- (djm) Sync regress with OpenBSD -current

This commit is contained in:
Damien Miller 2003-01-22 17:53:16 +11:00
parent e9b7d720c8
commit 8b9cde7847
13 changed files with 316 additions and 16 deletions

View File

@ -6,6 +6,7 @@
The default can still be overriden by using -t in ssh-add.
OK markus@
- (djm) Reorganise PAM & SIA password handling to eliminate some common code
- (djm) Sync regress with OpenBSD -current
20030120
- (djm) Fix compilation for NetBSD from dtucker@zip.com.au
@ -1049,4 +1050,4 @@
save auth method before monitor_reset_key_state(); bugzilla bug #284;
ok provos@
$Id: ChangeLog,v 1.2580 2003/01/22 04:42:26 djm Exp $
$Id: ChangeLog,v 1.2581 2003/01/22 06:53:16 djm Exp $

View File

@ -1,8 +1,8 @@
# $OpenBSD: Makefile,v 1.13 2002/04/01 22:15:08 markus Exp $
# $OpenBSD: Makefile,v 1.20 2003/01/08 23:54:22 djm Exp $
REGRESSTARGETS= t1 t2 t3 t4 t5 t6 t7
REGRESS_TARGETS= t1 t2 t3 t4 t5 t6 t7
CLEANFILES+= t2.out t6.out1 t6.out2 t7.out t7.out.pub
CLEANFILES+= t2.out t6.out1 t6.out2 t7.out t7.out.pub copy.1 copy.2
LTESTS= connect \
proxy-connect \
@ -17,8 +17,14 @@ LTESTS= connect \
try-ciphers \
yes-head \
agent \
agent-getpeereid \
agent-timeout \
agent-ptrace \
keyscan \
keygen-change \
sftp \
sftp-cmds \
sftp-batch \
forwarding
USER!= id -un
@ -65,7 +71,7 @@ t7: t7.out
ssh-keygen -Bf t7.out > /dev/null
.for t in ${LTESTS}
REGRESSTARGETS+=t-${t}
REGRESS_TARGETS+=t-${t}
t-${t}:
sh ${.CURDIR}/test-exec.sh ${.OBJDIR} ${.CURDIR}/${t}.sh
.endfor

View File

@ -0,0 +1,34 @@
# $OpenBSD: agent-getpeereid.sh,v 1.1 2002/12/09 16:05:02 markus Exp $
# Placed in the Public Domain.
tid="disallow agent attach from other uid"
UNPRIV=nobody
ASOCK=${OBJ}/agent
SSH_AUTH_SOCK=/nonexistant
trace "start agent"
eval `${SSHAGENT} -s -a ${ASOCK}` > /dev/null
r=$?
if [ $r -ne 0 ]; then
fail "could not start ssh-agent: exit code $r"
else
chmod 644 ${SSH_AUTH_SOCK}
ssh-add -l > /dev/null 2>&1
r=$?
if [ $r -ne 1 ]; then
fail "ssh-add failed with $r != 1"
fi
< /dev/null sudo -S -u ${UNPRIV} ssh-add -l > /dev/null 2>&1
r=$?
if [ $r -lt 2 ]; then
fail "ssh-add did not fail for ${UNPRIV}: $r < 2"
fi
trace "kill agent"
${SSHAGENT} -k > /dev/null
fi
rm -f ${OBJ}/agent

28
regress/agent-ptrace.sh Normal file
View File

@ -0,0 +1,28 @@
# $OpenBSD: agent-ptrace.sh,v 1.1 2002/12/09 15:38:30 markus Exp $
# Placed in the Public Domain.
tid="disallow agent ptrace attach"
trace "start agent"
eval `${SSHAGENT} -s` > /dev/null
r=$?
if [ $r -ne 0 ]; then
fail "could not start ssh-agent: exit code $r"
else
# ls -l ${SSH_AUTH_SOCK}
gdb ${SSHAGENT} ${SSH_AGENT_PID} > ${OBJ}/gdb.out 2>&1 << EOF
quit
EOF
if [ $? -ne 0 ]; then
fail "gdb failed: exit code $?"
fi
grep -q 'ptrace: Operation not permitted.' ${OBJ}/gdb.out
r=$?
rm -f ${OBJ}/gdb.out
if [ $r -ne 0 ]; then
fail "ptrace succeeded?: exit code $r"
fi
trace "kill agent"
${SSHAGENT} -k > /dev/null
fi

