- (djm) Sync regress with OpenBSD -current
This commit is contained in:
parent
e9b7d720c8
commit
8b9cde7847
|
@ -6,6 +6,7 @@
|
|||
The default can still be overriden by using -t in ssh-add.
|
||||
OK markus@
|
||||
- (djm) Reorganise PAM & SIA password handling to eliminate some common code
|
||||
- (djm) Sync regress with OpenBSD -current
|
||||
|
||||
20030120
|
||||
- (djm) Fix compilation for NetBSD from dtucker@zip.com.au
|
||||
|
@ -1049,4 +1050,4 @@
|
|||
save auth method before monitor_reset_key_state(); bugzilla bug #284;
|
||||
ok provos@
|
||||
|
||||
$Id: ChangeLog,v 1.2580 2003/01/22 04:42:26 djm Exp $
|
||||
$Id: ChangeLog,v 1.2581 2003/01/22 06:53:16 djm Exp $
|
||||
|
|
|
@ -1,8 +1,8 @@
|
|||
# $OpenBSD: Makefile,v 1.13 2002/04/01 22:15:08 markus Exp $
|
||||
# $OpenBSD: Makefile,v 1.20 2003/01/08 23:54:22 djm Exp $
|
||||
|
||||
REGRESSTARGETS= t1 t2 t3 t4 t5 t6 t7
|
||||
REGRESS_TARGETS= t1 t2 t3 t4 t5 t6 t7
|
||||
|
||||
CLEANFILES+= t2.out t6.out1 t6.out2 t7.out t7.out.pub
|
||||
CLEANFILES+= t2.out t6.out1 t6.out2 t7.out t7.out.pub copy.1 copy.2
|
||||
|
||||
LTESTS= connect \
|
||||
proxy-connect \
|
||||
|
@ -17,8 +17,14 @@ LTESTS= connect \
|
|||
try-ciphers \
|
||||
yes-head \
|
||||
agent \
|
||||
agent-getpeereid \
|
||||
agent-timeout \
|
||||
agent-ptrace \
|
||||
keyscan \
|
||||
keygen-change \
|
||||
sftp \
|
||||
sftp-cmds \
|
||||
sftp-batch \
|
||||
forwarding
|
||||
|
||||
USER!= id -un
|
||||
|
@ -65,7 +71,7 @@ t7: t7.out
|
|||
ssh-keygen -Bf t7.out > /dev/null
|
||||
|
||||
.for t in ${LTESTS}
|
||||
REGRESSTARGETS+=t-${t}
|
||||
REGRESS_TARGETS+=t-${t}
|
||||
t-${t}:
|
||||
sh ${.CURDIR}/test-exec.sh ${.OBJDIR} ${.CURDIR}/${t}.sh
|
||||
.endfor
|
||||
|
|
|
@ -0,0 +1,34 @@
|
|||
# $OpenBSD: agent-getpeereid.sh,v 1.1 2002/12/09 16:05:02 markus Exp $
|
||||
# Placed in the Public Domain.
|
||||
|
||||
tid="disallow agent attach from other uid"
|
||||
|
||||
UNPRIV=nobody
|
||||
ASOCK=${OBJ}/agent
|
||||
SSH_AUTH_SOCK=/nonexistant
|
||||
|
||||
trace "start agent"
|
||||
eval `${SSHAGENT} -s -a ${ASOCK}` > /dev/null
|
||||
r=$?
|
||||
if [ $r -ne 0 ]; then
|
||||
fail "could not start ssh-agent: exit code $r"
|
||||
else
|
||||
chmod 644 ${SSH_AUTH_SOCK}
|
||||
|
||||
ssh-add -l > /dev/null 2>&1
|
||||
r=$?
|
||||
if [ $r -ne 1 ]; then
|
||||
fail "ssh-add failed with $r != 1"
|
||||
fi
|
||||
|
||||
< /dev/null sudo -S -u ${UNPRIV} ssh-add -l > /dev/null 2>&1
|
||||
r=$?
