From f3568fc62b73b50a0a3c8447e4a00f4892cab25e Mon Sep 17 00:00:00 2001 From: Darren Tucker Date: Fri, 17 May 2013 09:35:26 +1000 Subject: - djm@cvs.openbsd.org 2013/04/18 02:46:12 [Makefile regress/sftp-chroot.sh] test sshd ChrootDirectory+internal-sftp; feedback & ok dtucker@ --- regress/sftp-chroot.sh | 26 ++++++++++++++++++++++++++ 1 file changed, 26 insertions(+) create mode 100644 regress/sftp-chroot.sh (limited to 'regress/sftp-chroot.sh') diff --git a/regress/sftp-chroot.sh b/regress/sftp-chroot.sh new file mode 100644 index 000000000..8c07979b4 --- /dev/null +++ b/regress/sftp-chroot.sh @@ -0,0 +1,26 @@ +# $OpenBSD: sftp-chroot.sh,v 1.1 2013/04/18 02:46:12 djm Exp $ +# Placed in the Public Domain. + +tid="sftp in chroot" + +COPY=${OBJ}/copy +CHROOT=/var/run +FILENAME=testdata_${USER} +PRIVDATA=${CHROOT}/${FILENAME} + +if [ -z "$SUDO" ]; then + fatal "need SUDO to create file in /var/run, test won't work without" +fi + +$SUDO sh -c "echo mekmitastdigoat > $PRIVDATA" || \ + fatal "create $PRIVDATA failed" + +start_sshd -oChrootDirectory=$CHROOT -oForceCommand="internal-sftp -d /" + +verbose "test $tid: get" +rm -f ${COPY} +${SFTP} -qS "$SSH" -F $OBJ/ssh_config host:/${FILENAME} $COPY || \ + fatal "Fetch ${FILENAME} failed" +cmp $PRIVDATA $COPY || fail "$PRIVDATA $COPY differ" + +$SUDO rm $PRIVDATA -- cgit v1.2.3 From 59d928d3b47e8298f4a8b4b3fb37fb8c8ce1b098 Mon Sep 17 00:00:00 2001 From: Darren Tucker Date: Fri, 17 May 2013 15:32:29 +1000 Subject: - dtucker@cvs.openbsd.org 2013/05/17 04:29:14 [regress/sftp.sh regress/putty-ciphers.sh regress/cipher-speed.sh regress/test-exec.sh regress/sftp-batch.sh regress/dynamic-forward.sh regress/putty-transfer.sh regress/conch-ciphers.sh regress/sftp-cmds.sh regress/scp.sh regress/ssh-com-sftp.sh regress/rekey.sh regress/putty-kex.sh regress/stderr-data.sh regress/stderr-after-eof.sh regress/sftp-badcmds.sh regress/reexec.sh regress/ssh-com-client.sh regress/sftp-chroot.sh regress/forwarding.sh regress/transfer.sh regress/multiplex.sh] Move the setting of DATA and COPY into test-exec.sh --- ChangeLog | 10 ++++++++++ regress/cipher-speed.sh | 2 +- regress/conch-ciphers.sh | 5 +---- regress/dynamic-forward.sh | 4 +--- regress/forwarding.sh | 9 ++++----- regress/multiplex.sh | 4 +--- regress/putty-ciphers.sh | 5 +---- regress/putty-kex.sh | 5 +---- regress/putty-transfer.sh | 5 +---- regress/reexec.sh | 8 +++----- regress/rekey.sh | 8 ++------ regress/scp.sh | 4 +--- regress/sftp-badcmds.sh | 4 +--- regress/sftp-batch.sh | 4 +--- regress/sftp-chroot.sh | 4 +--- regress/sftp-cmds.sh | 4 +--- regress/sftp.sh | 5 +---- regress/ssh-com-client.sh | 6 +----- regress/ssh-com-sftp.sh | 4 +--- regress/stderr-after-eof.sh | 6 +----- regress/stderr-data.sh | 6 +----- regress/test-exec.sh | 15 ++++++++++----- regress/transfer.sh | 5 +---- 23 files changed, 47 insertions(+), 85 deletions(-) (limited to 'regress/sftp-chroot.sh') diff --git a/ChangeLog b/ChangeLog index a12bf335c..a0dd182f8 100644 --- a/ChangeLog +++ b/ChangeLog @@ -58,6 +58,16 @@ - dtucker@cvs.openbsd.org 2013/05/17 01:32:11 [regress/integrity.sh] don't print output from ssh before getting it (it's available in ssh.log) + - dtucker@cvs.openbsd.org 2013/05/17 04:29:14 + [regress/sftp.sh regress/putty-ciphers.sh regress/cipher-speed.sh + regress/test-exec.sh regress/sftp-batch.sh regress/dynamic-forward.sh + regress/putty-transfer.sh regress/conch-ciphers.sh regress/sftp-cmds.sh + regress/scp.sh regress/ssh-com-sftp.sh regress/rekey.sh + regress/putty-kex.sh regress/stderr-data.sh regress/stderr-after-eof.sh + regress/sftp-badcmds.sh regress/reexec.sh regress/ssh-com-client.sh + regress/sftp-chroot.sh regress/forwarding.sh regress/transfer.sh + regress/multiplex.sh] + Move the setting of DATA and COPY into test-exec.sh - (dtucker) [regress/bsd.regress.mk] Remove unused file. We've never used it in portable and it's long gone in openbsd. - (dtucker) [regress/integrity.sh]. Force fixed Diffie-Hellman key exchange diff --git a/regress/cipher-speed.sh b/regress/cipher-speed.sh index 07daebe62..489d9f5fa 100644 --- a/regress/cipher-speed.sh +++ b/regress/cipher-speed.sh @@ -1,4 +1,4 @@ -# $OpenBSD: cipher-speed.sh,v 1.8 2013/05/17 00:37:40 dtucker Exp $ +# $OpenBSD: cipher-speed.sh,v 1.9 2013/05/17 04:29:14 dtucker Exp $ # Placed in the Public Domain. tid="cipher speed" diff --git a/regress/conch-ciphers.sh b/regress/conch-ciphers.sh index 5b65cd993..199d863a0 100644 --- a/regress/conch-ciphers.sh +++ b/regress/conch-ciphers.sh @@ -1,11 +1,8 @@ -# $OpenBSD: conch-ciphers.sh,v 1.2 2008/06/30 10:43:03 djm Exp $ +# $OpenBSD: conch-ciphers.sh,v 1.3 2013/05/17 04:29:14 dtucker Exp $ # Placed in the Public Domain. tid="conch ciphers" -DATA=/bin/ls -COPY=${OBJ}/copy - if test "x$REGRESS_INTEROP_CONCH" != "xyes" ; then echo "conch interop tests not enabled" exit 0 diff --git a/regress/dynamic-forward.sh b/regress/dynamic-forward.sh index d1ab8059b..42fa8acdc 100644 --- a/regress/dynamic-forward.sh +++ b/regress/dynamic-forward.sh @@ -1,12 +1,10 @@ -# $OpenBSD: dynamic-forward.sh,v 1.9 2011/06/03 00:29:52 dtucker Exp $ +# $OpenBSD: dynamic-forward.sh,v 1.10 2013/05/17 04:29:14 dtucker Exp $ # Placed in the Public Domain. tid="dynamic forwarding" FWDPORT=`expr $PORT + 1` -DATA=/bin/ls${EXEEXT} - if have_prog nc && nc -h 2>&1 | grep "proxy address" >/dev/null; then proxycmd="nc -x 127.0.0.1:$FWDPORT -X" elif have_prog connect; then diff --git a/regress/forwarding.sh b/regress/forwarding.sh index 6a7003070..2ba140fee 100644 --- a/regress/forwarding.sh +++ b/regress/forwarding.sh @@ -1,8 +1,7 @@ -# $OpenBSD: forwarding.sh,v 1.9 2013/04/07 02:16:03 dtucker Exp $ +# $OpenBSD: forwarding.sh,v 1.10 2013/05/17 04:29:14 dtucker Exp $ # Placed in the Public Domain. tid="local and remote forwarding" -DATA=/bin/ls${EXEEXT} start_sshd @@ -26,9 +25,9 @@ for p in 1 2; do trace "transfer over forwarded channels and check result" ${SSH} -$q -F $OBJ/ssh_config -p$last -o 'ConnectionAttempts=4' \ - somehost cat $DATA > $OBJ/ls.copy - test -f $OBJ/ls.copy || fail "failed copy $DATA" - cmp $DATA $OBJ/ls.copy || fail "corrupted copy of $DATA" + somehost cat ${DATA} > ${COPY} + test -f ${COPY} || fail "failed copy of ${DATA}" + cmp ${DATA} ${COPY} || fail "corrupted copy of ${DATA}" sleep 10 done diff --git a/regress/multiplex.sh b/regress/multiplex.sh index 8389b3840..3e697e691 100644 --- a/regress/multiplex.sh +++ b/regress/multiplex.sh @@ -1,4 +1,4 @@ -# $OpenBSD: multiplex.sh,v 1.20 2013/04/22 07:28:53 dtucker Exp $ +# $OpenBSD: multiplex.sh,v 1.21 2013/05/17 04:29:14 dtucker Exp $ # Placed in the Public Domain. CTL=/tmp/openssh.regress.ctl-sock.$$ @@ -10,8 +10,6 @@ if config_defined DISABLE_FD_PASSING ; then exit 0 fi -DATA=/bin/ls${EXEEXT} -COPY=$OBJ/ls.copy P=3301 # test port wait_for_mux_master_ready() diff --git a/regress/putty-ciphers.sh b/regress/putty-ciphers.sh index 928ea60d2..724a98cc1 100644 --- a/regress/putty-ciphers.sh +++ b/regress/putty-ciphers.sh @@ -1,11 +1,8 @@ -# $OpenBSD: putty-ciphers.sh,v 1.3 2008/11/10 02:06:35 djm Exp $ +# $OpenBSD: putty-ciphers.sh,v 1.4 2013/05/17 04:29:14 dtucker Exp $ # Placed in the Public Domain. tid="putty ciphers" -DATA=/bin/ls -COPY=${OBJ}/copy - if test "x$REGRESS_INTEROP_PUTTY" != "xyes" ; then echo "putty interop tests not enabled" exit 0 diff --git a/regress/putty-kex.sh b/regress/putty-kex.sh index 293885a8a..1844d6599 100644 --- a/regress/putty-kex.sh +++ b/regress/putty-kex.sh @@ -1,11 +1,8 @@ -# $OpenBSD: putty-kex.sh,v 1.2 2008/06/30 10:31:11 djm Exp $ +# $OpenBSD: putty-kex.sh,v 1.3 2013/05/17 04:29:14 dtucker Exp $ # Placed in the Public Domain. tid="putty KEX" -DATA=/bin/ls -COPY=${OBJ}/copy - if test "x$REGRESS_INTEROP_PUTTY" != "xyes" ; then echo "putty interop tests not enabled" exit 0 diff --git a/regress/putty-transfer.sh b/regress/putty-transfer.sh index 9e1e1550a..aec0e04ee 100644 --- a/regress/putty-transfer.sh +++ b/regress/putty-transfer.sh @@ -1,11 +1,8 @@ -# $OpenBSD: putty-transfer.sh,v 1.2 2008/06/30 10:31:11 djm Exp $ +# $OpenBSD: putty-transfer.sh,v 1.3 2013/05/17 04:29:14 dtucker Exp $ # Placed in the Public Domain. tid="putty transfer data" -DATA=/bin/ls -COPY=${OBJ}/copy - if test "x$REGRESS_INTEROP_PUTTY" != "xyes" ; then echo "putty interop tests not enabled" exit 0 diff --git a/regress/reexec.sh b/regress/reexec.sh index 9464eb699..5fff62a66 100644 --- a/regress/reexec.sh +++ b/regress/reexec.sh @@ -1,12 +1,10 @@ -# $OpenBSD: reexec.sh,v 1.5 2004/10/08 02:01:50 djm Exp $ +# $OpenBSD: reexec.sh,v 1.6 2013/05/17 04:29:14 dtucker Exp $ # Placed in the Public Domain. tid="reexec tests" -DATA=/bin/ls${EXEEXT} -COPY=${OBJ}/copy -SSHD_ORIG=$SSHD${EXEEXT} -SSHD_COPY=$OBJ/sshd${EXEEXT} +SSHD_ORIG=$SSHD +SSHD_COPY=$OBJ/sshd # Start a sshd and then delete it start_sshd_copy () diff --git a/regress/rekey.sh b/regress/rekey.sh index cefdea534..8eb7efaf9 100644 --- a/regress/rekey.sh +++ b/regress/rekey.sh @@ -1,15 +1,11 @@ -# $OpenBSD: rekey.sh,v 1.7 2013/05/16 05:48:31 dtucker Exp $ +# $OpenBSD: rekey.sh,v 1.8 2013/05/17 04:29:14 