From 4c37ef08abc56fe883e75333f04cf2a7382fce07 Mon Sep 17 00:00:00 2001 From: Darren Tucker Date: Wed, 16 Jun 2004 20:08:56 +1000 Subject: - djm@cvs.openbsd.org 2004/04/27 09:47:30 [regress/Makefile regress/test-exec.sh, added regress/envpass.sh] regress test for environment passing, SendEnv & AcceptEnv options; ok markus@ --- regress/Makefile | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) (limited to 'regress/Makefile') diff --git a/regress/Makefile b/regress/Makefile index cf65b3630..c7e7bb06a 100644 --- a/regress/Makefile +++ b/regress/Makefile @@ -1,4 +1,4 @@ -# $OpenBSD: Makefile,v 1.27 2004/02/17 08:23:20 dtucker Exp $ +# $OpenBSD: Makefile,v 1.28 2004/04/27 09:47:30 djm Exp $ REGRESS_TARGETS= t1 t2 t3 t4 t5 t6 t7 t-exec tests: $(REGRESS_TARGETS) @@ -13,6 +13,7 @@ LTESTS= connect \ proto-version \ proto-mismatch \ exit-status \ + envpass \ transfer \ banner \ rekey \ -- cgit v1.2.3 From 50433a924344b295cd34ecdbba0c6b8f6add9231 Mon Sep 17 00:00:00 2001 From: Darren Tucker Date: Wed, 16 Jun 2004 20:15:59 +1000 Subject: - dtucker@cvs.openbsd.org 2004/06/13 13:51:02 [regress/Makefile regress/test-exec.sh, added regress/scp-ssh-wrapper.sh regress/scp.sh] Add scp regression test; with & ok markus@ --- ChangeLog | 6 ++-- regress/Makefile | 7 +++-- regress/scp-ssh-wrapper.sh | 54 ++++++++++++++++++++++++++++++++++ regress/scp.sh | 73 ++++++++++++++++++++++++++++++++++++++++++++++ regress/test-exec.sh | 10 +++++-- 5 files changed, 143 insertions(+), 7 deletions(-) create mode 100644 regress/scp-ssh-wrapper.sh create mode 100644 regress/scp.sh (limited to 'regress/Makefile') diff --git a/ChangeLog b/ChangeLog index 1c6382737..768e09bd6 100644 --- a/ChangeLog +++ b/ChangeLog @@ -6,7 +6,9 @@ [Makefile test-exec.sh] regress test for environment passing, SendEnv & AcceptEnv options; ok markus@ - + - dtucker@cvs.openbsd.org 2004/06/13 13:51:02 + [Makefile test-exec.sh] + Add scp regression test; with & ok markus@ 20040615 - (djm) OpenBSD CVS Sync @@ -1232,4 +1234,4 @@ - (djm) Trim deprecated options from INSTALL. Mention UsePAM - (djm) Fix quote handling in sftp; Patch from admorten AT umich.edu -$Id: ChangeLog,v 1.3389 2004/06/16 10:08:56 dtucker Exp $ +$Id: ChangeLog,v 1.3390 2004/06/16 10:15:59 dtucker Exp $ diff --git a/regress/Makefile b/regress/Makefile index c7e7bb06a..8f15f3b4d 100644 --- a/regress/Makefile +++ b/regress/Makefile @@ -1,4 +1,4 @@ -# $OpenBSD: Makefile,v 1.28 2004/04/27 09:47:30 djm Exp $ +# $OpenBSD: Makefile,v 1.29 2004/06/13 13:51:02 dtucker Exp $ REGRESS_TARGETS= t1 t2 t3 t4 t5 t6 t7 t-exec tests: $(REGRESS_TARGETS) @@ -29,6 +29,7 @@ LTESTS= connect \ agent-ptrace \ keyscan \ keygen-change \ + scp \ sftp \ sftp-cmds \ sftp-badcmds \ @@ -43,7 +44,9 @@ CLEANFILES= t2.out t6.out1 t6.out2 t7.out t7.out.pub copy.1 copy.2 \ ssh_config ssh_proxy sshd_config sshd_proxy \ rsa.pub rsa rsa1.pub rsa1 host.rsa host.rsa1 \ rsa-agent rsa-agent.pub rsa1-agent rsa1-agent.pub \ - ls.copy banner.in banner.out empty.in remote_pid + ls.copy banner.in banner.out empty.in \ + scp-ssh-wrapper.exe \ + remote_pid #LTESTS += ssh-com ssh-com-client ssh-com-keygen ssh-com-sftp diff --git a/regress/scp-ssh-wrapper.sh b/regress/scp-ssh-wrapper.sh new file mode 100644 index 000000000..8e4314773 --- /dev/null +++ b/regress/scp-ssh-wrapper.sh @@ -0,0 +1,54 @@ +#!