|
||||
if [ $r -lt 2 ]; then
|
||||
fail "ssh-add did not fail for ${UNPRIV}: $r < 2"
|
||||
fi
|
||||
|
||||
trace "kill agent"
|
||||
${SSHAGENT} -k > /dev/null
|
||||
fi
|
||||
|
||||
rm -f ${OBJ}/agent
|
|
@ -0,0 +1,28 @@
|
|||
# $OpenBSD: agent-ptrace.sh,v 1.1 2002/12/09 15:38:30 markus Exp $
|
||||
# Placed in the Public Domain.
|
||||
|
||||
tid="disallow agent ptrace attach"
|
||||
|
||||
trace "start agent"
|
||||
eval `${SSHAGENT} -s` > /dev/null
|
||||
r=$?
|
||||
if [ $r -ne 0 ]; then
|
||||
fail "could not start ssh-agent: exit code $r"
|
||||
else
|
||||
# ls -l ${SSH_AUTH_SOCK}
|
||||
gdb ${SSHAGENT} ${SSH_AGENT_PID} > ${OBJ}/gdb.out 2>&1 << EOF
|
||||
quit
|
||||
EOF
|
||||
if [ $? -ne 0 ]; then
|
||||
fail "gdb failed: exit code $?"
|
||||
fi
|
||||
grep -q 'ptrace: Operation not permitted.' ${OBJ}/gdb.out
|
||||
r=$?
|
||||
rm -f ${OBJ}/gdb.out
|
||||
if [ $r -ne 0 ]; then
|
||||
fail "ptrace succeeded?: exit code $r"
|
||||
fi
|
||||
|
||||
trace "kill agent"
|
||||
${SSHAGENT} -k > /dev/null
|
||||
fi
|
|
@ -0,0 +1,36 @@
|
|||
# $OpenBSD: agent-timeout.sh,v 1.1 2002/06/06 00:38:40 markus Exp $
|
||||
# Placed in the Public Domain.
|
||||
|
||||
tid="agent timeout test"
|
||||
|
||||
TIMEOUT=5
|
||||
|
||||
trace "start agent"
|
||||
eval `${SSHAGENT} -s` > /dev/null
|
||||
r=$?
|
||||
if [ $r -ne 0 ]; then
|
||||
fail "could not start ssh-agent: exit code $r"
|
||||
else
|
||||
trace "add keys with timeout"
|
||||
for t in rsa rsa1; do
|
||||
${SSHADD} -t ${TIMEOUT} $OBJ/$t > /dev/null 2>&1
|
||||
if [ $? -ne 0 ]; then
|
||||
fail "ssh-add did succeed exit code 0"
|
||||
fi
|
||||
done
|
||||
n=`${SSHADD} -l 2> /dev/null | wc -l`
|
||||
trace "agent has $n keys"
|
||||
if [ $n -ne 2 ]; then
|
||||
fail "ssh-add -l did not return 2 keys: $n"
|
||||
fi
|
||||
trace "sleeping 2*${TIMEOUT} seconds"
|
||||
sleep ${TIMEOUT}
|
||||
sleep ${TIMEOUT}
|
||||
${SSHADD} -l 2> /dev/null | grep -q 'The agent has no identities.'
|
||||
if [ $? -ne 0 ]; then
|
||||
fail "ssh-add -l still returns keys after timeout"
|
||||
fi
|
||||
|
||||
trace "kill agent"
|
||||
${SSHAGENT} -k > /dev/null
|
||||
fi
|
|
@ -0,0 +1,23 @@
|
|||
# $OpenBSD: keygen-change.sh,v 1.2 2002/07/16 09:15:55 markus Exp $
|
||||
# Placed in the Public Domain.
|
||||
|
||||
tid="change passphrase for key"
|
||||
|
||||
S1="secret1"
|
||||
S2="2secret"
|
||||
|
||||
for t in rsa dsa rsa1; do
|
||||
# generate user key for agent
|
||||
trace "generating $t key"
|
||||
rm -f $OBJ/$t-key
|
||||
${SSHKEYGEN} -q -N ${S1} -t $t -f $OBJ/$t-key
|
||||
if [ $? -eq 0 ]; then
|
||||
${SSHKEYGEN} -p -P ${S1} -N ${S2} -f $OBJ/$t-key > /dev/null
|
||||
if [ $? -ne 0 ]; then
|
||||
fail "ssh-keygen -p failed for $t-key"
|
||||
fi
|
||||
else
|
||||
fail "ssh-keygen for $t-key failed"
