diff options
Diffstat (limited to 'crypto/openssh/regress')
-rw-r--r-- | crypto/openssh/regress/README.regress | 6 | ||||
-rw-r--r-- | crypto/openssh/regress/agent-getpeereid.sh | 4 | ||||
-rw-r--r-- | crypto/openssh/regress/forwarding.sh | 33 | ||||
-rw-r--r-- | crypto/openssh/regress/multiplex.sh | 2 | ||||
-rw-r--r-- | crypto/openssh/regress/reconfigure.sh | 5 | ||||
-rw-r--r-- | crypto/openssh/regress/scp-ssh-wrapper.sh | 11 | ||||
-rw-r--r-- | crypto/openssh/regress/scp.sh | 36 | ||||
-rw-r--r-- | crypto/openssh/regress/test-exec.sh | 7 | ||||
-rw-r--r-- | crypto/openssh/regress/try-ciphers.sh | 5 | ||||
-rw-r--r-- | crypto/openssh/regress/yes-head.sh | 2 |
10 files changed, 93 insertions, 18 deletions
diff --git a/crypto/openssh/regress/README.regress b/crypto/openssh/regress/README.regress index 0c07c9c..5aaf734 100644 --- a/crypto/openssh/regress/README.regress +++ b/crypto/openssh/regress/README.regress @@ -97,8 +97,12 @@ Known Issues. unless ssh-rand-helper is in pre-installed (the path to ssh-rand-helper is hard coded). +- Similarly, if you do not have "scp" in your system's $PATH then the + multiplex scp tests will fail (since the system's shell startup scripts + will determine where the shell started by sshd will look for scp). + - Recent GNU coreutils deprecate "head -[n]": this will cause the yes-head test to fail. The old behaviour can be restored by setting (and exporting) _POSIX2_VERSION=199209 before running the tests. -$Id: README.regress,v 1.9 2004/08/17 12:31:33 dtucker Exp $ +$Id: README.regress,v 1.10 2005/10/03 10:14:18 dtucker Exp $ diff --git a/crypto/openssh/regress/agent-getpeereid.sh b/crypto/openssh/regress/agent-getpeereid.sh index 46d20dc..6186a8d 100644 --- a/crypto/openssh/regress/agent-getpeereid.sh +++ b/crypto/openssh/regress/agent-getpeereid.sh @@ -1,4 +1,4 @@ -# $OpenBSD: agent-getpeereid.sh,v 1.1 2002/12/09 16:05:02 markus Exp $ +# $OpenBSD: agent-getpeereid.sh,v 1.2 2005/11/14 21:25:56 grunk Exp $ # Placed in the Public Domain. tid="disallow agent attach from other uid" @@ -27,7 +27,7 @@ else fail "ssh-add failed with $r != 1" fi - < /dev/null sudo -S -u ${UNPRIV} ssh-add -l > /dev/null 2>&1 + < /dev/null ${SUDO} -S -u ${UNPRIV} ssh-add -l > /dev/null 2>&1 r=$? if [ $r -lt 2 ]; then fail "ssh-add did not fail for ${UNPRIV}: $r < 2" diff --git a/crypto/openssh/regress/forwarding.sh b/crypto/openssh/regress/forwarding.sh index dfe065d..3b17114 100644 --- a/crypto/openssh/regress/forwarding.sh +++ b/crypto/openssh/regress/forwarding.sh @@ -1,4 +1,4 @@ -# $OpenBSD: forwarding.sh,v 1.4 2002/03/15 13:08:56 markus Exp $ +# $OpenBSD: forwarding.sh,v 1.5 2005/03/10 10:20:39 dtucker Exp $ # Placed in the Public Domain. tid="local and remote forwarding" @@ -32,3 +32,34 @@ for p in 1 2; do sleep 10 done + +for p in 1 2; do + trace "simple clear forwarding proto $p" + ${SSH} -$p -F $OBJ/ssh_config -oClearAllForwardings=yes somehost true + + trace "clear local forward proto $p" + ${SSH} -$p -f -F $OBJ/ssh_config -L ${base}01:127.0.0.1:$PORT \ + -oClearAllForwardings=yes somehost sleep 10 + if [ $? != 0 ]; then + fail "connection failed with cleared local forwarding" + else + # this one should fail + ${SSH} -$p -F $OBJ/ssh_config -p ${base}01 true \ + 2>${TEST_SSH_LOGFILE} && \ + fail "local forwarding not cleared" + fi + sleep 10 + + trace "clear remote forward proto $p" + ${SSH} -$p -f -F $OBJ/ssh_config -R ${base}01:127.0.0.1:$PORT \ + -oClearAllForwardings=yes somehost sleep 10 + if [ $? != 0 ]; then + fail "connection failed with cleared remote forwarding" + else + # this one should fail + ${SSH} -$p -F $OBJ/ssh_config -p ${base}01 true \ + 2>${TEST_SSH_LOGFILE} && \ + fail "remote forwarding not cleared" + fi + sleep 10 +done diff --git a/crypto/openssh/regress/multiplex.sh b/crypto/openssh/regress/multiplex.sh index a172e57..4fba7b5 100644 --- a/crypto/openssh/regress/multiplex.sh +++ b/crypto/openssh/regress/multiplex.sh @@ -1,4 +1,4 @@ -# $OpenBSD: multiplex.sh,v 1.10 2005/02/27 11:33:30 dtucker Exp $ +# $OpenBSD: multiplex.sh,v 1.11 2005/04/25 09:54:09 dtucker Exp $ # Placed in the Public Domain. CTL=/tmp/openssh.regress.ctl-sock.$$ diff --git a/crypto/openssh/regress/reconfigure.sh b/crypto/openssh/regress/reconfigure.sh index ba6dbc6..1daf29f 100644 --- a/crypto/openssh/regress/reconfigure.sh +++ b/crypto/openssh/regress/reconfigure.sh @@ -15,8 +15,9 @@ esac start_sshd -$SUDO kill -HUP `cat $PIDFILE` -sleep 1 +PID=`cat $PIDFILE` +rm -f $PIDFILE +$SUDO kill -HUP $PID trace "wait for sshd to restart" i=0; diff --git a/crypto/openssh/regress/scp-ssh-wrapper.sh b/crypto/openssh/regress/scp-ssh-wrapper.sh index 8e43147..d1005a9 100644 --- a/crypto/openssh/regress/scp-ssh-wrapper.sh +++ b/crypto/openssh/regress/scp-ssh-wrapper.sh @@ -1,5 +1,5 @@ #!/bin/sh -# $OpenBSD: scp-ssh-wrapper.sh,v 1.1 2004/06/13 13:51:02 dtucker Exp $ +# $OpenBSD: scp-ssh-wrapper.sh,v 1.2 2005/12/14 04:36:39 dtucker Exp $ # Placed in the Public Domain. printname () { @@ -16,8 +16,11 @@ printname () { done } -# discard first 5 args -shift; shift; shift; shift; shift +# Discard all but last argument. We use arg later. +while test "$1" != ""; do + arg="$1" + shift +done BAD="../../../../../../../../../../../../../${DIR}/dotpathdir" @@ -49,6 +52,6 @@ badserver_4) echo "X" ;; *) - exec $1 + exec $arg ;; esac diff --git a/crypto/openssh/regress/scp.sh b/crypto/openssh/regress/scp.sh index c3034b6..c5d412d 100644 --- a/crypto/openssh/regress/scp.sh +++ b/crypto/openssh/regress/scp.sh @@ -1,4 +1,4 @@ -# $OpenBSD: scp.sh,v 1.3 2004/07/08 12:59:35 dtucker Exp $ +# $OpenBSD: scp.sh,v 1.7 2006/01/31 10:36:33 djm Exp $ # Placed in the Public Domain. tid="scp" @@ -28,6 +28,11 @@ scpclean() { mkdir ${DIR} ${DIR2} } +verbose "$tid: simple copy local file to local file" +scpclean +$SCP $scpopts ${DATA} ${COPY} || fail "copy failed" +cmp ${DATA} ${COPY} || fail "corrupted copy" + verbose "$tid: simple copy local file to remote file" scpclean $SCP $scpopts ${DATA} somehost:${COPY} || fail "copy failed" @@ -44,6 +49,12 @@ cp ${DATA} ${COPY} $SCP $scpopts ${COPY} somehost:${DIR} || fail "copy failed" cmp ${COPY} ${DIR}/copy || fail "corrupted copy" +verbose "$tid: simple copy local file to local dir" +scpclean +cp ${DATA} ${COPY} +$SCP $scpopts ${COPY} ${DIR} || fail "copy failed" +cmp ${COPY} ${DIR}/copy || fail "corrupted copy" + verbose "$tid: simple copy remote file to local dir" scpclean cp ${DATA} ${COPY} @@ -57,6 +68,13 @@ cp ${DATA} ${DIR}/copy $SCP $scpopts -r ${DIR} somehost:${DIR2} || fail "copy failed" diff ${DIFFOPT} ${DIR} ${DIR2} || fail "corrupted copy" +verbose "$tid: recursive local dir to local dir" +scpclean +rm -rf ${DIR2} +cp ${DATA} ${DIR}/copy +$SCP $scpopts -r ${DIR} ${DIR2} || fail "copy failed" +diff ${DIFFOPT} ${DIR} ${DIR2} || fail "corrupted copy" + verbose "$tid: recursive remote dir to local dir" scpclean