From 6c43b48b307c41cd656b415621a644074579a578 Mon Sep 17 00:00:00 2001 From: "markus@openbsd.org" Date: Wed, 14 Jan 2015 09:54:38 +0000 Subject: upstream commit don't reset to the installed sshd; connect before reconfigure, too --- regress/reconfigure.sh | 11 ++++++++++- 1 file changed, 10 insertions(+), 1 deletion(-) (limited to 'regress/reconfigure.sh') diff --git a/regress/reconfigure.sh b/regress/reconfigure.sh index 9fd289531..ba6648bf4 100644 --- a/regress/reconfigure.sh +++ b/regress/reconfigure.sh @@ -1,4 +1,4 @@ -# $OpenBSD: reconfigure.sh,v 1.2 2003/06/21 09:14:05 markus Exp $ +# $OpenBSD: reconfigure.sh,v 1.3 2015/01/14 09:54:38 markus Exp $ # Placed in the Public Domain. tid="simple connect after reconfigure" @@ -15,6 +15,14 @@ esac start_sshd +trace "connect before restart" +for p in 1 2; do + ${SSH} -o "Protocol=$p" -F $OBJ/ssh_config somehost true + if [ $? -ne 0 ]; then + fail "ssh connect with protocol $p failed before reconfigure" + fi +done + PID=`$SUDO cat $PIDFILE` rm -f $PIDFILE $SUDO kill -HUP $PID @@ -28,6 +36,7 @@ done test -f $PIDFILE || fatal "sshd did not restart" +trace "connect after restart" for p in 1 2; do ${SSH} -o "Protocol=$p" -F $OBJ/ssh_config somehost true if [ $? -ne 0 ]; then -- cgit v1.2.3 From 7613f828f49c55ff356007ae9645038ab6682556 Mon Sep 17 00:00:00 2001 From: "markus@openbsd.org" Date: Wed, 14 Jan 2015 09:58:21 +0000 Subject: upstream commit re-add comment about full path --- regress/reconfigure.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'regress/reconfigure.sh') diff --git a/regress/reconfigure.sh b/regress/reconfigure.sh index ba6648bf4..1a42c21b7 100644 --- a/regress/reconfigure.sh +++ b/regress/reconfigure.sh @@ -1,4 +1,4 @@ -# $OpenBSD: reconfigure.sh,v 1.3 2015/01/14 09:54:38 markus Exp $ +# $OpenBSD: reconfigure.sh,v 1.4 2015/01/14 09:58:21 markus Exp $ # Placed in the Public Domain. tid="simple connect after reconfigure" -- cgit v1.2.3 From bd58853102cee739f0e115e6d4b5334332ab1442 Mon Sep 17 00:00:00 2001 From: Damien Miller Date: Wed, 25 Feb 2015 16:58:22 -0800 Subject: valgrind support --- regress/Makefile | 13 ++++++---- regress/integrity.sh | 2 +- regress/multiplex.sh | 2 +- regress/reconfigure.sh | 18 ++++++++------ regress/sshd-log-wrapper.sh | 8 +++--- regress/test-exec.sh | 59 +++++++++++++++++++++++++++++++++++++++++---- regress/valgrind-unit.sh | 20 +++++++++++++++ 7 files changed, 97 insertions(+), 25 deletions(-) create mode 100755 regress/valgrind-unit.sh (limited to 'regress/reconfigure.sh') diff --git a/regress/Makefile b/regress/Makefile index ecc688cab..7005b410d 100644 --- a/regress/Makefile +++ b/regress/Makefile @@ -203,11 +203,14 @@ interop: ${INTEROP_TARGETS} # Unit tests, built by top-level Makefile unit: set -e ; if test -z "${SKIP_UNIT}" ; then \ - ${.OBJDIR}/unittests/sshbuf/test_sshbuf ; \ - ${.OBJDIR}/unittests/sshkey/test_sshkey \ + V="" ; \ + test "x${USE_VALGRIND}" != "x" && \ + V=${.CURDIR}/valgrind-unit.sh ; \ + $$V ${.OBJDIR}/unittests/sshbuf/test_sshbuf ; \ + $$V ${.OBJDIR}/unittests/sshkey/test_sshkey \ -d ${.CURDIR}/unittests/sshkey/testdata ; \ - ${.OBJDIR}/unittests/bitmap/test_bitmap ; \ - ${.OBJDIR}/unittests/kex/test_kex ; \ - ${.OBJDIR}/unittests/hostkeys/test_hostkeys \ + $$V ${.OBJDIR}/unittests/bitmap/test_bitmap ; \ + $$V ${.OBJDIR}/unittests/kex/test_kex ; \ + $$V ${.OBJDIR}/unittests/hostkeys/test_hostkeys \ -d ${.CURDIR}/unittests/hostkeys/testdata ; \ fi diff --git a/regress/integrity.sh b/regress/integrity.sh index 42cb46422..2ff8b3f17 100644 --- a/regress/integrity.sh +++ b/regress/integrity.sh @@ -20,7 +20,7 @@ echo "KexAlgorithms diffie-hellman-group14-sha1,diffie-hellman-group1-sha1" \ >> $OBJ/ssh_proxy # sshd-command for proxy (see test-exec.sh) -cmd="$SUDO sh ${SRC}/sshd-log-wrapper.sh ${SSHD} ${TEST_SSHD_LOGFILE} -i -f $OBJ/sshd_proxy" +cmd="$SUDO sh ${SRC}/sshd-log-wrapper.sh ${TEST_SSHD_LOGFILE} ${SSHD} -i -f $OBJ/sshd_proxy" for m in $macs; do trace "test $tid: mac $m" diff --git a/regress/multiplex.sh b/regress/multiplex.sh index 617615355..acb9234d9 100644 --- a/regress/multiplex.sh +++ b/regress/multiplex.sh @@ -90,7 +90,7 @@ $NC -N -Ul $OBJ/unix-1.fwd < ${DATA} > /dev/null & netcat_pid=$! ${SSH} -F $OBJ/ssh_config -S $CTL -Oforward -L$OBJ/unix-2.fwd:$OBJ/unix-1.fwd otherhost >>$TEST_SSH_LOGFILE 2>&1 ${SSH} -F $OBJ/ssh_config -S $CTL -Oforward -R$OBJ/unix-3.fwd:$OBJ/unix-2.fwd otherhost >>$TEST_SSH_LOGFILE 