|
||||
fi
|
||||
rm -f $OBJ/$t-key $OBJ/$t-key.pub
|
||||
done
|
|
@ -1,4 +1,4 @@
|
|||
# $OpenBSD: proxy-connect.sh,v 1.4 2002/03/15 13:08:56 markus Exp $
|
||||
# $OpenBSD: proxy-connect.sh,v 1.5 2002/12/09 15:28:46 markus Exp $
|
||||
# Placed in the Public Domain.
|
||||
|
||||
tid="proxy connect"
|
||||
|
@ -8,4 +8,11 @@ for p in 1 2; do
|
|||
if [ $? -ne 0 ]; then
|
||||
fail "ssh proxyconnect protocol $p failed"
|
||||
fi
|
||||
SSH_CONNECTION=`${SSH} -$p -F $OBJ/ssh_proxy 999.999.999.999 'echo $SSH_CONNECTION'`
|
||||
if [ $? -ne 0 ]; then
|
||||
fail "ssh proxyconnect protocol $p failed"
|
||||
fi
|
||||
if [ "$SSH_CONNECTION" != "UNKNOWN 65535 UNKNOWN 65535" ]; then
|
||||
fail "bad SSH_CONNECTION"
|
||||
fi
|
||||
done
|
||||
|
|
|
@ -0,0 +1,57 @@
|
|||
# $OpenBSD: sftp-batch.sh,v 1.2 2003/01/10 07:52:41 djm Exp $
|
||||
# Placed in the Public Domain.
|
||||
|
||||
tid="sftp batchfile"
|
||||
|
||||
DATA=/bin/ls
|
||||
COPY=${OBJ}/copy
|
||||
BATCH=${OBJ}/sftp-batch
|
||||
|
||||
rm -rf ${COPY} ${COPY}.1 ${COPY}.2 ${COPY}.dd ${BATCH}.*
|
||||
|
||||
cat << EOF > ${BATCH}.pass.1
|
||||
get $DATA $COPY
|
||||
put ${COPY} ${COPY}.1
|
||||
rm ${COPY}
|
||||
-put ${COPY} ${COPY}.2
|
||||
EOF
|
||||
|
||||
cat << EOF > ${BATCH}.pass.2
|
||||
# This is a comment
|
||||
|
||||
# That was a blank line
|
||||
ls
|
||||
EOF
|
||||
|
||||
cat << EOF > ${BATCH}.fail.1
|
||||
get $DATA $COPY
|
||||
put ${COPY} ${COPY}.3
|
||||
rm ${COPY}.*
|
||||
# The next command should fail
|
||||
put ${COPY}.3 ${COPY}.4
|
||||
EOF
|
||||
|
||||
cat << EOF > ${BATCH}.fail.2
|
||||
# The next command should fail
|
||||
jajajajaja
|
||||
EOF
|
||||
|
||||
verbose "$tid: good commands"
|
||||
${SFTP} -b ${BATCH}.pass.1 -P ${SFTPSERVER} >/dev/null 2>&1 \
|
||||
|| fail "good commands failed"
|
||||
|
||||
verbose "$tid: bad commands"
|
||||
${SFTP} -b ${BATCH}.fail.1 -P ${SFTPSERVER} >/dev/null 2>&1 \
|
||||
&& fail "bad commands succeeded"
|
||||
|
||||
verbose "$tid: comments and blanks"
|
||||
${SFTP} -b ${BATCH}.pass.2 -P ${SFTPSERVER} >/dev/null 2>&1 \
|
||||
|| fail "comments & blanks failed"
|
||||
|
||||
verbose "$tid: junk command"
|
||||
${SFTP} -b ${BATCH}.fail.2 -P ${SFTPSERVER} >/dev/null 2>&1 \
|
||||
&& fail "junk command succeeded"