dtucker Exp $ # Placed in the Public Domain. tid="rekey" -DATA=${OBJ}/data -COPY=${OBJ}/copy LOG=${TEST_SSH_LOGFILE} -rm -f ${COPY} ${LOG} ${DATA} -touch ${DATA} -dd if=/bin/ls${EXEEXT} of=${DATA} bs=1k seek=511 count=1 > /dev/null 2>&1 +rm -f ${LOG} for s in 16 1k 128k 256k; do verbose "client rekeylimit ${s}" diff --git a/regress/scp.sh b/regress/scp.sh index c5d412dd9..ba5ba887d 100644 --- a/regress/scp.sh +++ b/regress/scp.sh @@ -1,4 +1,4 @@ -# $OpenBSD: scp.sh,v 1.7 2006/01/31 10:36:33 djm Exp $ +# $OpenBSD: scp.sh,v 1.8 2013/05/17 04:29:14 dtucker Exp $ # Placed in the Public Domain. tid="scp" @@ -12,8 +12,6 @@ else DIFFOPT="-r" fi -DATA=/bin/ls${EXEEXT} -COPY=${OBJ}/copy COPY2=${OBJ}/copy2 DIR=${COPY}.dd DIR2=${COPY}.dd2 diff --git a/regress/sftp-badcmds.sh b/regress/sftp-badcmds.sh index 08009f26b..3dbeb58ca 100644 --- a/regress/sftp-badcmds.sh +++ b/regress/sftp-badcmds.sh @@ -1,12 +1,10 @@ -# $OpenBSD: sftp-badcmds.sh,v 1.4 2009/08/13 01:11:55 djm Exp $ +# $OpenBSD: sftp-badcmds.sh,v 1.5 2013/05/17 04:29:14 dtucker Exp $ # Placed in the Public Domain. tid="sftp invalid commands" -DATA=/bin/ls${EXEEXT} DATA2=/bin/sh${EXEEXT} NONEXIST=/NONEXIST.$$ -COPY=${OBJ}/copy GLOBFILES=`(cd /bin;echo l*)` rm -rf ${COPY} ${COPY}.1 ${COPY}.2 ${COPY}.dd diff --git a/regress/sftp-batch.sh b/regress/sftp-batch.sh index a51ef0782..41011549b 100644 --- a/regress/sftp-batch.sh +++ b/regress/sftp-batch.sh @@ -1,10 +1,8 @@ -# $OpenBSD: sftp-batch.sh,v 1.4 2009/08/13 01:11:55 djm Exp $ +# $OpenBSD: sftp-batch.sh,v 1.5 2013/05/17 04:29:14 dtucker Exp $ # Placed in the Public Domain. tid="sftp batchfile" -DATA=/bin/ls${EXEEXT} -COPY=${OBJ}/copy BATCH=${OBJ}/sftp.bb rm -rf ${COPY} ${COPY}.1 ${COPY}.2 ${COPY}.dd ${BATCH}.* diff --git a/regress/sftp-chroot.sh b/regress/sftp-chroot.sh index 8c07979b4..98a364ebf 100644 --- a/regress/sftp-chroot.sh +++ b/regress/sftp-chroot.sh @@ -1,9 +1,8 @@ -# $OpenBSD: sftp-chroot.sh,v 1.1 2013/04/18 02:46:12 djm Exp $ +# $OpenBSD: sftp-chroot.sh,v 1.2 2013/05/17 04:29:14 dtucker Exp $ # Placed in the Public Domain. tid="sftp in chroot" -COPY=${OBJ}/copy CHROOT=/var/run FILENAME=testdata_${USER} PRIVDATA=${CHROOT}/${FILENAME} @@ -18,7 +17,6 @@ $SUDO sh -c "echo mekmitastdigoat > $PRIVDATA" || \ start_sshd -oChrootDirectory=$CHROOT -oForceCommand="internal-sftp -d /" verbose "test $tid: get" -rm -f ${COPY} ${SFTP} -qS "$SSH" -F $OBJ/ssh_config host:/${FILENAME} $COPY || \ fatal "Fetch ${FILENAME} failed" cmp $PRIVDATA $COPY || fail "$PRIVDATA $COPY differ" diff --git a/regress/sftp-cmds.sh b/regress/sftp-cmds.sh index 2e0300e16..ba5ef066d 100644 --- a/regress/sftp-cmds.sh +++ b/regress/sftp-cmds.sh @@ -1,4 +1,4 @@ -# $OpenBSD: sftp-cmds.sh,v 1.12 2012/06/01 00:52:52 djm Exp $ +# $OpenBSD: sftp-cmds.sh,v 1.13 2013/05/17 04:29:14 dtucker Exp $ # Placed in the Public Domain. # XXX - TODO: @@ -7,8 +7,6 @@ tid="sftp commands" -DATA=/bin/ls${EXEEXT} -COPY=${OBJ}/copy # test that these files are readable! for i in `(cd /bin;echo l*)` do diff --git