/bin/sh +# $OpenBSD: scp-ssh-wrapper.sh,v 1.1 2004/06/13 13:51:02 dtucker Exp $ +# Placed in the Public Domain. + +printname () { + NAME=$1 + save_IFS=$IFS + IFS=/ + set -- `echo "$NAME"` + IFS="$save_IFS" + while [ $# -ge 1 ] ; do + if [ "x$1" != "x" ]; then + echo "D0755 0 $1" + fi + shift; + done +} + +# discard first 5 args +shift; shift; shift; shift; shift + +BAD="../../../../../../../../../../../../../${DIR}/dotpathdir" + +case "$SCPTESTMODE" in +badserver_0) + echo "D0755 0 /${DIR}/rootpathdir" + echo "C755 2 rootpathfile" + echo "X" + ;; +badserver_1) + echo "D0755 0 $BAD" + echo "C755 2 file" + echo "X" + ;; +badserver_2) + echo "D0755 0 $BAD" + echo "C755 2 file" + echo "X" + ;; +badserver_3) + printname $BAD + echo "C755 2 file" + echo "X" + ;; +badserver_4) + printname $BAD + echo "D0755 0 .." + echo "C755 2 file" + echo "X" + ;; +*) + exec $1 + ;; +esac diff --git a/regress/scp.sh b/regress/scp.sh new file mode 100644 index 000000000..2d722c70c --- /dev/null +++ b/regress/scp.sh @@ -0,0 +1,73 @@ +# $OpenBSD: scp.sh,v 1.1 2004/06/13 13:51:02 dtucker Exp $ +# Placed in the Public Domain. + +tid="scp" + +#set -x + +DATA=/bin/ls +COPY=${OBJ}/copy +COPY2=${OBJ}/copy2 +DIR=${COPY}.dd +DIR2=${COPY}.dd2 + +SRC=`dirname ${SCRIPT}` +cp ${SRC}/scp-ssh-wrapper.sh ${OBJ}/scp-ssh-wrapper.exe +chmod 755 ${OBJ}/scp-ssh-wrapper.exe +scpopts="-q -S ${OBJ}/scp-ssh-wrapper.exe" + +scpclean() { + rm -rf ${COPY} ${COPY2} ${DIR} ${DIR2} + mkdir ${DIR} ${DIR2} +} + +verbose "$tid: simple copy local file to remote file" +scpclean +$SCP $scpopts ${DATA} somehost:${COPY} || fail "copy failed" +cmp ${DATA} ${COPY} || fail "corrupted copy" + +verbose "$tid: simple copy remote file to local file" +scpclean +$SCP $scpopts somehost:${DATA} ${COPY} || fail "copy failed" +cmp ${DATA} ${COPY} || fail "corrupted copy" + +verbose "$tid: simple copy local file to remote dir" +scpclean +cp ${DATA} ${COPY} +$SCP $scpopts ${COPY} somehost:${DIR} || fail "copy failed" +cmp ${COPY} ${DIR}/copy || fail "corrupted copy" + +verbose "$tid: simple copy remote file to local dir" +scpclean +cp ${DATA} ${COPY} +$SCP $scpopts somehost:${COPY} ${DIR} || fail "copy failed" +cmp ${COPY} ${DIR}/copy || fail "corrupted copy" + +verbose "$tid: recursive local dir to remote dir" +scpclean +cp ${DATA} ${DIR}/copy +$SCP $scpopts -r ${DIR} somehost:${DIR2} || fail "copy failed" +cmp ${DIR} ${DIR2} || fail "corrupted copy" + +verbose "$tid: recursive remote