36
regress/agent-timeout.sh Normal file
View File

@ -0,0 +1,36 @@
# $OpenBSD: agent-timeout.sh,v 1.1 2002/06/06 00:38:40 markus Exp $
# Placed in the Public Domain.
tid="agent timeout test"
TIMEOUT=5
trace "start agent"
eval `${SSHAGENT} -s` > /dev/null
r=$?
if [ $r -ne 0 ]; then
fail "could not start ssh-agent: exit code $r"
else
trace "add keys with timeout"
for t in rsa rsa1; do
${SSHADD} -t ${TIMEOUT} $OBJ/$t > /dev/null 2>&1
if [ $? -ne 0 ]; then
fail "ssh-add did succeed exit code 0"
fi
done
n=`${SSHADD} -l 2> /dev/null | wc -l`
trace "agent has $n keys"
if [ $n -ne 2 ]; then
fail "ssh-add -l did not return 2 keys: $n"
fi
trace "sleeping 2*${TIMEOUT} seconds"
sleep ${TIMEOUT}
sleep ${TIMEOUT}
${SSHADD} -l 2> /dev/null | grep -q 'The agent has no identities.'
if [ $? -ne 0 ]; then
fail "ssh-add -l still returns keys after timeout"
fi
trace "kill agent"
${SSHAGENT} -k > /dev/null
fi

23
regress/keygen-change.sh Normal file
View File

@ -0,0 +1,23 @@
# $OpenBSD: keygen-change.sh,v 1.2 2002/07/16 09:15:55 markus Exp $
# Placed in the Public Domain.
tid="change passphrase for key"
S1="secret1"
S2="2secret"
for t in rsa dsa rsa1; do
# generate user key for agent
trace "generating $t key"
rm -f $OBJ/$t-key
${SSHKEYGEN} -q -N ${S1} -t $t -f $OBJ/$t-key
if [ $? -eq 0 ]; then
${SSHKEYGEN} -p -P ${S1} -N ${S2} -f $OBJ/$t-key > /dev/null
if [ $? -ne 0 ]; then
fail "ssh-keygen -p failed for $t-key"
fi
else
fail "ssh-keygen for $t-key failed"
fi
rm -f $OBJ/$t-key $OBJ/$t-key.pub
done

View File

@ -1,4 +1,4 @@
# $OpenBSD: proxy-connect.sh,v 1.4 2002/03/15 13:08:56 markus Exp $
# $OpenBSD: proxy-connect.sh,v 1.5 2002/12/09 15:28:46 markus Exp $
# Placed in the Public Domain.
tid="proxy connect"
@ -8,4 +8,11 @@ for p in 1 2; do
if [ $? -ne 0 ]; then
fail "ssh proxyconnect protocol $p failed"
fi
SSH_CONNECTION=`${SSH} -$p -F $OBJ/ssh_proxy 999.999.999.999 'echo $SSH_CONNECTION'`
if [ $? -ne 0 ]; then
fail "ssh proxyconnect protocol $p failed"
fi
if [ "$SSH_CONNECTION" != "UNKNOWN 65535 UNKNOWN 65535" ]; then
fail "bad SSH_CONNECTION"
fi
done