2>&1 -$NC -U $OBJ/unix-3.fwd < /dev/null > ${COPY} +$NC -U $OBJ/unix-3.fwd < /dev/null > ${COPY} 2>/dev/null cmp ${DATA} ${COPY} || fail "ssh: corrupted copy of ${DATA}" kill $netcat_pid 2>/dev/null rm -f ${COPY} $OBJ/unix-[123].fwd diff --git a/regress/reconfigure.sh b/regress/reconfigure.sh index 1a42c21b7..e6af9eab1 100644 --- a/regress/reconfigure.sh +++ b/regress/reconfigure.sh @@ -4,14 +4,16 @@ tid="simple connect after reconfigure" # we need the full path to sshd for -HUP -case $SSHD in -/*) - # full path is OK - ;; -*) - # otherwise make fully qualified - SSHD=$OBJ/$SSHD -esac +if test "x$USE_VALGRIND" = "x" ; then + case $SSHD in + /*) + # full path is OK + ;; + *) + # otherwise make fully qualified + SSHD=$OBJ/$SSHD + esac +fi start_sshd diff --git a/regress/sshd-log-wrapper.sh b/regress/sshd-log-wrapper.sh index a9386be4d..c00934c78 100644 --- a/regress/sshd-log-wrapper.sh +++ b/regress/sshd-log-wrapper.sh @@ -3,11 +3,9 @@ # Placed in the Public Domain. # # simple wrapper for sshd proxy mode to catch stderr output -# sh sshd-log-wrapper.sh /path/to/sshd /path/to/logfile +# sh sshd-log-wrapper.sh /path/to/logfile /path/to/sshd [args...] -sshd=$1 -log=$2 -shift +log=$1 shift -exec $sshd -E$log $@ +exec "$@" -E$log diff --git a/regress/test-exec.sh b/regress/test-exec.sh index a1bab832f..ff0768a04 100644 --- a/regress/test-exec.sh +++ b/regress/test-exec.sh @@ -141,6 +141,55 @@ case "$SSHAGENT" in *) SSHAGENT=`which $SSHAGENT` ;; esac +# Record the actual binaries used. +SSH_BIN=${SSH} +SSHD_BIN=${SSHD} +SSHAGENT_BIN=${SSHAGENT} +SSHADD_BIN=${SSHADD} +SSHKEYGEN_BIN=${SSHKEYGEN} +SSHKEYSCAN_BIN=${SSHKEYSCAN} +SFTP_BIN=${SFTP} +SFTPSERVER_BIN=${SFTPSERVER} +SCP_BIN=${SCP} + +if [ "x$USE_VALGRIND" != "x" ]; then + mkdir -p $OBJ/valgrind-out + VG_TEST=`basename $SCRIPT .sh` + + # Some tests are difficult to fix. + case "$VG_TEST" in + connect-privsep|reexec) + VG_SKIP=1 ;; + esac + + if [ x"$VG_SKIP" = "x" ]; then + VG_IGNORE="/bin/*,/sbin/*,/usr/*,/var/*" + VG_LOG="$OBJ/valgrind-out/${VG_TEST}." + VG_OPTS="--track-origins=yes --leak-check=full" + VG_OPTS="$VG_OPTS --trace-children=yes" + VG_OPTS="$VG_OPTS --trace-children-skip=${VG_IGNORE}" + VG_PATH="valgrind" + if [ "x$VALGRIND_PATH" != "x" ]; then + VG_PATH="$VALGRIND_PATH" + fi + VG="$VG_PATH $VG_OPTS" + SSH="$VG --log-file=${VG_LOG}ssh.%p $SSH" + SSHD="$VG --log-file=${VG_LOG}sshd.%p $SSHD" + SSHAGENT="$VG --log-file=${VG_LOG}ssh-agent.%p $SSHAGENT" + SSHADD="$VG --log-file=${VG_LOG}ssh-add.%p $SSHADD" + SSHKEYGEN="$VG --log-file=${VG_LOG}ssh-keygen.%p $SSHKEYGEN" + SSHKEYSCAN="$VG --log-file=${VG_LOG}ssh-keyscan.%p $SSHKEYSCAN" + SFTP="$VG --log-file=${VG_LOG}sftp.%p ${SFTP}" + SCP="$VG --log-file=${VG_LOG}scp.%p $SCP" + cat > $OBJ/valgrind-sftp-server.sh << EOF +#!/bin/sh +exec $VG --log-file=${VG_LOG}sftp-server.%p $SFTPSERVER "\$@" +EOF + chmod a+rx $OBJ/valgrind-sftp-server.sh + SFTPSERVER="$OBJ/valgrind-sftp-server.sh" + fi +fi + # Logfiles. # SSH_LOGFILE should be the debug output of ssh(1) only # SSHD_LOGFILE should be the debug output of sshd(8) only @@ -175,7 +224,7 @@ SSH="$SSHLOGWRAP" # [kbytes] to ensure the file is at least that large. DATANAME=data DATA=$OBJ/${DATANAME} -cat ${SSHAGENT} >${DATA} +cat ${SSHAGENT_BIN} >${DATA} chmod u+w ${DATA} COPY=$OBJ/copy rm -f ${COPY} @@ -183,7 +232,7 @@ rm -f ${COPY} increase_datafile_size() { while [ `du -k ${DATA} | cut -f1` -lt $1 ]; do - cat ${SSHAGENT} >>${DATA} + cat ${SSHAGENT_BIN} >>${DATA} done } @@ -388,7 +437,7 @@ rm -f $OBJ/known_hosts $OBJ/authorized_keys_$USER trace "generate keys" for t in rsa rsa1; do # generate user key - if [ ! -f $OBJ/$t ] || [ ${SSHKEYGEN} -nt $OBJ/$t ]; then + if [ ! -f $OBJ/$t ] || [ ${SSHKEYGEN_BIN} -nt $OBJ/$t ]; then rm -f $OBJ/$t ${SSHKEYGEN} -q -N '' -t $t -f $OBJ/$t ||\ fail "ssh-keygen for $t failed" @@ -451,7 +500,7 @@ if test "$REGRESS_INTEROP_PUTTY" = "yes" ; then echo "Hostname=127.0.0.1" >> ${OBJ}/.putty/sessions/localhost_proxy echo "PortNumber=$PORT" >> ${OBJ}/.putty/sessions/localhost_proxy echo "ProxyMethod=5" >> ${OBJ}/.putty/sessions/localhost_proxy - echo "ProxyTelnetCommand=sh ${SRC}/sshd-log-wrapper.sh ${SSHD} ${TEST_SSHD_LOGFILE} -i -f $OBJ/sshd_proxy" >> ${OBJ}/.putty/sessions/localhost_proxy + echo "ProxyTelnetCommand=sh ${SRC}/sshd-log-wrapper.sh ${TEST_SSHD_LOGFILE} ${SSHD} -i -f $OBJ/sshd_proxy" >> ${OBJ}/.putty/sessions/localhost_proxy REGRESS_INTEROP_PUTTY=yes fi @@ -459,7 +508,7 @@ fi # create a proxy version of the client config ( cat $OBJ/ssh_config - echo proxycommand ${SUDO} sh ${SRC}/sshd-log-wrapper.sh ${SSHD} ${TEST_SSHD_LOGFILE} -i -f $OBJ/sshd_proxy + echo proxycommand ${SUDO} sh ${SRC}/sshd-log-wrapper.sh ${TEST_SSHD_LOGFILE} ${SSHD} -i -f $OBJ/sshd_proxy ) > $OBJ/ssh_proxy # check proxy config diff --git a/regress/valgrind-unit.sh b/regress/valgrind-unit.sh new file mode 100755 index 000000000..433cb069a --- /dev/null +++ b/regress/valgrind-unit.sh @@ -0,0 +1,20 @@ +#!