sign user keys
14for ktype in rsa dsa ; do 20for ktype in rsa dsa $ecdsa ; do
15 verbose "$tid: sign user ${ktype} cert" 21 verbose "$tid: sign user ${ktype} cert"
16 ${SSHKEYGEN} -q -N '' -t ${ktype} \ 22 ${SSHKEYGEN} -q -N '' -t ${ktype} \
17 -f $OBJ/cert_user_key_${ktype} || \ 23 -f $OBJ/cert_user_key_${ktype} || \
@@ -20,6 +26,8 @@ for ktype in rsa dsa ; do
20 "regress user key for $USER" \ 26 "regress user key for $USER" \
21 -n ${USER},mekmitasdigoat $OBJ/cert_user_key_${ktype} || 27 -n ${USER},mekmitasdigoat $OBJ/cert_user_key_${ktype} ||
22 fail "couldn't sign cert_user_key_${ktype}" 28 fail "couldn't sign cert_user_key_${ktype}"
29 # v00 ecdsa certs do not exist
30 test "{ktype}" = "ecdsa" && continue
23 cp $OBJ/cert_user_key_${ktype} $OBJ/cert_user_key_${ktype}_v00 31 cp $OBJ/cert_user_key_${ktype} $OBJ/cert_user_key_${ktype}_v00
24 cp $OBJ/cert_user_key_${ktype}.pub $OBJ/cert_user_key_${ktype}_v00.pub 32 cp $OBJ/cert_user_key_${ktype}.pub $OBJ/cert_user_key_${ktype}_v00.pub
25 ${SSHKEYGEN} -q -t v00 -s $OBJ/user_ca_key -I \ 33 ${SSHKEYGEN} -q -t v00 -s $OBJ/user_ca_key -I \
@@ -29,7 +37,7 @@ for ktype in rsa dsa ; do
29done 37done
30 38
31# Test explicitly-specified principals 39# Test explicitly-specified principals
32for ktype in rsa dsa rsa_v00 dsa_v00 ; do 40for ktype in rsa dsa $ecdsa rsa_v00 dsa_v00 ; do
33 for privsep in yes no ; do 41 for privsep in yes no ; do
34 _prefix="${ktype} privsep $privsep" 42 _prefix="${ktype} privsep $privsep"
35 43
@@ -155,7 +163,7 @@ basic_tests() {
155 extra_sshd="TrustedUserCAKeys $OBJ/user_ca_key.pub" 163 extra_sshd="TrustedUserCAKeys $OBJ/user_ca_key.pub"
156 fi 164 fi
157 165
158 for ktype in rsa dsa rsa_v00 dsa_v00 ; do 166 for ktype in rsa dsa $ecdsa rsa_v00 dsa_v00 ; do
159 for privsep in yes no ; do 167 for privsep in yes no ; do
160 _prefix="${ktype} privsep $privsep $auth" 168 _prefix="${ktype} privsep $privsep $auth"
161 # Simple connect 169 # Simple connect
@@ -230,6 +238,11 @@ test_one() {
230 238
231 for auth in $auth_choice ; do 239 for auth in $auth_choice ; do
232 for ktype in rsa rsa_v00 ; do 240 for ktype in rsa rsa_v00 ; do
241 case $ktype in
242 *_v00) keyv="-t v00" ;;
243 *) keyv="" ;;
244 esac
245
233 cat $OBJ/sshd_proxy_bak > $OBJ/sshd_proxy 246 cat $OBJ/sshd_proxy_bak > $OBJ/sshd_proxy
234 if test "x$auth" = "xauthorized_keys" ; then 247 if test "x$auth" = "xauthorized_keys" ; then
235 # Add CA to authorized_keys 248 # Add CA to authorized_keys
@@ -249,7 +262,7 @@ test_one() {
249 verbose "$tid: $ident auth $auth expect $result $ktype" 262 verbose "$tid: $ident auth $auth expect $result $ktype"
250 ${SSHKEYGEN} -q -s $OBJ/user_ca_key \ 263 ${SSHKEYGEN} -q -s $OBJ/user_ca_key \
251 -I "regress user key for $USER" \ 264 -I "regress user key for $USER" \
252 $sign_opts \ 265 $sign_opts $keyv \
253 $OBJ/cert_user_key_${ktype} || 266 $OBJ/cert_user_key_${ktype} ||
254 fail "couldn't sign cert_user_key_${ktype}" 267 fail "couldn't sign cert_user_key_${ktype}"
255 268
@@ -302,7 +315,7 @@ test_one "principals key option no principals" failure "" \
302 315
303# Wrong certificate 316# Wrong certificate
304cat $OBJ/sshd_proxy_bak > $OBJ/sshd_proxy 317cat $OBJ/sshd_proxy_bak > $OBJ/sshd_proxy
305for ktype in rsa dsa rsa_v00 dsa_v00 ; do 318for ktype in rsa dsa $ecdsa rsa_v00 dsa_v00 ; do
306 case $ktype in 319 case $ktype in
307 *_v00) args="-t v00" ;; 320 *_v00) args="-t v00" ;;
308 *) args="" ;; 321 *) args="" ;;
diff --git a/regress/host-expand.sh b/regress/host-expand.sh
new file mode 100644
index 000000000..a0188363d
--- /dev/null
+++ b/regress/host-expand.sh
@@ -0,0 +1,18 @@
1# Placed in the Public Domain.