57
regress/sftp-batch.sh Normal file
View File

@ -0,0 +1,57 @@
# $OpenBSD: sftp-batch.sh,v 1.2 2003/01/10 07:52:41 djm Exp $
# Placed in the Public Domain.
tid="sftp batchfile"
DATA=/bin/ls
COPY=${OBJ}/copy
BATCH=${OBJ}/sftp-batch
rm -rf ${COPY} ${COPY}.1 ${COPY}.2 ${COPY}.dd ${BATCH}.*
cat << EOF > ${BATCH}.pass.1
get $DATA $COPY
put ${COPY} ${COPY}.1
rm ${COPY}
-put ${COPY} ${COPY}.2
EOF
cat << EOF > ${BATCH}.pass.2
# This is a comment
# That was a blank line
ls
EOF
cat << EOF > ${BATCH}.fail.1
get $DATA $COPY
put ${COPY} ${COPY}.3
rm ${COPY}.*
# The next command should fail
put ${COPY}.3 ${COPY}.4
EOF
cat << EOF > ${BATCH}.fail.2
# The next command should fail
jajajajaja
EOF
verbose "$tid: good commands"
${SFTP} -b ${BATCH}.pass.1 -P ${SFTPSERVER} >/dev/null 2>&1 \
|| fail "good commands failed"
verbose "$tid: bad commands"
${SFTP} -b ${BATCH}.fail.1 -P ${SFTPSERVER} >/dev/null 2>&1 \
&& fail "bad commands succeeded"
verbose "$tid: comments and blanks"
${SFTP} -b ${BATCH}.pass.2 -P ${SFTPSERVER} >/dev/null 2>&1 \
|| fail "comments & blanks failed"
verbose "$tid: junk command"
${SFTP} -b ${BATCH}.fail.2 -P ${SFTPSERVER} >/dev/null 2>&1 \
&& fail "junk command succeeded"
rm -rf ${COPY} ${COPY}.1 ${COPY}.2 ${COPY}.dd ${BATCH}.*

100
regress/sftp-cmds.sh Normal file
View File

@ -0,0 +1,100 @@
# $OpenBSD: sftp-cmds.sh,v 1.2 2003/01/10 07:52:41 djm Exp $
# Placed in the Public Domain.
# XXX - TODO:
# - globbed operations
# - chmod / chown / chgrp
# - -p flag for get & put
tid="sftp commands"
DATA=/bin/ls
COPY=${OBJ}/copy
rm -rf ${COPY} ${COPY}.1 ${COPY}.2 ${COPY}.dd ${BATCH}.*
verbose "$tid: lls"
echo "lls ${OBJ}" | ${SFTP} -P ${SFTPSERVER} >/dev/null 2>&1 \
|| fail "lls failed"
# XXX always successful
verbose "$tid: ls"
echo "ls ${OBJ}" | ${SFTP} -P ${SFTPSERVER} >/dev/null 2>&1 \
|| fail "ls failed"
# XXX always successful
verbose "$tid: shell"
echo "!echo hi there" | ${SFTP} -P ${SFTPSERVER} >/dev/null 2>&1 \
|| fail "shell failed"
# XXX always successful
verbose "$tid: pwd"
echo "pwd" | ${SFTP} -P ${SFTPSERVER} >/dev/null 2>&1 \
|| fail "pwd failed"
# XXX always successful
verbose "$tid: lpwd"
echo "lpwd" | ${SFTP} -P ${SFTPSERVER} >/dev/null 2>&1 \
|| fail "lpwd failed"
# XXX always successful
verbose "$tid: quit"
echo "quit" | ${SFTP} -P ${SFTPSERVER} >/dev/null 2>&1 \
|| fail "quit failed"
# XXX always successful
verbose "$tid: help"
echo "help" | ${SFTP} -P ${SFTPSERVER} >/dev/null 2>&1 \
|| fail "help failed"
# XXX always successful
rm -f ${COPY}
verbose "$tid: get"
echo "get $DATA $COPY" | ${SFTP} -P ${SFTPSERVER} >/dev/null 2>&1 \
|| fail "get failed"
cmp $DATA ${COPY} || fail "corrupted copy after get"
rm -f ${COPY}
verbose "$tid: put"
echo "put $DATA $COPY" | ${SFTP} -P ${SFTPSERVER} >/dev/null 2>&1 \
|| fail "put failed"
cmp $DATA ${COPY} || fail "corrupted copy after put"
verbose "$tid: rename"
echo "rename $COPY ${COPY}.1" | ${SFTP} -P ${SFTPSERVER} >/dev/null 2>&1 \
|| fail "rename failed"
test -f ${COPY}.1 || fail "missing file after rename"
cmp $DATA ${COPY}.1 >/dev/null 2>&1 || fail "corrupted copy after rename"
verbose "$tid: ln"
echo "ln ${COPY}.1 ${COPY}.2" | ${SFTP} -P ${SFTPSERVER} >/dev/null 2>&1 || fail "ln failed"
test -L ${COPY}.2 || fail "missing file after ln"
verbose "$tid: mkdir"
echo "mkdir ${COPY}.dd" | ${SFTP} -P ${SFTPSERVER} >/dev/null 2>&1 \
|| fail "mkdir failed"
test -d ${COPY}.dd || fail "missing directory after mkdir"
# XXX do more here
verbose "$tid: chdir"
echo "chdir ${COPY}.dd" | ${SFTP} -P ${SFTPSERVER} >/dev/null 2>&1 \
|| fail "chdir failed"
verbose "$tid: rmdir"
echo "rmdir ${COPY}.dd" | ${SFTP} -P ${SFTPSERVER} >/dev/null 2>&1 \
|| fail "rmdir failed"
test -d ${COPY}.1 && fail "present directory after rmdir"
verbose "$tid: lmkdir"
echo "lmkdir ${COPY}.dd" | ${SFTP} -P ${SFTPSERVER} >/dev/null 2>&1 \
|| fail "lmkdir failed"
test -d ${COPY}.dd || fail "missing directory after lmkdir"
# XXX do more here
verbose "$tid: lchdir"
echo "lchdir ${COPY}.dd" | ${SFTP} -P ${SFTPSERVER} >/dev/null 2>&1 \
|| fail "lchdir failed"
rm -rf ${COPY} ${COPY}.1 ${COPY}.2 ${COPY}.dd ${BATCH}.*

