- djm@cvs.openbsd.org 2013/04/18 02:46:12

[Makefile regress/sftp-chroot.sh] test sshd ChrootDirectory+internal-sftp; feedback & ok dtucker@
2013-05-17 09:35:26 +10:00 · 2013-05-17 09:35:26 +10:00 · f3568fc62b
parent dfea3bcdd7
commit f3568fc62b
3 changed files with 34 additions and 1 deletions
--- a/3
+++ b/3
@ -21,6 +21,9 @@
     save the output from any failing tests.  If a test fails the debug output
     from ssh and sshd for the failing tests (and only the failing tests) should
     be available in failed-ssh{,d}.log.
+   - djm@cvs.openbsd.org 2013/04/18 02:46:12
+     [Makefile regress/sftp-chroot.sh]
+     test sshd ChrootDirectory+internal-sftp; feedback & ok dtucker@

 20130516
 - (djm) [contrib/ssh-copy-id] Fix bug that could cause "rm *" to be 
--- a/regress/Makefile
+++ b/regress/Makefile
@ -1,4 +1,4 @@
-#	$OpenBSD: Makefile,v 1.64 2013/04/07 02:16:03 dtucker Exp $
+#	$OpenBSD: Makefile,v 1.65 2013/04/18 02:46:12 djm Exp $

 REGRESS_TARGETS=	t1 t2 t3 t4 t5 t6 t7 t8 t9 t-exec
 tests:		$(REGRESS_TARGETS)
@ -8,6 +8,7 @@ interop interop-tests: t-exec-interop

 clean:
 	for F in $(CLEANFILES); do rm -f $(OBJ)$$F; done
+	test -z "${SUDO}" || ${SUDO} rm -f ${SUDO_CLEAN}
 	rm -rf $(OBJ).putty

 distclean:	clean
@ -38,6 +39,7 @@ LTESTS= 	connect \
 		key-options \
 		scp \
 		sftp \
+		sftp-chroot \
 		sftp-cmds \
 		sftp-badcmds \
 		sftp-batch \
@ -86,6 +88,8 @@ CLEANFILES=	t2.out t3.out t6.out1 t6.out2 t7.out t7.out.pub copy.1 copy.2 \
 		ssh.log failed-ssh.log sshd.log failed-sshd.log \
 		regress.log failed-regress.log ssh-log-wrapper.sh

+SUDO_CLEAN+=	/var/run/testdata_${USER} /var/run/keycommand_${USER}
+
 # Enable all malloc(3) randomisations and checks
 TEST_ENV=      "MALLOC_OPTIONS=AFGJPRX"

--- a/regress/sftp-chroot.sh
+++ b/regress/sftp-chroot.sh
@ -0,0 +1,26 @@
+#	$OpenBSD: sftp-chroot.sh,v 1.1 2013/04/18 02:46:12 djm Exp $
+#	Placed in the Public Domain.
+
+tid="sftp in chroot"
+
+COPY=${OBJ}/copy
+CHROOT=/var/run
+FILENAME=testdata_${USER}
+PRIVDATA=${CHROOT}/${FILENAME}
+
+if [ -z "$SUDO" ]; then
+	fatal "need SUDO to create file in /var/run, test won't work without"
+fi
+
+$SUDO sh -c "echo mekmitastdigoat > $PRIVDATA" || \
+	fatal "create $PRIVDATA failed"
+
+start_sshd -oChrootDirectory=$CHROOT -oForceCommand="internal-sftp -d /"
+
+verbose "test $tid: get"
+rm -f ${COPY}
+${SFTP} -qS "$SSH" -F $OBJ/ssh_config host:/${FILENAME} $COPY || \
+	fatal "Fetch ${FILENAME} failed"
+cmp $PRIVDATA $COPY || fail "$PRIVDATA $COPY differ"
+
+$SUDO rm $PRIVDATA