2
3tid="expand %h and %n"
4
5echo 'PermitLocalCommand yes' >> $OBJ/ssh_proxy
6printf 'LocalCommand printf "%%%%s\\n" "%%n" "%%h"\n' >> $OBJ/ssh_proxy
7
8cat >$OBJ/expect <<EOE
9somehost
10127.0.0.1
11EOE
12
13for p in 1 2; do
14 verbose "test $tid: proto $p"
15 ${SSH} -F $OBJ/ssh_proxy -$p somehost true >$OBJ/actual
16 diff $OBJ/expect $OBJ/actual || fail "$tid proto $p"
17done
18
diff --git a/regress/kextype.sh b/regress/kextype.sh
new file mode 100644
index 000000000..79c0817bb
--- /dev/null
+++ b/regress/kextype.sh
@@ -0,0 +1,30 @@
1# $OpenBSD: kextype.sh,v 1.1 2010/09/22 12:26:05 djm Exp $
2# Placed in the Public Domain.
3
4tid="login with different key exchange algorithms"
5
6TIME=/usr/bin/time
7cp $OBJ/sshd_proxy $OBJ/sshd_proxy_bak
8cp $OBJ/ssh_proxy $OBJ/ssh_proxy_bak
9
10if test "$TEST_SSH_ECC" = "yes"; then
11 kextypes="ecdh-sha2-nistp256 ecdh-sha2-nistp384 ecdh-sha2-nistp521"
12fi
13if test "$TEST_SSH_SHA256" = "yes"; then
14 kextypes="$kextypes diffie-hellman-group-exchange-sha256"
15fi
16kextypes="$kextypes diffie-hellman-group-exchange-sha1"
17kextypes="$kextypes diffie-hellman-group14-sha1"
18kextypes="$kextypes diffie-hellman-group1-sha1"
19
20tries="1 2 3 4"
21for k in $kextypes; do
22 verbose "kex $k"
23 for i in $tries; do
24 ${SSH} -F $OBJ/ssh_proxy -o KexAlgorithms=$k x true
25 if [ $? -ne 0 ]; then
26 fail "ssh kex $k"
27 fi
28 done
29done
30
diff --git a/regress/keytype.sh b/regress/keytype.sh
new file mode 100644
index 000000000..2cbf132bd
--- /dev/null
+++ b/regress/keytype.sh
@@ -0,0 +1,55 @@
1# $OpenBSD: keytype.sh,v 1.1 2010/09/02 16:12:55 markus Exp $
2# Placed in the Public Domain.
3
4tid="login with different key types"
5
6TIME=`which time` 2>/dev/null
7if test ! -x "$TIME"; then
8 TIME=""
9fi
10
11cp $OBJ/sshd_proxy $OBJ/sshd_proxy_bak
12cp $OBJ/ssh_proxy $OBJ/ssh_proxy_bak
13
14ktypes="dsa-1024 rsa-2048 rsa-3072"
15if test "$TEST_SSH_ECC" = "yes"; then
16 ktypes="$ktypes ecdsa-256 ecdsa-384 ecdsa-521"
17fi
18
19for kt in $ktypes; do
20 rm -f $OBJ/key.$kt
21 bits=`echo ${kt} | awk -F- '{print $2}'`
22 type=`echo ${kt} | awk -F- '{print $1}'`
23 printf "keygen $type, $bits bits:\t"
24 ${TIME} ${SSHKEYGEN} -b $bits -q -N '' -t $type -f $OBJ/key.$kt ||\
25 fail "ssh-keygen for type $type, $bits bits failed"
26done
27
28tries="1 2 3"
29for ut in $ktypes; do
30 htypes=$ut
31 #htypes=$ktypes
32 for ht in $htypes; do
33 trace "ssh connect, userkey $ut, hostkey $ht"
34 (
35 grep -v HostKey $OBJ/sshd_proxy_bak
36 echo HostKey $OBJ/key.$ht
37 ) > $OBJ/sshd_proxy
38 (
39 grep -v IdentityFile $OBJ/ssh_proxy_bak
40 echo IdentityFile $OBJ/key.$ut
41 ) > $OBJ/ssh_proxy
42 (
43 echon 'localhost-with-alias,127.0.0.1,::1 '
44 cat $OBJ/key.$ht.pub
45 ) > $OBJ/known_hosts
46 cat $OBJ/key.$ut.pub > $OBJ/authorized_keys_$USER