/bin/sh + +UNIT_BINARY="$1" +shift +UNIT_ARGS="$@" + +test "x$OBJ" = "x" && OBJ=$PWD + +# This mostly replicates the logic in test-exec.sh for running the +# regress tests under valgrind. +VG_TEST=`basename $UNIT_BINARY` +VG_LOG="$OBJ/valgrind-out/${VG_TEST}.%p" +VG_OPTS="--track-origins=yes --leak-check=full --log-file=${VG_LOG}" +VG_OPTS="$VG_OPTS --trace-children=yes" +VG_PATH="valgrind" +if [ "x$VALGRIND_PATH" != "x" ]; then + VG_PATH="$VALGRIND_PATH" +fi + +exec $VG_PATH $VG_OPTS $UNIT_BINARY $UNIT_ARGS -- cgit v1.2.3 From dad2b1892b4c1b7e58df483a8c5b983c4454e099 Mon Sep 17 00:00:00 2001 From: "markus@openbsd.org" Date: Tue, 3 Mar 2015 22:35:19 +0000 Subject: upstream commit make it possible to run tests w/o ssh1 support; ok djm@ --- regress/agent-timeout.sh | 4 ++-- regress/agent.sh | 8 ++++---- regress/broken-pipe.sh | 4 ++-- regress/cfgmatch.sh | 23 ++++++++++++----------- regress/cipher-speed.sh | 8 ++++++-- regress/connect-privsep.sh | 8 ++++---- regress/connect.sh | 4 ++-- regress/dynamic-forward.sh | 4 ++-- regress/exit-status.sh | 4 ++-- regress/forcecommand.sh | 26 ++++++++++++++------------ regress/forward-control.sh | 6 +++--- regress/forwarding.sh | 13 ++++++++----- regress/host-expand.sh | 4 ++-- regress/key-options.sh | 10 +++++----- regress/keygen-change.sh | 9 +++++++-- regress/keyscan.sh | 9 +++++++-- regress/localcommand.sh | 4 ++-- regress/proto-mismatch.sh | 6 ++++-- regress/proto-version.sh | 10 ++++++---- regress/proxy-connect.sh | 6 +++--- regress/reconfigure.sh | 6 +++--- regress/reexec.sh | 4 ++-- regress/stderr-data.sh | 4 ++-- regress/test-exec.sh | 29 +++++++++++++++++++++++++---- regress/transfer.sh | 4 ++-- regress/try-ciphers.sh | 8 ++++++-- regress/yes-head.sh | 4 ++-- 27 files changed, 139 insertions(+), 90 deletions(-) (limited to 'regress/reconfigure.sh') diff --git a/regress/agent-timeout.sh b/regress/agent-timeout.sh index 68826594e..9598c2032 100644 --- a/regress/agent-timeout.sh +++ b/regress/agent-timeout.sh @@ -1,4 +1,4 @@ -# $OpenBSD: agent-timeout.sh,v 1.2 2013/05/17 01:16:09 dtucker Exp $ +# $OpenBSD: agent-timeout.sh,v 1.3 2015/03/03 22:35:19 markus Exp $ # Placed in the Public Domain. tid="agent timeout test" @@ -12,7 +12,7 @@ if [ $r -ne 0 ]; then fail "could not start ssh-agent: exit code $r" else trace "add keys with timeout" - for t in rsa rsa1; do + for t in ${SSH_KEYTYPES}; do ${SSHADD} -t ${SSHAGENT_TIMEOUT} $OBJ/$t > /dev/null 2>&1 if [ $? -ne 0 ]; then fail "ssh-add did succeed exit code 0" diff --git a/regress/agent.sh b/regress/agent.sh index caad3c88e..c5e2794b7 100644 --- a/regress/agent.sh +++ b/regress/agent.sh @@ -1,4 +1,4 @@ -# $OpenBSD: agent.sh,v 1.10 2014/02/27 21:21:25 djm Exp $ +# $OpenBSD: agent.sh,v 1.11 2015/03/03 22:35:19 markus Exp $ # Placed in the Public Domain. tid="simple agent test" @@ -20,7 +20,7 @@ else fi trace "overwrite authorized keys" printf '' > $OBJ/authorized_keys_$USER - for t in ed25519 rsa rsa1; do + for t in ${SSH_KEYTYPES}; do # generate user key for agent rm -f $OBJ/$t-agent ${SSHKEYGEN} -q -N '' -t $t -f $OBJ/$t-agent ||\ @@ -46,7 +46,7 @@ else fi trace "simple connect via agent" - for p in 1 2; do + for p in ${SSH_PROTOCOLS}; do ${SSH} -$p -F $OBJ/ssh_proxy somehost exit 5$p r=$? if [ $r -ne 5$p ]; then @@ -55,7 +55,7 @@ else done trace "agent forwarding" - for p in 1 2; do + for p in ${SSH_PROTOCOLS}; do ${SSH} -A -$p -F $OBJ/ssh_proxy somehost ${SSHADD} -l > /dev/null 2>&1 r=$? if [ $r -ne 0 ]; then diff --git a/regress/broken-pipe.sh b/regress/broken-pipe.sh index c08c849a7..a416f7a3b 100644 --- a/regress/broken-pipe.sh +++ b/regress/broken-pipe.sh @@ -1,9 +1,9 @@ -# $OpenBSD: broken-pipe.sh,v 1.4 2002/03/15 13:08:56 markus Exp $ +# $OpenBSD: broken-pipe.sh,v 1.5 2015/03/03 22:35:19 markus Exp $ # Placed in the Public Domain. tid="broken pipe test" -for p in 1 2; do +for p in ${SSH_PROTOCOLS}; do trace "protocol $p" for i in 1 2 3 4; do ${SSH} -$p -F $OBJ/ssh_config_config nexthost echo $i 2> /dev/null | true diff --git a/regress/cfgmatch.sh b/regress/cfgmatch.sh index 80cf22930..056296398 100644 --- a/regress/cfgmatch.sh +++ b/regress/cfgmatch.sh @@ -1,4 +1,4 @@ -# $OpenBSD: cfgmatch.sh,v 1.8 2013/05/17 00:37:40 dtucker Exp $ +# $OpenBSD: cfgmatch.sh,v 1.9 2015/03/03 22:35:19 markus Exp $ # Placed in the Public Domain. tid="sshd_config match" @@ -56,7 +56,7 @@ start_sshd #set -x # Test Match + PermitOpen in sshd_config. This should be permitted -for p in 1 2; do +for p in ${SSH_PROTOCOLS}; do trace "match permitopen localhost proto $p" start_client -F $OBJ/ssh_config ${SSH} -q -$p -p $fwdport -F $OBJ/ssh_config somehost true || \ @@ -65,7 +65,7 @@ for p in 1 2; do done # Same but from different source. This should not be permitted -for p in 1 2; do +for p in ${SSH_PROTOCOLS}; do trace "match permitopen proxy proto $p" start_client -F $OBJ/ssh_proxy ${SSH} -q -$p -p $fwdport -F $OBJ/ssh_config somehost true && \ @@ -74,11 +74,12 @@ for p in 1 2; do done # Retry previous with key option, should also be denied. -printf 'permitopen="127.0.0.1:'$PORT'" ' >$OBJ/authorized_keys_$USER -cat $OBJ/rsa.pub >> $OBJ/authorized_keys_$USER -printf 'permitopen="127.0.0.1:'$PORT'" ' >>$OBJ/authorized_keys_$USER -cat $OBJ/rsa1.pub >> $OBJ/authorized_keys_$USER -for p in 1 2; do +cp /dev/null $OBJ/authorized_keys_$USER +for t in ${SSH_KEYTYPES}; do + printf 'permitopen="127.0.0.1:'$PORT'" ' >> $OBJ/authorized_keys_$USER + cat $OBJ/$t.pub >> $OBJ/authorized_keys_$USER +done +for p in ${SSH_PROTOCOLS}; do trace "match permitopen proxy w/key opts proto $p" start_client -F $OBJ/ssh_proxy ${SSH} -q -$p -p $fwdport -F $OBJ/ssh_config somehost true && \ @@ -88,7 +89,7 @@ done # Test both sshd_config and key options permitting the same dst/port pair. # Should be permitted. -for p in 1 2; do +for p in ${SSH_PROTOCOLS}; do trace "match permitopen localhost proto $p" start_client -F $OBJ/ssh_config ${SSH} -q -$p -p $fwdport -F $OBJ/ssh_config somehost true || \ @@ -102,7 +103,7 @@ echo "Match User $USER" >>$OBJ/sshd_proxy echo "PermitOpen 127.0.0.1:1 127.0.0.1:2" >>$OBJ/sshd_proxy # Test that a Match overrides a PermitOpen in the global section -for p in 1 2; do +for p in ${SSH_PROTOCOLS}; do trace "match permitopen proxy w/key opts proto $p" start_client -F $OBJ/ssh_proxy ${SSH} -q -$p -p $fwdport -F $OBJ/ssh_config somehost true && \ @@ -117,7 +118,7 @@ echo "PermitOpen 127.0.0.1:1 127.0.0.1:2" >>$OBJ/sshd_proxy # Test that a rule that doesn't match doesn't override, plus test a # PermitOpen entry that's not at the start of the list -for p in 1 2; do +for p in ${SSH_PROTOCOLS}; do trace "nomatch permitopen proxy w/key opts proto $p" start_client -F $OBJ/ssh_proxy ${SSH} -q -$p -p $fwdport -F $OBJ/ssh_config somehost true || \ diff --git a/regress/cipher-speed.sh b/regress/cipher-speed.sh index a6d53a78d..ad2f9b90b 100644 --- a/regress/cipher-speed.sh +++ b/regress/cipher-speed.sh @@ -1,4 +1,4 @@ -# $OpenBSD: cipher-speed.sh,v 1.11 2013/11/21 03:18:51 djm Exp $ +# $OpenBSD: cipher-speed.sh,v 1.12 2015/03/03 22:35:19 markus Exp $ # Placed in the Public Domain. tid="cipher speed" @@ -31,7 +31,11 @@ for c in `${SSH} -Q cipher`; do n=0; for m in `${SSH} -Q mac`; do n=`expr $n + 1` done; done -ciphers="3des blowfish" +if ssh_version 1; then + ciphers="3des blowfish" +else + ciphers="" +fi for c in $ciphers; do trace "proto 1 cipher $c" for x in $tries; do diff --git a/regress/connect-privsep.sh b/regress/connect-privsep.sh index 41cb7af69..9a51f5690 100644 --- a/regress/connect-privsep.sh +++ b/regress/connect-privsep.sh @@ -1,4 +1,4 @@ -# $OpenBSD: connect-privsep.sh,v 1.5 2014/05/04 10:40:59 logan Exp $ +# $OpenBSD: connect-privsep.sh,v 1.6 2015/03/03 22:35:19 markus Exp $ # Placed in the Public Domain. tid="proxy connect with privsep" @@ -6,7 +6,7 @@ tid="proxy connect with privsep" cp $OBJ/sshd_proxy $OBJ/sshd_proxy.orig echo 'UsePrivilegeSeparation yes' >> $OBJ/sshd_proxy -for p in 1 2; do +for p in ${SSH_PROTOCOLS}; do ${SSH} -$p -F $OBJ/ssh_proxy 999.999.999.999 true if [ $? -ne 0 ]; then fail "ssh privsep+proxyconnect protocol $p failed" @@ -16,7 +16,7 @@ done cp $OBJ/sshd_proxy.orig $OBJ/sshd_proxy echo 'UsePrivilegeSeparation sandbox' >> $OBJ/sshd_proxy -for p in 1 2; do +for p in ${SSH_PROTOCOLS}; do ${SSH} -$p -F $OBJ/ssh_proxy 999.999.999.999 true if [ $? -ne 