View File

@ -1,4 +1,4 @@
# $OpenBSD: ssh-com-client.sh,v 1.3 2002/04/10 08:45:30 markus Exp $
# $OpenBSD: ssh-com-client.sh,v 1.4 2002/07/16 08:58:16 markus Exp $
# Placed in the Public Domain.
tid="connect with ssh.com client"
@ -15,7 +15,9 @@ VERSIONS="
2.3.1
2.4.0
3.0.0
3.1.0"
3.1.0
3.2.0
3.3.0"
# 2.0.10 2.0.12 2.0.13 don't like the test setup

View File

@ -1,4 +1,4 @@
# $OpenBSD: ssh-com-keygen.sh,v 1.1 2002/03/27 22:40:27 markus Exp $
# $OpenBSD: ssh-com-keygen.sh,v 1.2 2002/07/16 08:58:16 markus Exp $
# Placed in the Public Domain.
tid="ssh.com key import"
@ -18,7 +18,9 @@ VERSIONS="
2.3.1
2.4.0
3.0.0
3.1.0"
3.1.0
3.2.0
3.3.0"
COMPRV=${OBJ}/comkey
COMPUB=${COMPRV}.pub

View File

@ -1,4 +1,4 @@
# $OpenBSD: ssh-com-sftp.sh,v 1.2 2002/04/10 08:45:30 markus Exp $
# $OpenBSD: ssh-com-sftp.sh,v 1.3 2002/07/16 08:58:16 markus Exp $
# Placed in the Public Domain.
tid="basic sftp put/get with ssh.com server"
@ -24,7 +24,9 @@ VERSIONS="
2.3.1
2.4.0
3.0.0
3.1.0"
3.1.0
3.2.0
3.3.0"
# go for it
for v in ${VERSIONS}; do

View File

@ -1,4 +1,4 @@
# $OpenBSD: ssh-com.sh,v 1.3 2002/03/15 13:08:56 markus Exp $
# $OpenBSD: ssh-com.sh,v 1.4 2002/07/16 08:58:16 markus Exp $
# Placed in the Public Domain.
tid="connect to ssh.com server"
@ -14,17 +14,19 @@ VERSIONS="
2.1.0
2.2.0
2.3.0
2.3.1
2.4.0
3.0.0
3.1.0"
3.1.0
3.2.0
3.3.0"
# 2.0.10 does not support UserConfigDirectory
# 2.3.1 requires a config in $HOME/.ssh2
SRC=`dirname ${SCRIPT}`
# ssh.com
cat << EOF > $OBJ/sshd2_config
*:
#*:
# Port and ListenAdress are not used.
QuietMode yes
Port 4343