rm -rf ${DIR2} @@ -64,6 +82,13 @@ cp ${DATA} ${DIR}/copy $SCP $scpopts -r somehost:${DIR} ${DIR2} || fail "copy failed" diff ${DIFFOPT} ${DIR} ${DIR2} || fail "corrupted copy" +verbose "$tid: shell metacharacters" +scpclean +(cd ${DIR} && \ +touch '`touch metachartest`' && \ +$SCP $scpopts *metachar* ${DIR2} 2>/dev/null; \ +[ ! -f metachartest ] ) || fail "shell metacharacters" + if [ ! -z "$SUDO" ]; then verbose "$tid: skipped file after scp -p with failed chown+utimes" scpclean @@ -73,7 +98,7 @@ if [ ! -z "$SUDO" ]; then chmod 660 ${DIR2}/copy $SUDO chown root ${DIR2}/copy $SCP -p $scpopts somehost:${DIR}/\* ${DIR2} >/dev/null 2>&1 - diff ${DIFFOPT} ${DIR} ${DIR2} || fail "corrupted copy" + $SUDO diff ${DIFFOPT} ${DIR} ${DIR2} || fail "corrupted copy" $SUDO rm ${DIR2}/copy fi @@ -91,5 +116,12 @@ for i in 0 1 2 3 4; do [ -d ${DIR}/dotpathdir ] && fail "allows dir creation outside of subdir" done +verbose "$tid: detect non-directory target" +scpclean +echo a > ${COPY} +echo b > ${COPY2} +$SCP $scpopts ${DATA} ${COPY} ${COPY2} +cmp ${COPY} ${COPY2} >/dev/null && fail "corrupt target" + scpclean rm -f ${OBJ}/scp-ssh-wrapper.scp diff --git a/crypto/openssh/regress/test-exec.sh b/crypto/openssh/regress/test-exec.sh index 4b3a70e..59ae33c 100644 --- a/crypto/openssh/regress/test-exec.sh +++ b/crypto/openssh/regress/test-exec.sh @@ -1,4 +1,4 @@ -# $OpenBSD: test-exec.sh,v 1.27 2005/02/27 11:33:30 dtucker Exp $ +# $OpenBSD: test-exec.sh,v 1.28 2005/05/20 23:14:15 djm Exp $ # Placed in the Public Domain. #SUDO=sudo @@ -24,6 +24,8 @@ if [ -x /usr/ucb/whoami ]; then USER=`/usr/ucb/whoami` elif whoami >/dev/null 2>&1; then USER=`whoami` +elif logname >/dev/null 2>&1; then + USER=`logname` else USER=`id -un` fi @@ -194,6 +196,7 @@ trap fatal 3 2 cat << EOF > $OBJ/sshd_config StrictModes no Port $PORT + AddressFamily inet ListenAddress 127.0.0.1 #ListenAddress ::1 PidFile $PIDFILE @@ -244,7 +247,7 @@ trace "generate keys" for t in rsa rsa1; do # generate user key rm -f $OBJ/$t - ${SSHKEYGEN} -q -N '' -t $t -f $OBJ/$t ||\ + ${SSHKEYGEN} -b 1024 -q -N '' -t $t -f $OBJ/$t ||\ fail "ssh-keygen for $t failed" # known hosts file for client diff --git a/crypto/openssh/regress/try-ciphers.sh b/crypto/openssh/regress/try-ciphers.sh index c6e1b91..379fe35 100644 --- a/crypto/openssh/regress/try-ciphers.sh +++ b/crypto/openssh/regress/try-ciphers.sh @@ -1,9 +1,10 @@ -# $OpenBSD: try-ciphers.sh,v 1.9 2004/02/28 13:44:45 dtucker Exp $ +# $OpenBSD: try-ciphers.sh,v 1.10 2005/05/24 04:10:54 djm Exp $ # Placed in the Public Domain. tid="try ciphers" -ciphers="aes128-cbc 3des-cbc blowfish-cbc cast128-cbc arcfour +ciphers="aes128-cbc 3des-cbc blowfish-cbc cast128-cbc + arcfour128 arcfour256 arcfour aes192-cbc aes256-cbc rijndael-cbc@lysator.liu.se aes128-ctr aes192-ctr aes256-ctr" macs="hmac-sha1 hmac-md5 hmac-sha1-96 hmac-md5-96" diff --git a/crypto/openssh/regress/yes-head.sh b/crypto/openssh/regress/yes-head.sh index 17a4d0d..a8e6bc8 100644 --- a/crypto/openssh/regress/yes-head.sh +++ b/crypto/openssh/regress/yes-head.sh @@ -4,7 +4,7 @@ tid="yes pipe head" for p in 1 2; do - lines=`${SSH} -$p -F $OBJ/ssh_proxy thishost 'sh -c "while true;do echo yes;done | head -2000"' | (sleep 3 ; wc -l)` + lines=`${SSH} -$p -F $OBJ/ssh_proxy thishost 'sh -c "while true;do echo yes;done | _POSIX2_VERSION=199209 head -2000"' | (sleep 3 ; wc -l)` if [ $? -ne 0 ]; then fail "yes|head test failed" lines = 0; |