0 ]; then # XXX replace this with fail once sandbox has stabilised @@ -27,7 +27,7 @@ done # Because sandbox is sensitive to changes in libc, especially malloc, retest # with every malloc.conf option (and none). for m in '' A F G H J P R S X '<' '>'; do - for p in 1 2; do + for p in ${SSH_PROTOCOLS}; do env MALLOC_OPTIONS="$m" ${SSH} -$p -F $OBJ/ssh_proxy 999.999.999.999 true if [ $? -ne 0 ]; then fail "ssh privsep/sandbox+proxyconnect protocol $p mopt '$m' failed" diff --git a/regress/connect.sh b/regress/connect.sh index 2186fa6e7..f0d55d343 100644 --- a/regress/connect.sh +++ b/regress/connect.sh @@ -1,11 +1,11 @@ -# $OpenBSD: connect.sh,v 1.4 2002/03/15 13:08:56 markus Exp $ +# $OpenBSD: connect.sh,v 1.5 2015/03/03 22:35:19 markus Exp $ # Placed in the Public Domain. tid="simple connect" start_sshd -for p in 1 2; do +for p in ${SSH_PROTOCOLS}; do ${SSH} -o "Protocol=$p" -F $OBJ/ssh_config somehost true if [ $? -ne 0 ]; then fail "ssh connect with protocol $p failed" diff --git a/regress/dynamic-forward.sh b/regress/dynamic-forward.sh index 42fa8acdc..dd67c9639 100644 --- a/regress/dynamic-forward.sh +++ b/regress/dynamic-forward.sh @@ -1,4 +1,4 @@ -# $OpenBSD: dynamic-forward.sh,v 1.10 2013/05/17 04:29:14 dtucker Exp $ +# $OpenBSD: dynamic-forward.sh,v 1.11 2015/03/03 22:35:19 markus Exp $ # Placed in the Public Domain. tid="dynamic forwarding" @@ -17,7 +17,7 @@ trace "will use ProxyCommand $proxycmd" start_sshd -for p in 1 2; do +for p in ${SSH_PROTOCOLS}; do n=0 error="1" trace "start dynamic forwarding, fork to background" diff --git a/regress/exit-status.sh b/regress/exit-status.sh index 56b78a622..397d8d732 100644 --- a/regress/exit-status.sh +++ b/regress/exit-status.sh @@ -1,9 +1,9 @@ -# $OpenBSD: exit-status.sh,v 1.6 2002/03/15 13:08:56 markus Exp $ +# $OpenBSD: exit-status.sh,v 1.7 2015/03/03 22:35:19 markus Exp $ # Placed in the Public Domain. tid="remote exit status" -for p in 1 2; do +for p in ${SSH_PROTOCOLS}; do for s in 0 1 4 5 44; do trace "proto $p status $s" verbose "test $tid: proto $p status $s" diff --git a/regress/forcecommand.sh b/regress/forcecommand.sh index 44d2b7ffd..8a9b090ea 100644 --- a/regress/forcecommand.sh +++ b/regress/forcecommand.sh @@ -1,30 +1,32 @@ -# $OpenBSD: forcecommand.sh,v 1.2 2013/05/17 00:37:40 dtucker Exp $ +# $OpenBSD: forcecommand.sh,v 1.3 2015/03/03 22:35:19 markus Exp $ # Placed in the Public Domain. tid="forced command" cp $OBJ/sshd_proxy $OBJ/sshd_proxy_bak -printf 'command="true" ' >$OBJ/authorized_keys_$USER -cat $OBJ/rsa.pub >> $OBJ/authorized_keys_$USER -printf 'command="true" ' >>$OBJ/authorized_keys_$USER -cat $OBJ/rsa1.pub >> $OBJ/authorized_keys_$USER +cp /dev/null $OBJ/authorized_keys_$USER +for t in ${SSH_KEYTYPES}; do + printf 'command="true" ' >>$OBJ/authorized_keys_$USER + cat $OBJ/$t.pub >> $OBJ/authorized_keys_$USER +done -for p in 1 2; do +for p in ${SSH_PROTOCOLS}; do trace "forced command in key option proto $p" ${SSH} -$p -F $OBJ/ssh_proxy somehost false \ || fail "forced command in key proto $p" done -printf 'command="false" ' >$OBJ/authorized_keys_$USER -cat $OBJ/rsa.pub >> $OBJ/authorized_keys_$USER -printf 'command="false" ' >>$OBJ/authorized_keys_$USER -cat $OBJ/rsa1.pub >> $OBJ/authorized_keys_$USER +cp /dev/null $OBJ/authorized_keys_$USER +for t in ${SSH_KEYTYPES}; do + printf 'command="false" ' >> $OBJ/authorized_keys_$USER + cat $OBJ/$t.pub >> $OBJ/authorized_keys_$USER +done cp $OBJ/sshd_proxy_bak $OBJ/sshd_proxy echo "ForceCommand true" >> $OBJ/sshd_proxy -for p in 1 2; do +for p in ${SSH_PROTOCOLS}; do trace "forced command in sshd_config overrides key option proto $p" ${SSH} -$p -F $OBJ/ssh_proxy somehost false \ || fail "forced command in key proto $p" @@ -35,7 +37,7 @@ echo "ForceCommand false" >> $OBJ/sshd_proxy echo "Match User $USER" >> $OBJ/sshd_proxy echo " ForceCommand true" >> $OBJ/sshd_proxy -for p in 1 2; do +for p in ${SSH_PROTOCOLS}; do trace "forced command with match proto $p" ${SSH} -$p -F $OBJ/ssh_proxy somehost false \ || fail "forced command in key proto $p" diff --git a/regress/forward-control.sh b/regress/forward-control.sh index 7f7d105e8..91957098f 100644 --- a/regress/forward-control.sh +++ b/regress/forward-control.sh @@ -1,4 +1,4 @@ -# $OpenBSD: forward-control.sh,v 1.2 2013/11/18 05:09:32 naddy Exp $ +# $OpenBSD: forward-control.sh,v 1.3 2015/03/03 22:35:19 markus Exp $ # Placed in the Public Domain. tid="sshd control of