dir to local dir" +scpclean +cp ${DATA} ${DIR}/copy +$SCP $scpopts -r somehost:${DIR} ${DIR2} || fail "copy failed" +cmp ${DIR} ${DIR2} || fail "corrupted copy" + +for i in 0 1 2 3 4; do + verbose "$tid: disallow bad server #$i" + SCPTESTMODE=badserver_$i + export DIR SCPTESTMODE + scpclean + $SCP $scpopts somehost:${DATA} ${DIR} >/dev/null 2>/dev/null + [ -d {$DIR}/rootpathdir ] && fail "allows dir relative to root dir" + [ -d ${DIR}/dotpathdir ] && fail "allows dir creation in non-recursive mode" + + scpclean + $SCP -r $scpopts somehost:${DATA} ${DIR2} >/dev/null 2>/dev/null + [ -d ${DIR}/dotpathdir ] && fail "allows dir creation outside of subdir" +done + +scpclean +rm -f ${OBJ}/scp-ssh-wrapper.exe diff --git a/regress/test-exec.sh b/regress/test-exec.sh index a0df0e957..c8827b631 100644 --- a/regress/test-exec.sh +++ b/regress/test-exec.sh @@ -1,4 +1,4 @@ -# $OpenBSD: test-exec.sh,v 1.16 2004/04/27 09:47:30 djm Exp $ +# $OpenBSD: test-exec.sh,v 1.17 2004/06/13 13:51:02 dtucker Exp $ # Placed in the Public Domain. PORT=4242 @@ -47,6 +47,7 @@ SSHKEYGEN=ssh-keygen SSHKEYSCAN=ssh-keyscan SFTP=sftp SFTPSERVER=/usr/libexec/openssh/sftp-server +SCP=scp if [ "x$TEST_SSH_SSH" != "x" ]; then SSH="${TEST_SSH_SSH}" @@ -72,10 +73,13 @@ fi if [ "x$TEST_SSH_SFTPSERVER" != "x" ]; then SFTPSERVER="${TEST_SSH_SFTPSERVER}" fi +if [ "x$TEST_SSH_SCP" != "x" ]; then + SCP="${TEST_SSH_SCP}" +fi # these should be used in tests -export SSH SSHD SSHAGENT SSHADD SSHKEYGEN SSHKEYSCAN SFTP SFTPSERVER -#echo $SSH $SSHD $SSHAGENT $SSHADD $SSHKEYGEN $SSHKEYSCAN $SFTP $SFTPSERVER +export SSH SSHD SSHAGENT SSHADD SSHKEYGEN SSHKEYSCAN SFTP SFTPSERVER SCP +#echo $SSH $SSHD $SSHAGENT $SSHADD $SSHKEYGEN $SSHKEYSCAN $SFTP $SFTPSERVER $SCP # helper echon() -- cgit v1.2.3 From e7d0583f36d060d199c44cbd16b367b0b9907333 Mon Sep 17 00:00:00 2001 From: Darren Tucker Date: Wed, 16 Jun 2004 20:22:22 +1000 Subject: - djm@cvs.openbsd.org 2004/06/13 15:04:08 [regress/Makefile regress/test-exec.sh, added regress/multiplex.sh] regress test for client multiplexing; ok markus@ --- ChangeLog | 5 ++++- regress/Makefile | 5 +++-- regress/multiplex.sh | 55 ++++++++++++++++++++++++++++++++++++++++++++++++++++ regress/test-exec.sh | 7 ++++++- 4 files changed, 68 insertions(+), 4 deletions(-) create mode 100644 regress/multiplex.sh (limited to 'regress/Makefile') diff --git a/ChangeLog b/ChangeLog index 768e09bd6..e93749ed6 100644 --- a/ChangeLog +++ b/ChangeLog @@ -9,6 +9,9 @@ - dtucker@cvs.openbsd.org 2004/06/13 13:51:02 [Makefile test-exec.sh] Add scp regression test; with & ok markus@ + - djm@cvs.openbsd.org 2004/06/13 15:04:08 + [Makefile test-exec.sh] + regress test for client multiplexing; ok markus@ 20040615 - (djm) OpenBSD CVS Sync @@ -1234,4 +1237,4 @@ - (djm) Trim deprecated options from INSTALL. Mention UsePAM - (djm) Fix quote handling in sftp; Patch from admorten AT umich.edu -$Id: ChangeLog,v 1.3390 2004/06/16 10:15:59 dtucker Exp $ +$Id: ChangeLog,v 1.3391 2004/06/16 10:22:22 dtucker Exp $ diff --git a/regress/Makefile b/regress/Makefile index 8f15f3b4d..64674521b 100644 --- a/regress/Makefile +++ b/regress/Makefile @@ -1,4 +1,4 @@ -# $OpenBSD: Makefile,v 1.29 2004/06/13 13:51:02 dtucker Exp $ +# $OpenBSD: Makefile,v 1.30 2004/06/13 15:04:08 djm Exp $ REGRESS_TARGETS= t1 t2 t3 t4 t5 t6 t7 t-exec tests: $(REGRESS_TARGETS) @@ -36,7 +36,8 @@ LTESTS= connect \ sftp-batch \ reconfigure \ dynamic-forward \ - forwarding + forwarding \ + multiplex USER!= id -un CLEANFILES= t2.out t6.out1 t6.out2 t7.out t7.out.pub copy.1 copy.2 \ diff --git a/regress/multiplex.sh b/regress/multiplex.sh new file mode 100644 index 000000000..70a4e677f --- /dev/null +++ b/regress/multiplex.sh @@ -0,0 +1,55 @@ +# $OpenBSD: multiplex.sh,v 1.1 2004/06/13 15:04:08 djm Exp $ +# Placed in the Public Domain. + +CTL=$OBJ/ctl-sock + +tid="connection multiplexing" + +start_sshd + +trace "start master, fork to background" +${SSH} -2 -MS$CTL -F $OBJ/ssh_config -f somehost sleep 60 + +trace "ssh transfer over multiplexed connection and check result" +${SSH} -S$CTL otherhost cat /bin/ls > $OBJ/ls.copy +test -f $OBJ/ls.copy || fail "failed copy /bin/ls" +cmp /bin/ls $OBJ/ls.copy || fail "corrupted copy of /bin/ls" + +trace "ssh transfer over multiplexed connection and check result" +${SSH} -S $CTL otherhost cat /bin/ls > $OBJ/ls.copy +test -f $OBJ/ls.copy || fail "failed copy /bin/ls" +cmp /bin/ls $OBJ/ls.copy || fail "corrupted copy of /bin/ls" + +rm -f $OBJ/ls.copy +trace "sftp transfer over multiplexed connection and check result" +echo "get /bin/ls $OBJ/ls.copy" | \ + ${SFTP} -oControlPath=$CTL otherhost +test -f $OBJ/ls.copy || fail "failed copy /bin/ls" +cmp /bin/ls $OBJ/ls.copy || fail "corrupted copy of /bin/ls" + +rm -f $OBJ/ls.copy +trace "scp transfer over multiplexed connection and check result" +${SCP} -oControlPath=$CTL otherhost:/bin/ls $OBJ/ls.copy +test -f $OBJ/ls.copy || fail "failed copy /bin/ls" +cmp /bin/ls $OBJ/ls.copy || fail "corrupted copy of /bin/ls" + +for s in 0 1 4 5 44; do + trace "exit status $s over multiplexed connection" + verbose "test $tid: status $s" + ${SSH} -S $CTL otherhost exit $s + r=$? + if [ $r -ne $s ]; then + fail "exit code mismatch for protocol $p: $r != $s" + fi + + # same with early close of stdout/err + trace "exit status $s with early close over multiplexed connection" + ${SSH} -S $CTL -n otherhost \ + exec sh -c \'"sleep 2; exec > /dev/null 2>&1; sleep 3; exit $s"\' + r=$? + if [ $r -ne $s ]; then + fail "exit code (with sleep) mismatch for protocol $p: $r != $s" + fi +done + +sleep 30 # early close test sleeps 5 seconds per test diff --git a/regress/test-exec.sh b/regress/test-exec.sh index c8827b631..1f7e38d6a 100644 --- a/regress/test-exec.sh +++ b/regress/test-exec.sh @@ -1,4 +1,4 @@ -# $OpenBSD: test-exec.sh,v 1.17 2004/06/13 13:51:02 dtucker Exp $ +# $OpenBSD: test-exec.sh,v 1.18 2004/06/13 15:04:08 djm Exp $ # Placed in the Public Domain. PORT=4242 @@ -41,6 +41,7 @@ unset SSH_AUTH_SOCK # defaults SSH=ssh SSHD=sshd +SCP=scp SSHAGENT=ssh-agent SSHADD=ssh-add SSHKEYGEN=ssh-keygen @@ -55,6 +56,9 @@ fi if [ "x$TEST_SSH_SSHD" != "x" ]; then SSHD="${TEST_SSH_SSHD}" fi +if [ "x$TEST_SSH_SCP" != "x" ]; then + SCP="${TEST_SSH_SCP}" +fi if [ "x$TEST_SSH_SSHAGENT" != "x" ]; then SSHAGENT="${TEST_SSH_SSHAGENT}" fi @@ -168,6 +172,7 @@ cat << EOF > $OBJ/sshd_config LogLevel QUIET AcceptEnv _XXX_TEST_* AcceptEnv _XXX_TEST + Subsystem sftp $SFTPSERVER StrictModes no EOF -- cgit v1.2.3 From 977a9d21c885d9da6f6ac3c8d16f70765b0934ce Mon Sep 17 00:00:00 2001 From: Darren Tucker Date: Fri, 25 Jun 2004 13:45:18 +1000 Subject: - djm@cvs.openbsd.org 2004/06/24 19:32:00 [regress/Makefile regress/test-exec.sh, added regress/reexec.sh] regress test for re-exec corner cases --- ChangeLog | 5 ++- regress/Makefile | 5 +-- regress/reexec.sh | 87 ++++++++++++++++++++++++++++++++++++++++++++++++++++ regress/test-exec.sh | 26 +++++++++++++++- 4 files changed, 119 insertions(+), 4 deletions(-) create mode 100644 regress/reexec.sh (limited to 'regress/Makefile') diff --git a/ChangeLog b/ChangeLog index 2e5b94c41..ce4c6b3fa 100644 --- a/ChangeLog +++ b/ChangeLog @@ -8,6 +8,9 @@ only perform tcp wrappers checks when the incoming connection is on a socket. silences useless warnings from regress tests that use proxycommand="sshd -i". prompted by david@ ok markus@ + - djm@cvs.openbsd.org 2004/06/24 19:32:00 + [regress/Makefile regress/test-exec.sh, added regress/reexec.sh] + regress test for re-exec corner cases 20040623 - (dtucker) [auth1.c] Ensure do_pam_account is called for Protocol 1 @@ -1410,4 +1413,4 @@ - (djm) Trim deprecated options from INSTALL. Mention UsePAM - (djm) Fix quote handling in sftp; Patch from admorten AT umich.edu -$Id: ChangeLog,v 1.3445 2004/06/25 03:34:31 dtucker Exp $ +$Id: ChangeLog,v 1.3446 2004/06/25 03:45:18 dtucker Exp $ diff --git a/regress/Makefile b/regress/Makefile index 64674521b..9e98e5880 100644 --- a/regress/Makefile +++ b/regress/Makefile @@ -1,4 +1,4 @@ -# $OpenBSD: Makefile,v 1.30 2004/06/13 15:04:08 djm Exp $ +# $OpenBSD: Makefile,v 1.31 2004/06/24 19:32:00 djm Exp $ REGRESS_TARGETS= t1 t2 t3 t4 t5 t6 t7 t-exec tests: $(REGRESS_TARGETS) @@ -37,7 +37,8 @@ LTESTS= connect \ reconfigure \ dynamic-forward \ forwarding \ - multiplex + multiplex \ + reexec USER!