|
||||
|
||||
rm -rf ${COPY} ${COPY}.1 ${COPY}.2 ${COPY}.dd ${BATCH}.*
|
||||
|
||||
|
|
@ -0,0 +1,100 @@
|
|||
# $OpenBSD: sftp-cmds.sh,v 1.2 2003/01/10 07:52:41 djm Exp $
|
||||
# Placed in the Public Domain.
|
||||
|
||||
# XXX - TODO:
|
||||
# - globbed operations
|
||||
# - chmod / chown / chgrp
|
||||
# - -p flag for get & put
|
||||
|
||||
tid="sftp commands"
|
||||
|
||||
DATA=/bin/ls
|
||||
COPY=${OBJ}/copy
|
||||
|
||||
rm -rf ${COPY} ${COPY}.1 ${COPY}.2 ${COPY}.dd ${BATCH}.*
|
||||
|
||||
verbose "$tid: lls"
|
||||
echo "lls ${OBJ}" | ${SFTP} -P ${SFTPSERVER} >/dev/null 2>&1 \
|
||||
|| fail "lls failed"
|
||||
# XXX always successful
|
||||
|
||||
verbose "$tid: ls"
|
||||
echo "ls ${OBJ}" | ${SFTP} -P ${SFTPSERVER} >/dev/null 2>&1 \
|
||||
|| fail "ls failed"
|
||||
# XXX always successful
|
||||
|
||||
verbose "$tid: shell"
|
||||
echo "!echo hi there" | ${SFTP} -P ${SFTPSERVER} >/dev/null 2>&1 \
|
||||
|| fail "shell failed"
|
||||
# XXX always successful
|
||||
|
||||
verbose "$tid: pwd"
|
||||
echo "pwd" | ${SFTP} -P ${SFTPSERVER} >/dev/null 2>&1 \
|
||||
|| fail "pwd failed"
|
||||
# XXX always successful
|
||||
|
||||
verbose "$tid: lpwd"
|
||||
echo "lpwd" | ${SFTP} -P ${SFTPSERVER} >/dev/null 2>&1 \
|
||||
|| fail "lpwd failed"
|
||||
# XXX always successful
|
||||
|
||||
verbose "$tid: quit"
|
||||
echo "quit" | ${SFTP} -P ${SFTPSERVER} >/dev/null 2>&1 \
|
||||
|| fail "quit failed"
|
||||
# XXX always successful
|
||||
|
||||
verbose "$tid: help"
|
||||
echo "help" | ${SFTP} -P ${SFTPSERVER} >/dev/null 2>&1 \
|
||||
|| fail "help failed"
|
||||
# XXX always successful
|
||||
|
||||
rm -f ${COPY}
|
||||
verbose "$tid: get"
|
||||
echo "get $DATA $COPY" | ${SFTP} -P ${SFTPSERVER} >/dev/null 2>&1 \
|
||||
|| fail "get failed"
|
||||
cmp $DATA ${COPY} || fail "corrupted copy after get"
|
||||
|
||||
rm -f ${COPY}
|
||||
verbose "$tid: put"
|
||||
echo "put $DATA $COPY" | ${SFTP} -P ${SFTPSERVER} >/dev/null 2>&1 \
|
||||
|| fail "put failed"
|
||||
cmp $DATA ${COPY} || fail "corrupted copy after put"
|
||||
|
||||
verbose "$tid: rename"
|
||||
echo "rename $COPY ${COPY}.1" | ${SFTP} -P ${SFTPSERVER} >/dev/null 2>&1 \
|
||||
|| fail "rename failed"
|
||||
test -f ${COPY}.1 || fail "missing file after rename"
|
||||
cmp $DATA ${COPY}.1 >/dev/null 2>&1 || fail "corrupted copy after rename"
|
||||
|
||||
verbose "$tid: ln"
|
||||
echo "ln ${COPY}.1 ${COPY}.2" | ${SFTP} -P ${SFTPSERVER} >/dev/null 2>&1 || fail "ln failed"
|
||||
test -L ${COPY}.2 || fail "missing file after ln"
|
||||
|
||||
verbose "$tid: mkdir"
|
||||
echo "mkdir ${COPY}.dd" | ${SFTP} -P ${SFTPSERVER} >/dev/null 2>&1 \
|
||||
|| fail "mkdir failed"
|
||||
test -d ${COPY}.dd || fail "missing directory after mkdir"
|
||||
|
||||
# XXX do more here
|
||||
verbose "$tid: chdir"
|
||||
echo "chdir ${COPY}.dd" | ${SFTP} -P ${SFTPSERVER} >/dev/null 2>&1 \
|
||||
|| fail "chdir failed"
|
||||
|
||||
verbose "$tid: rmdir"
|
||||
echo "rmdir ${COPY}.dd" | ${SFTP} -P ${SFTPSERVER} >/dev/null 2>&1 \
|
||||
|| fail "rmdir failed"
|
||||
test -d ${COPY}.1 && fail "present directory after rmdir"
|
||||
|
||||
verbose "$tid: lmkdir"
|
||||
echo "lmkdir ${COPY}.dd" | ${SFTP} -P ${SFTPSERVER} >/dev/null 2>&1 \
|
||||
|| fail "lmkdir failed"
|
||||
test -d ${COPY}.dd || fail "missing directory after lmkdir"
|
||||
|
||||
# XXX do more here
|
||||
verbose "$tid: lchdir"
|
||||
echo "lchdir ${COPY}.dd" | ${SFTP} -P ${SFTPSERVER} >/dev/null 2>&1 \
|
||||
|| fail "lchdir failed"