a/regress/sftp.sh b/regress/sftp.sh index f84fa6f4e..5f823ee23 100644 --- a/regress/sftp.sh +++ b/regress/sftp.sh @@ -1,11 +1,8 @@ -# $OpenBSD: sftp.sh,v 1.3 2009/08/13 01:11:55 djm Exp $ +# $OpenBSD: sftp.sh,v 1.4 2013/05/17 04:29:14 dtucker Exp $ # Placed in the Public Domain. tid="basic sftp put/get" -DATA=/bin/ls${EXEEXT} -COPY=${OBJ}/copy - SFTPCMDFILE=${OBJ}/batch cat >$SFTPCMDFILE <$SFTPCMDFILE <$TEST_SSHD_LOGFILE >$TEST_REGRESS_LOGFILE -# Some data for test copies -DATA=$OBJ/testdata -cat $SSHD${EXEEXT} $SSHD${EXEEXT} $SSHD${EXEEXT} $SSHD${EXEEXT} >$DATA - # Create wrapper ssh with logging. We can't just specify "SSH=ssh -E..." # because sftp and scp don't handle spaces in arguments. SSHLOGWRAP=$OBJ/ssh-log-wrapper.sh @@ -168,6 +164,15 @@ echo "exec ${SSH} -E${TEST_SSH_LOGFILE} "'"$@"' >>$SSHLOGWRAP chmod a+rx $OBJ/ssh-log-wrapper.sh SSH="$SSHLOGWRAP" +# Some test data. We make a copy because some tests will overwrite it. +# The tests may assume that $DATA exists and is writable and $COPY does +# not exist. +DATA=$OBJ/data +cat $SSHD $SSHD $SSHD $SSHD >${DATA} +chmod u+w ${DATA} +COPY=$OBJ/copy +rm -f ${COPY} + # these should be used in tests export SSH SSHD SSHAGENT SSHADD SSHKEYGEN SSHKEYSCAN SFTP SFTPSERVER SCP #echo $SSH $SSHD $SSHAGENT $SSHADD $SSHKEYGEN $SSHKEYSCAN $SFTP $SFTPSERVER $SCP diff --git a/regress/transfer.sh b/regress/transfer.sh index 13ea367d5..1ae3ef5bf 100644 --- a/regress/transfer.sh +++ b/regress/transfer.sh @@ -1,11 +1,8 @@ -# $OpenBSD: transfer.sh,v 1.1 2002/03/27 00:03:37 markus Exp $ +# $OpenBSD: transfer.sh,v 1.2 2013/05/17 04:29:14 dtucker Exp $ # Placed in the Public Domain. tid="transfer data" -DATA=/bin/ls${EXEEXT} -COPY=${OBJ}/copy - for p in 1 2; do verbose "$tid: proto $p" rm -f ${COPY} -- cgit v1.2.3 From 3f3064c82238c486706471d300217d73dd0f125e Mon Sep 17 00:00:00 2001 From: Tim Rice Date: Sun, 2 Jun 2013 15:13:09 -0700 Subject: - (tim) [regress/sftp-chroot.sh] skip if no sudo. ok dtucker --- ChangeLog | 1 + regress/sftp-chroot.sh | 3 ++- 2 files changed, 3 insertions(+), 1 deletion(-) (limited to 'regress/sftp-chroot.sh') diff --git a/ChangeLog b/ChangeLog index 80f0fb4ee..4345d9956 100644 --- a/ChangeLog +++ b/ChangeLog @@ -18,6 +18,7 @@ configure find us a capable shell on those platforms with an old /bin/sh. - (tim) [aclocal.m4] Enhance OSSH_CHECK_CFLAG_COMPILE to check stderr. feedback and ok dtucker + - (tim) [regress/sftp-chroot.sh] skip if no sudo. ok dtucker 20130601 - (dtucker) [configure.ac openbsd-compat/xcrypt.c] bz#2112: fall back to diff --git a/regress/sftp-chroot.sh b/regress/sftp-chroot.sh index 98a364ebf..03b9bc6d7 100644 --- a/regress/sftp-chroot.sh +++ b/regress/sftp-chroot.sh @@ -8,7 +8,8 @@ FILENAME=testdata_${USER} PRIVDATA=${CHROOT}/${FILENAME} if [ -z "$SUDO" ]; then - fatal "need SUDO to create file in /var/run, test won't work without" + echo "skipped: need SUDO to create file in /var/run, test won't work without" + exit 0 fi $SUDO sh -c "echo mekmitastdigoat > $PRIVDATA" || \ -- cgit v1.2.3