47 for i in $tries; do
48 printf "userkey $ut, hostkey ${ht}:\t"
49 ${TIME} ${SSH} -F $OBJ/ssh_proxy 999.999.999.999 true
50 if [ $? -ne 0 ]; then
51 fail "ssh userkey $ut, hostkey $ht failed"
52 fi
53 done
54 done
55done
diff --git a/regress/multiplex.sh b/regress/multiplex.sh
index 8a98a6e54..b94cdf02f 100644
--- a/regress/multiplex.sh
+++ b/regress/multiplex.sh
@@ -5,8 +5,7 @@ CTL=/tmp/openssh.regress.ctl-sock.$$
5 5
6tid="connection multiplexing" 6tid="connection multiplexing"
7 7
8if grep "#define.*DISABLE_FD_PASSING" ${BUILDDIR}/config.h >/dev/null 2>&1 8if config_defined DISABLE_FD_PASSING ; then
9then
10 echo "skipped (not supported on this platform)" 9 echo "skipped (not supported on this platform)"
11 exit 0 10 exit 0
12fi 11fi
diff --git a/regress/sftp-cmds.sh b/regress/sftp-cmds.sh
index c4d6ae2de..1c67b6476 100644
--- a/regress/sftp-cmds.sh
+++ b/regress/sftp-cmds.sh
@@ -1,4 +1,4 @@
1# $OpenBSD: sftp-cmds.sh,v 1.10 2009/08/13 01:11:55 djm Exp $ 1# $OpenBSD: sftp-cmds.sh,v 1.11 2010/12/04 00:21:19 djm Exp $
2# Placed in the Public Domain. 2# Placed in the Public Domain.
3 3
4# XXX - TODO: 4# XXX - TODO:
@@ -209,7 +209,13 @@ test -d ${COPY}.dd2 || fail "missing newname after rename directory"
209 209
210verbose "$tid: ln" 210verbose "$tid: ln"
211echo "ln ${COPY}.1 ${COPY}.2" | ${SFTP} -D ${SFTPSERVER} >/dev/null 2>&1 || fail "ln failed" 211echo "ln ${COPY}.1 ${COPY}.2" | ${SFTP} -D ${SFTPSERVER} >/dev/null 2>&1 || fail "ln failed"
212test -h ${COPY}.2 || fail "missing file after ln" 212test -f ${COPY}.2 || fail "missing file after ln"
213cmp ${COPY}.1 ${COPY}.2 || fail "created file is not equal after ln"
214
215verbose "$tid: ln -s"
216rm -f ${COPY}.2
217echo "ln -s ${COPY}.1 ${COPY}.2" | ${SFTP} -D ${SFTPSERVER} >/dev/null 2>&1 || fail "ln -s failed"
218test -h ${COPY}.2 || fail "missing file after ln -s"
213 219
214verbose "$tid: mkdir" 220verbose "$tid: mkdir"
215echo "mkdir ${COPY}.dd" | ${SFTP} -D ${SFTPSERVER} >/dev/null 2>&1 \ 221echo "mkdir ${COPY}.dd" | ${SFTP} -D ${SFTPSERVER} >/dev/null 2>&1 \
diff --git a/regress/sftp-glob.sh b/regress/sftp-glob.sh
index 72bb17d75..8d4df2c98 100644
--- a/regress/sftp-glob.sh
+++ b/regress/sftp-glob.sh
@@ -3,11 +3,18 @@
3 3
4tid="sftp glob" 4tid="sftp glob"
5 5
6config_defined FILESYSTEM_NO_BACKSLASH && nobs="not supported on this platform"
7
6sftp_ls() { 8sftp_ls() {
7 target=$1 9 target=$1
8 errtag=$2 10 errtag=$2
9 expected=$3 11 expected=$3
10 unexpected=$4 12 unexpected=$4
13 skip=$5
14 if test "x$skip" != "x" ; then
15 verbose "$tid: $errtag (skipped: $skip)"
16 return
17 fi
11 verbose "$tid: $errtag" 18 verbose "$tid: $errtag"
12 printf "ls -l %s" "${target}" | \ 19 printf "ls -l %s" "${target}" | \
13 ${SFTP} -b - -D ${SFTPSERVER} 2>/dev/null | \ 20 ${SFTP} -b - -D ${SFTPSERVER} 2>/dev/null | \