local and remote forwarding" @@ -99,7 +99,7 @@ cp ${OBJ}/sshd_proxy ${OBJ}/sshd_proxy.bak cp ${OBJ}/authorized_keys_${USER} ${OBJ}/authorized_keys_${USER}.bak # Sanity check: ensure the default config allows forwarding -for p in 1 2 ; do +for p in ${SSH_PROTOCOLS} ; do check_lfwd $p Y "proto $p, default configuration" check_rfwd $p Y "proto $p, default configuration" done @@ -115,7 +115,7 @@ all_tests() { _permit_rfwd=$7 _badfwd=127.0.0.1:22 _goodfwd=127.0.0.1:${PORT} - for _proto in 1 2 ; do + for _proto in ${SSH_PROTOCOLS} ; do cp ${OBJ}/authorized_keys_${USER}.bak \ ${OBJ}/authorized_keys_${USER} _prefix="proto $_proto, AllowTcpForwarding=$_tcpfwd" diff --git a/regress/forwarding.sh b/regress/forwarding.sh index 0eee3176a..fb4f35aff 100644 --- a/regress/forwarding.sh +++ b/regress/forwarding.sh @@ -1,4 +1,4 @@ -# $OpenBSD: forwarding.sh,v 1.14 2015/02/23 20:32:15 djm Exp $ +# $OpenBSD: forwarding.sh,v 1.15 2015/03/03 22:35:19 markus Exp $ # Placed in the Public Domain. tid="local and remote forwarding" @@ -23,8 +23,11 @@ for j in 0 1 2; do last=$a done done -for p in 1 2; do +for p in ${SSH_PROTOCOLS}; do q=`expr 3 - $p` + if ! ssh_version $q; then + q=$p + fi trace "start forwarding, fork to background" ${SSH} -$p -F $OBJ/ssh_config -f $fwd somehost sleep 10 @@ -37,7 +40,7 @@ for p in 1 2; do sleep 10 done -for p in 1 2; do +for p in ${SSH_PROTOCOLS}; do for d in L R; do trace "exit on -$d forward failure, proto $p" @@ -67,7 +70,7 @@ for d in L R; do done done -for p in 1 2; do +for p in ${SSH_PROTOCOLS}; do trace "simple clear forwarding proto $p" ${SSH} -$p -F $OBJ/ssh_config -oClearAllForwardings=yes somehost true @@ -110,7 +113,7 @@ done echo "LocalForward ${base}01 127.0.0.1:$PORT" >> $OBJ/ssh_config echo "RemoteForward ${base}02 127.0.0.1:${base}01" >> $OBJ/ssh_config -for p in 1 2; do +for p in ${SSH_PROTOCOLS}; do trace "config file: start forwarding, fork to background" ${SSH} -S $CTL -M -$p -F $OBJ/ssh_config -f somehost sleep 10 diff --git a/regress/host-expand.sh b/regress/host-expand.sh index 6cc0e6055..2a95bfe1b 100644 --- a/regress/host-expand.sh +++ b/regress/host-expand.sh @@ -1,4 +1,4 @@ -# $OpenBSD: host-expand.sh,v 1.3 2014/02/27 23:17:41 djm Exp $ +# $OpenBSD: host-expand.sh,v 1.4 2015/03/03 22:35:19 markus Exp $ # Placed in the Public Domain. tid="expand %h and %n" @@ -11,7 +11,7 @@ somehost 127.0.0.1 EOE -for p in 1 2; do +for p in ${SSH_PROTOCOLS}; do verbose "test $tid: proto $p" ${SSH} -F $OBJ/ssh_proxy -$p somehost true >$OBJ/actual diff $OBJ/expect $OBJ/actual || fail "$tid proto $p" diff --git a/regress/key-options.sh b/regress/key-options.sh index f98d78b30..7a68ad358 100644 --- a/regress/key-options.sh +++ b/regress/key-options.sh @@ -1,4 +1,4 @@ -# $OpenBSD: key-options.sh,v 1.2 2008/06/30 08:07:34 djm Exp $ +# $OpenBSD: key-options.sh,v 1.3 2015/03/03 22:35:19 markus Exp $ # Placed in the Public Domain. tid="key options" @@ -8,7 +8,7 @@ authkeys="$OBJ/authorized_keys_${USER}" cp $authkeys $origkeys # Test command= forced command -for p in 1 2; do +for p in ${SSH_PROTOCOLS}; do for c in 'command="echo bar"' 'no-pty,command="echo bar"'; do sed "s/.*/$c &/" $origkeys >$authkeys verbose "key option proto $p $c" @@ -24,7 +24,7 @@ done # Test no-pty sed 's/.*/no-pty &/' $origkeys >$authkeys -for p in 1 2; do +for p in ${SSH_PROTOCOLS}; do verbose "key option proto $p no-pty" r=`${SSH} -$p -q -F $OBJ/ssh_proxy somehost tty` if [ -f "$r" ]; then @@ -35,7 +35,7 @@ done # Test environment= echo 'PermitUserEnvironment yes' >> $OBJ/sshd_proxy sed 's/.*/environment="FOO=bar" &/' $origkeys >$authkeys -for p in 1 2; do +for p in ${SSH_PROTOCOLS}; do verbose "key option proto $p environment" r=`${SSH} -$p -q -F $OBJ/ssh_proxy somehost 'echo $FOO'` if [ "$r" != "bar" ]; then @@ -45,7 +45,7 @@ done # Test from= restriction start_sshd -for p in 1 2; do +for p in ${SSH_PROTOCOLS}; do for f in 127.0.0.1 '127.0.0.0\/8'; do cat $origkeys >$authkeys ${SSH} -$p -q -F $OBJ/ssh_proxy somehost true diff --git a/regress/keygen-change.sh b/regress/keygen-change.sh index 04a0d54fc..e56185050 100644 --- a/regress/keygen-change.sh +++ b/regress/keygen-change.sh @@ -1,4 +1,4 @@ -# $OpenBSD: keygen-change.sh,v 1.4 2015/01/13 08:23:26 djm Exp $ +# $OpenBSD: keygen-change.sh,v 1.5 2015/03/03 22:35:19 markus Exp $ # Placed in the Public Domain. tid="change passphrase for key" @@ -6,7 +6,12 @@ tid="change passphrase for