= id -un CLEANFILES= t2.out t6.out1 t6.out2 t7.out t7.out.pub copy.1 copy.2 \ diff --git a/regress/reexec.sh b/regress/reexec.sh new file mode 100644 index 000000000..39fffefbc --- /dev/null +++ b/regress/reexec.sh @@ -0,0 +1,87 @@ +# $OpenBSD: reexec.sh,v 1.3 2004/06/25 01:32:44 djm Exp $ +# Placed in the Public Domain. + +tid="reexec tests" + +DATA=/bin/ls +COPY=${OBJ}/copy +SSHD_ORIG=$SSHD +SSHD_COPY=$OBJ/sshd.copy + +# Start a sshd and then delete it +start_sshd_copy_zap () +{ + cp $SSHD_ORIG $SSHD_COPY + SSHD=$SSHD_COPY + start_sshd + rm -f $SSHD_COPY + SSHD=$SSHD_ORIG +} + +verbose "test config passing" +cp $OBJ/sshd_config $OBJ/sshd_config.orig + +start_sshd + +echo "InvalidXXX=no" >> $OBJ/sshd_config + +rm -f ${COPY} +for p in 1 2; do + verbose "$tid: proto $p" + ${SSH} -nqo "Protocol=$p" -F $OBJ/ssh_config somehost \ + cat ${DATA} > ${COPY} + if [ $? -ne 0 ]; then + fail "ssh cat $DATA failed" + fi + cmp ${DATA} ${COPY} || fail "corrupted copy" + rm -f ${COPY} +done + +$SUDO kill `cat $PIDFILE` +rm -f $PIDFILE + +cp $OBJ/sshd_config.orig $OBJ/sshd_config + +verbose "test reexec fallback" + +start_sshd_copy_zap + +rm -f ${COPY} +for p in 1 2; do + verbose "$tid: proto $p" + ${SSH} -nqo "Protocol=$p" -F $OBJ/ssh_config somehost \ + cat ${DATA} > ${COPY} + if [ $? -ne 0 ]; then + fail "ssh cat $DATA failed" + fi + cmp ${DATA} ${COPY} || fail "corrupted copy" + rm -f ${COPY} +done + +$SUDO kill `cat $PIDFILE` +rm -f $PIDFILE + +verbose "test reexec fallback without privsep" + +cp $OBJ/sshd_config.orig $OBJ/sshd_config +echo "UsePrivilegeSeparation=no" >> $OBJ/sshd_config + +start_sshd_copy_zap + +rm -f ${COPY} +for p in 1 2; do + verbose "$tid: proto $p" + ${SSH} -nqo "Protocol=$p" -F $OBJ/ssh_config somehost \ + cat ${DATA} > ${COPY} + if [ $? -ne 0 ]; then + fail "ssh cat $DATA failed" + fi + cmp ${DATA} ${COPY} || fail "corrupted copy" + rm -f ${COPY} +done + +$SUDO kill `cat $PIDFILE` +rm -f $PIDFILE + +cp $OBJ/sshd_config.orig $OBJ/sshd_config + diff --git a/regress/test-exec.sh b/regress/test-exec.sh index b0ac64e9e..e626dd78a 100644 --- a/regress/test-exec.sh +++ b/regress/test-exec.sh @@ -1,4 +1,4 @@ -# $OpenBSD: test-exec.sh,v 1.20 2004/06/22 22:45:52 dtucker Exp $ +# $OpenBSD: test-exec.sh,v 1.22 2004/06/24 19:32:00 djm Exp $ # Placed in the Public Domain. #SUDO=sudo @@ -82,6 +82,9 @@ if [ "x$TEST_SSH_SCP" != "x" ]; then SCP="${TEST_SSH_SCP}" fi +# Path to sshd must be absolute for rexec +SSHD=`which sshd` + # these should be used in tests export SSH SSHD SSHAGENT SSHADD SSHKEYGEN SSHKEYSCAN SFTP SFTPSERVER SCP #echo $SSH $SSHD $SSHAGENT $SSHADD $SSHKEYGEN $SSHKEYSCAN $SFTP $SFTPSERVER $SCP @@ -265,6 +268,27 @@ start_sshd () test -f $PIDFILE || fatal "no sshd running on port $PORT" } +# Start a sshd and then delete it +start_sshd_copy_zap () +{ + cp ${SSHD} $OBJ/sshd.copy + SSHD_CPY=`which $OBJ/sshd.copy` + + # start sshd + $SUDO $SSHD_CPY -f $OBJ/sshd_config -t || fatal "sshd_config broken" + $SUDO $SSHD_CPY -f $OBJ/sshd_config + + trace "wait for sshd" + i=0; + while [ ! -f $PIDFILE -a $i -lt 5 ]; do + i=`expr $i + 1` + sleep $i + done + + test -f $PIDFILE || fatal "no sshd running on port $PORT" + rm -f $OBJ/sshd.copy +} + # source test body . $SCRIPT -- cgit v1.2.3