@@ -44,8 +51,8 @@ SPACE="${DIR}/g-q space"
44 51
45rm -rf ${BASE} 52rm -rf ${BASE}
46mkdir -p ${DIR} 53mkdir -p ${DIR}
47touch "${DATA}" "${GLOB1}" "${GLOB2}" "${QUOTE}" 54touch "${DATA}" "${GLOB1}" "${GLOB2}" "${QUOTE}" "${SPACE}"
48touch "${QSLASH}" "${ESLASH}" "${SLASH}" "${SPACE}" 55test "x$nobs" = "x" && touch "${QSLASH}" "${ESLASH}" "${SLASH}"
49 56
50# target message expected unexpected 57# target message expected unexpected
51sftp_ls "${DIR}/fil*" "file glob" "${DATA}" "" 58sftp_ls "${DIR}/fil*" "file glob" "${DATA}" ""
@@ -55,14 +62,14 @@ sftp_ls "${DIR}/g-wild\*" "escaped glob" "g-wild*" "g-wildx"
55sftp_ls "${DIR}/g-quote\\\"" "escaped quote" "g-quote\"" "" 62sftp_ls "${DIR}/g-quote\\\"" "escaped quote" "g-quote\"" ""
56sftp_ls "\"${DIR}/g-quote\\\"\"" "quoted quote" "g-quote\"" "" 63sftp_ls "\"${DIR}/g-quote\\\"\"" "quoted quote" "g-quote\"" ""
57sftp_ls "'${DIR}/g-quote\"'" "single-quoted quote" "g-quote\"" "" 64sftp_ls "'${DIR}/g-quote\"'" "single-quoted quote" "g-quote\"" ""
58sftp_ls "${DIR}/g-sl\\\\ash" "escaped slash" "g-sl\\ash" ""
59sftp_ls "'${DIR}/g-sl\\\\ash'" "quoted slash" "g-sl\\ash" ""
60sftp_ls "${DIR}/g-slash\\\\" "escaped slash at EOL" "g-slash\\" ""
61sftp_ls "'${DIR}/g-slash\\\\'" "quoted slash at EOL" "g-slash\\" ""
62sftp_ls "${DIR}/g-qs\\\\\\\"" "escaped slash+quote" "g-qs\\\"" ""
63sftp_ls "'${DIR}/g-qs\\\\\"'" "quoted slash+quote" "g-qs\\\"" ""
64sftp_ls "${DIR}/g-q\\ space" "escaped space" "g-q space" "" 65sftp_ls "${DIR}/g-q\\ space" "escaped space" "g-q space" ""
65sftp_ls "'${DIR}/g-q space'" "quoted space" "g-q space" "" 66sftp_ls "'${DIR}/g-q space'" "quoted space" "g-q space" ""
67sftp_ls "${DIR}/g-sl\\\\ash" "escaped slash" "g-sl\\ash" "" "$nobs"
68sftp_ls "'${DIR}/g-sl\\\\ash'" "quoted slash" "g-sl\\ash" "" "$nobs"
69sftp_ls "${DIR}/g-slash\\\\" "escaped slash at EOL" "g-slash\\" "" "$nobs"
70sftp_ls "'${DIR}/g-slash\\\\'" "quoted slash at EOL" "g-slash\\" "" "$nobs"
71sftp_ls "${DIR}/g-qs\\\\\\\"" "escaped slash+quote" "g-qs\\\"" "" "$nobs"
72sftp_ls "'${DIR}/g-qs\\\\\"'" "quoted slash+quote" "g-qs\\\"" "" "$nobs"
66 73
67rm -rf ${BASE} 74rm -rf ${BASE}
68 75
diff --git a/regress/test-exec.sh b/regress/test-exec.sh
index b64dcdbcf..5c56aefff 100644
--- a/regress/test-exec.sh
+++ b/regress/test-exec.sh
@@ -221,6 +221,17 @@ fatal ()
221 exit $RESULT 221 exit $RESULT
222} 222}
223 223
224# Check whether preprocessor symbols are defined in config.h.
225config_defined ()
226{
227 str=$1
228 while test "x$2" != "x" ; do
229 str="$str|$2"
230 shift
231 done
232 egrep "^#define.*($str)" ${BUILDDIR}/config.h >/dev/null 2>&1
233}
234
224RESULT=0 235RESULT=0
225PIDFILE=$OBJ/pidfile 236PIDFILE=$OBJ/pidfile
226 237
generated by cgit v1.2.3 (git 2.39.1) at 2024-07-17 20:53:01 +0000