key" S1="secret1" S2="2secret" -for t in `${SSH} -Q key-plain` ; do +KEYTYPES=`${SSH} -Q key-plain` +if ssh_version 1; then + KEYTYPES="${KEYTYPES} rsa1" +fi + +for t in $KEYTYPES; do # generate user key for agent trace "generating $t key" rm -f $OBJ/$t-key diff --git a/regress/keyscan.sh b/regress/keyscan.sh index 33f14f0fc..886f3295a 100644 --- a/regress/keyscan.sh +++ b/regress/keyscan.sh @@ -1,4 +1,4 @@ -# $OpenBSD: keyscan.sh,v 1.3 2002/03/15 13:08:56 markus Exp $ +# $OpenBSD: keyscan.sh,v 1.4 2015/03/03 22:35:19 markus Exp $ # Placed in the Public Domain. tid="keyscan" @@ -8,7 +8,12 @@ rm -f ${OBJ}/host.dsa start_sshd -for t in rsa1 rsa dsa; do +KEYTYPES="rsa dsa" +if ssh_version 1; then + KEYTYPES="${KEYTYPES} rsa1" +fi + +for t in $KEYTYPES; do trace "keyscan type $t" ${SSHKEYSCAN} -t $t -p $PORT 127.0.0.1 127.0.0.1 127.0.0.1 \ > /dev/null 2>&1 diff --git a/regress/localcommand.sh b/regress/localcommand.sh index 8a9b56971..220f19a4d 100644 --- a/regress/localcommand.sh +++ b/regress/localcommand.sh @@ -1,4 +1,4 @@ -# $OpenBSD: localcommand.sh,v 1.2 2013/05/17 10:24:48 dtucker Exp $ +# $OpenBSD: localcommand.sh,v 1.3 2015/03/03 22:35:19 markus Exp $ # Placed in the Public Domain. tid="localcommand" @@ -6,7 +6,7 @@ tid="localcommand" echo 'PermitLocalCommand yes' >> $OBJ/ssh_proxy echo 'LocalCommand echo foo' >> $OBJ/ssh_proxy -for p in 1 2; do +for p in ${SSH_PROTOCOLS}; do verbose "test $tid: proto $p localcommand" a=`${SSH} -F $OBJ/ssh_proxy -$p somehost true` if [ "$a" != "foo" ] ; then diff --git a/regress/proto-mismatch.sh b/regress/proto-mismatch.sh index fb521f214..9e8024beb 100644 --- a/regress/proto-mismatch.sh +++ b/regress/proto-mismatch.sh @@ -1,4 +1,4 @@ -# $OpenBSD: proto-mismatch.sh,v 1.3 2002/03/15 13:08:56 markus Exp $ +# $OpenBSD: proto-mismatch.sh,v 1.4 2015/03/03 22:35:19 markus Exp $ # Placed in the Public Domain. tid="protocol version mismatch" @@ -16,4 +16,6 @@ mismatch () } mismatch 2 SSH-1.5-HALLO -mismatch 1 SSH-2.0-HALLO +if ssh_version 1; then + mismatch 1 SSH-2.0-HALLO +fi diff --git a/regress/proto-version.sh b/regress/proto-version.sh index b876dd7ec..cf4946115 100644 --- a/regress/proto-version.sh +++ b/regress/proto-version.sh @@ -1,4 +1,4 @@ -# $OpenBSD: proto-version.sh,v 1.4 2013/05/17 00:37:40 dtucker Exp $ +# $OpenBSD: proto-version.sh,v 1.5 2015/03/03 22:35:19 markus Exp $ # Placed in the Public Domain. tid="sshd version with different protocol combinations" @@ -28,7 +28,9 @@ check_version () fi } -check_version 2,1 199 -check_version 1,2 199 check_version 2 20 -check_version 1 15 +if ssh_version 1; then + check_version 2,1 199 + check_version 1,2 199 + check_version 1 15 +fi diff --git a/regress/proxy-connect.sh b/regress/proxy-connect.sh index 023ba7367..f816962b5 100644 --- a/regress/proxy-connect.sh +++ b/regress/proxy-connect.sh @@ -1,4 +1,4 @@ -# $OpenBSD: proxy-connect.sh,v 1.7 2014/05/03 18:46:14 dtucker Exp $ +# $OpenBSD: proxy-connect.sh,v 1.8 2015/03/03 22:35:19 markus Exp $ # Placed in the Public Domain. tid="proxy connect" @@ -9,7 +9,7 @@ for ps in no yes; do cp $OBJ/sshd_proxy.orig $OBJ/sshd_proxy echo "UsePrivilegeSeparation $ps" >> $OBJ/sshd_proxy - for p in 1 2; do + for p in ${SSH_PROTOCOLS}; do for c in no yes; do verbose "plain username protocol $p privsep=$ps comp=$c" opts="-$p -oCompression=$c -F $OBJ/ssh_proxy" @@ -24,7 +24,7 @@ for ps in no yes; do done done -for p in 1 2; do +for p in ${SSH_PROTOCOLS}; do verbose "username with style protocol $p" ${SSH} -$p -F $OBJ/ssh_proxy ${USER}:style@999.999.999.999 true || \ fail "ssh proxyconnect protocol $p failed" diff --git a/regress/reconfigure.sh b/regress/reconfigure.sh index e6af9eab1..eecddd3c7 100644 --- a/regress/reconfigure.sh +++ b/regress/reconfigure.sh @@ -1,4 +1,4 @@ -# $OpenBSD: reconfigure.sh,v 1.4 2015/01/14 09:58:21 markus Exp $ +# $OpenBSD: reconfigure.sh,v 1.5 2015/03/03 22:35:19 markus Exp $ # Placed in the Public Domain. tid="simple connect after reconfigure" @@ -18,7 +18,7 @@ fi start_sshd trace "connect before restart" -for p in 1 2; do +for p in ${SSH_PROTOCOLS} ; do ${SSH} -o "Protocol=$p" -F $OBJ/ssh_config somehost true if [ $? -ne 0 ]; then fail "ssh connect with protocol $p failed before reconfigure" @@ -39,7 +39,7 @@ done test -f $PIDFILE || fatal "sshd did not restart" trace "connect after restart" -for p in 1 2; do +for p in ${SSH_PROTOCOLS} ; do ${SSH} -o "Protocol=$p" -F $OBJ/ssh_config somehost true if [ $? -ne 0 ]; then fail "ssh connect with protocol $p failed after reconfigure" diff --git a/regress/reexec.sh b/regress/reexec.sh index 433573f06..5c0a7b46f 100644 --- a/regress/reexec.sh +++ b/regress/reexec.sh @@ -1,4 +1,4 @@ -# $OpenBSD: reexec.sh,v 1.7 2013/05/17 10:23:52 dtucker Exp $ +# $OpenBSD: reexec.sh,v 1.8 2015/03/03 22:35:19 markus Exp $ # Placed in the Public Domain. tid="reexec tests" @@ -19,7 +19,7 @@ start_sshd_copy () copy_tests () { rm -f ${COPY} - for p in 1 2; do + for p in ${SSH_PROTOCOLS} ; do verbose "$tid: proto $p" ${SSH} -nqo "Protocol=$p" -F $OBJ/ssh_config somehost \ cat ${DATA} > ${COPY} diff --git a/regress/stderr-data.sh b/regress/stderr-data.sh index b0bd2355c..8c8149a73 100644 --- a/regress/stderr-data.sh +++ b/regress/stderr-data.sh @@ -1,10 +1,10 @@ -# $OpenBSD: stderr-data.sh,v 1.3 2013/05/17 04:29:14 dtucker Exp $ +# $OpenBSD: stderr-data.sh,v 1.4 2015/03/03 22:35:19 markus Exp $ # Placed in the Public Domain. tid="stderr data transfer" for n in '' -n; do -for p in 1 2; do +for p in ${SSH_PROTOCOLS}; do verbose "test $tid: proto $p ($n)" ${SSH} $n -$p -F $OBJ/ssh_proxy otherhost \ exec sh -c \'"exec > /dev/null; sleep 3; cat ${DATA} 1>&2 $s"\' \ diff --git a/regress/test-exec.sh b/regress/test-exec.sh index ff0768a04..12ba094a9 100644 --- a/regress/test-exec.sh +++ b/regress/test-exec.sh @@ -1,4 +1,4 @@ -# $OpenBSD: test-exec.sh,v 1.48 2014/07/06 07:42:03 djm Exp $ +# $OpenBSD: test-exec.sh,v 1.51 2015/03/03 22:35:19 markus Exp $ # Placed in the Public Domain. #SUDO=sudo @@ -130,6 +130,11 @@ if [ "x$TEST_SSH_CONCH" != "x" ]; then esac fi +SSH_PROTOCOLS=`$SSH -Q protocol-version` +if [ "x$TEST_SSH_PROTOCOLS" != "x" ]; then + SSH_PROTOCOLS="${TEST_SSH_PROTOCOLS}" +fi + # Path to sshd must be absolute for rexec case "$SSHD" in /*) ;; @@ -374,16 +379,27 @@ fatal () exit $RESULT } +ssh_version () +{ + echo ${SSH_PROTOCOLS} | grep -q "$1" +} + RESULT=0 PIDFILE=$OBJ/pidfile trap fatal 3 2 +if ssh_version 1; then + PROTO="2,1" +else + PROTO="2" +fi + # create server config cat << EOF > $OBJ/sshd_config StrictModes no Port $PORT - Protocol 2,1 + Protocol $PROTO AddressFamily inet ListenAddress 127.0.0.1 #ListenAddress ::1 @@ -409,7 +425,7 @@ echo 'StrictModes no' >> $OBJ/sshd_proxy # create client config cat << EOF > $OBJ/ssh_config Host * - Protocol 2,1 + Protocol $PROTO Hostname 127.0.0.1 HostKeyAlias localhost-with-alias Port $PORT @@ -434,8 +450,13 @@ fi rm -f $OBJ/known_hosts $OBJ/authorized_keys_$USER +if ssh_version 1; then + SSH_KEYTYPES="rsa rsa1" +else + SSH_KEYTYPES="rsa ed25519" +fi trace "generate keys" -for t in rsa rsa1; do +for t in ${SSH_KEYTYPES}; do # generate user key if [ ! -f $OBJ/$t ] || [ ${SSHKEYGEN_BIN} -nt $OBJ/$t ]; then rm -f $OBJ/$t diff --git a/regress/transfer.sh b/regress/transfer.sh index 1ae3ef5bf..36c14634a 100644 --- a/regress/transfer.sh +++ b/regress/transfer.sh @@ -1,9 +1,9 @@ -# $OpenBSD: transfer.sh,v 1.2 2013/05/17 04:29:14 dtucker Exp $ +# $OpenBSD: transfer.sh,v 1.3 2015/03/03 22:35:19 markus Exp $ # Placed in the Public Domain. tid="transfer data" -for p in 1 2; do +for p in ${SSH_PROTOCOLS}; do verbose "$tid: proto $p" rm -f ${COPY} ${SSH} -n -q -$p -F $OBJ/ssh_proxy somehost cat ${DATA} > ${COPY} diff --git a/regress/try-ciphers.sh b/regress/try-ciphers.sh index 2881ce16c..4165c7b88 100644 --- a/regress/try-ciphers.sh +++ b/regress/try-ciphers.sh @@ -1,4 +1,4 @@ -# $OpenBSD: try-ciphers.sh,v 1.23 2014/04/21 22:15:37 djm Exp $ +# $OpenBSD: try-ciphers.sh,v 1.24 2015/03/03 22:35:19 markus Exp $ # Placed in the Public Domain. tid="try ciphers" @@ -26,7 +26,11 @@ for c in `${SSH} -Q cipher`; do done done -ciphers="3des blowfish" +if ssh_version 1; then + ciphers="3des blowfish" +else + ciphers="" +fi for c in $ciphers; do trace "proto 1 cipher $c" verbose "test $tid: proto 1 cipher $c" diff --git a/regress/yes-head.sh b/regress/yes-head.sh index a8e6bc800..1fc754211 100644 --- a/regress/yes-head.sh +++ b/regress/yes-head.sh @@ -1,9 +1,9 @@ -# $OpenBSD: yes-head.sh,v 1.4 2002/03/15 13:08:56 markus Exp $ +# $OpenBSD: yes-head.sh,v 1.5 2015/03/03 22:35:19 markus Exp $ # Placed in the Public Domain. tid="yes pipe head" -for p in 1 2; do +for p in ${SSH_PROTOCOLS}; do lines=`${SSH} -$p -F $OBJ/ssh_proxy thishost 'sh -c "while true;do echo yes;done | _POSIX2_VERSION=199209 head -2000"' | (sleep 3 ; wc -l)` if [ $? -ne 0 ]; then fail "yes|head test failed" -- cgit v1.2.3