|
||||
|
||||
rm -rf ${COPY} ${COPY}.1 ${COPY}.2 ${COPY}.dd ${BATCH}.*
|
||||
|
||||
|
|
@ -1,4 +1,4 @@
|
|||
# $OpenBSD: ssh-com-client.sh,v 1.3 2002/04/10 08:45:30 markus Exp $
|
||||
# $OpenBSD: ssh-com-client.sh,v 1.4 2002/07/16 08:58:16 markus Exp $
|
||||
# Placed in the Public Domain.
|
||||
|
||||
tid="connect with ssh.com client"
|
||||
|
@ -15,7 +15,9 @@ VERSIONS="
|
|||
2.3.1
|
||||
2.4.0
|
||||
3.0.0
|
||||
3.1.0"
|
||||
3.1.0
|
||||
3.2.0
|
||||
3.3.0"
|
||||
|
||||
# 2.0.10 2.0.12 2.0.13 don't like the test setup
|
||||
|
||||
|
|
|
@ -1,4 +1,4 @@
|
|||
# $OpenBSD: ssh-com-keygen.sh,v 1.1 2002/03/27 22:40:27 markus Exp $
|
||||
# $OpenBSD: ssh-com-keygen.sh,v 1.2 2002/07/16 08:58:16 markus Exp $
|
||||
# Placed in the Public Domain.
|
||||
|
||||
tid="ssh.com key import"
|
||||
|
@ -18,7 +18,9 @@ VERSIONS="
|
|||
2.3.1
|
||||
2.4.0
|
||||
3.0.0
|
||||
3.1.0"
|
||||
3.1.0
|
||||
3.2.0
|
||||
3.3.0"
|
||||
|
||||
COMPRV=${OBJ}/comkey
|
||||
COMPUB=${COMPRV}.pub
|
||||
|
|
|
@ -1,4 +1,4 @@
|
|||
# $OpenBSD: ssh-com-sftp.sh,v 1.2 2002/04/10 08:45:30 markus Exp $
|
||||
# $OpenBSD: ssh-com-sftp.sh,v 1.3 2002/07/16 08:58:16 markus Exp $
|
||||
# Placed in the Public Domain.
|
||||
|
||||
tid="basic sftp put/get with ssh.com server"
|
||||
|
@ -24,7 +24,9 @@ VERSIONS="
|
|||
2.3.1
|
||||
2.4.0
|
||||
3.0.0
|
||||
3.1.0"
|
||||
3.1.0
|
||||
3.2.0
|
||||
3.3.0"
|
||||
|
||||
# go for it
|
||||
for v in ${VERSIONS}; do
|
||||
|
|
|
@ -1,4 +1,4 @@
|
|||
# $OpenBSD: ssh-com.sh,v 1.3 2002/03/15 13:08:56 markus Exp $
|
||||
# $OpenBSD: ssh-com.sh,v 1.4 2002/07/16 08:58:16 markus Exp $
|
||||
# Placed in the Public Domain.
|
||||
|
||||
tid="connect to ssh.com server"
|
||||
|
@ -14,17 +14,19 @@ VERSIONS="
|
|||
2.1.0
|
||||
2.2.0
|
||||
2.3.0
|
||||
2.3.1
|
||||
2.4.0
|
||||
3.0.0
|
||||
3.1.0"
|
||||
3.1.0
|
||||
3.2.0
|
||||
3.3.0"
|
||||
# 2.0.10 does not support UserConfigDirectory
|
||||
# 2.3.1 requires a config in $HOME/.ssh2
|
||||
|
||||
SRC=`dirname ${SCRIPT}`
|
||||
|
||||
# ssh.com
|
||||
cat << EOF > $OBJ/sshd2_config
|
||||
*:
|
||||
#*:
|
||||
# Port and ListenAdress are not used.
|
||||
QuietMode yes
|
||||
Port 4343
|
||||
|
|
Loading…
Reference in New Issue