diff options
Diffstat (limited to 'crypto/openssh/regress')
-rw-r--r-- | crypto/openssh/regress/Makefile | 20 | ||||
-rw-r--r-- | crypto/openssh/regress/agent-ptrace.sh | 12 | ||||
-rw-r--r-- | crypto/openssh/regress/agent.sh | 34 | ||||
-rwxr-xr-x | crypto/openssh/regress/cert-hostkey.sh | 60 | ||||
-rwxr-xr-x | crypto/openssh/regress/cert-userkey.sh | 31 | ||||
-rw-r--r-- | crypto/openssh/regress/cipher-speed.sh | 23 | ||||
-rwxr-xr-x | crypto/openssh/regress/forward-control.sh | 2 | ||||
-rwxr-xr-x | crypto/openssh/regress/integrity.sh | 24 | ||||
-rwxr-xr-x | crypto/openssh/regress/kextype.sh | 14 | ||||
-rwxr-xr-x | crypto/openssh/regress/keytype.sh | 16 | ||||
-rwxr-xr-x | crypto/openssh/regress/krl.sh | 5 | ||||
-rwxr-xr-x | crypto/openssh/regress/modpipe.c | 6 | ||||
-rw-r--r-- | crypto/openssh/regress/rekey.sh | 63 | ||||
-rw-r--r-- | crypto/openssh/regress/scp-ssh-wrapper.sh | 6 | ||||
-rw-r--r-- | crypto/openssh/regress/scp.sh | 1 | ||||
-rw-r--r-- | crypto/openssh/regress/setuid-allowed.c | 56 | ||||
-rw-r--r-- | crypto/openssh/regress/sftp-perm.sh | 269 | ||||
-rw-r--r-- | crypto/openssh/regress/test-exec.sh | 21 | ||||
-rw-r--r-- | crypto/openssh/regress/try-ciphers.sh | 31 |
19 files changed, 526 insertions, 168 deletions
diff --git a/crypto/openssh/regress/Makefile b/crypto/openssh/regress/Makefile index ab2a6ae..0c66b17 100644 --- a/crypto/openssh/regress/Makefile +++ b/crypto/openssh/regress/Makefile @@ -1,6 +1,6 @@ -# $OpenBSD: Makefile,v 1.65 2013/04/18 02:46:12 djm Exp $ +# $OpenBSD: Makefile,v 1.67 2013/12/06 13:52:46 markus Exp $ -REGRESS_TARGETS= t1 t2 t3 t4 t5 t6 t7 t8 t9 t-exec +REGRESS_TARGETS= t1 t2 t3 t4 t5 t6 t7 t8 t9 t10 t-exec tests: $(REGRESS_TARGETS) # Interop tests are not run by default @@ -44,6 +44,7 @@ LTESTS= connect \ sftp-badcmds \ sftp-batch \ sftp-glob \ + sftp-perm \ reconfigure \ dynamic-forward \ forwarding \ @@ -72,7 +73,7 @@ INTEROP_TESTS= putty-transfer putty-ciphers putty-kex conch-ciphers USER!= id -un CLEANFILES= t2.out t3.out t6.out1 t6.out2 t7.out t7.out.pub copy.1 copy.2 \ - t8.out t8.out.pub t9.out t9.out.pub \ + t8.out t8.out.pub t9.out t9.out.pub t10.out t10.out.pub \ authorized_keys_${USER} known_hosts pidfile testdata \ ssh_config sshd_config.orig ssh_proxy sshd_config sshd_proxy \ rsa.pub rsa rsa1.pub rsa1 host.rsa host.rsa1 \ @@ -86,7 +87,10 @@ CLEANFILES= t2.out t3.out t6.out1 t6.out2 t7.out t7.out.pub copy.1 copy.2 \ authorized_principals_${USER} expect actual ready \ sshd_proxy.* authorized_keys_${USER}.* modpipe revoked-* krl-* \ ssh.log failed-ssh.log sshd.log failed-sshd.log \ - regress.log failed-regress.log ssh-log-wrapper.sh + regress.log failed-regress.log ssh-log-wrapper.sh \ + sftp-server.sh sftp-server.log sftp.log setuid-allowed \ + data ed25519-agent ed25519-agent.pub key.ed25519-512 \ + key.ed25519-512.pub SUDO_CLEAN+= /var/run/testdata_${USER} /var/run/keycommand_${USER} @@ -151,6 +155,14 @@ t9: $(OBJ)/t9.out test "${TEST_SSH_ECC}" != yes || \ ${TEST_SSH_SSHKEYGEN} -Bf $(OBJ)/t9.out > /dev/null + +$(OBJ)/t10.out: + ${TEST_SSH_SSHKEYGEN} -q -t ed25519 -N '' -f $@ + +t10: $(OBJ)/t10.out + ${TEST_SSH_SSHKEYGEN} -lf $(OBJ)/t10.out > /dev/null + ${TEST_SSH_SSHKEYGEN} -Bf $(OBJ)/t10.out > /dev/null + t-exec: ${LTESTS:=.sh} @if [ "x$?" = "x" ]; then exit 0; fi; \ for TEST in ""$?; do \ diff --git a/crypto/openssh/regress/agent-ptrace.sh b/crypto/openssh/regress/agent-ptrace.sh index 9f29464..ae15064 100644 --- a/crypto/openssh/regress/agent-ptrace.sh +++ b/crypto/openssh/regress/agent-ptrace.sh @@ -19,6 +19,13 @@ else exit 0 fi +if $OBJ/setuid-allowed ${SSHAGENT} ; then + : ok +else + echo "skipped (${SSHAGENT} is mounted on a no-setuid filesystem)" + exit 0 +fi + if test -z "$SUDO" ; then echo "skipped (SUDO not set)" exit 0 @@ -38,8 +45,9 @@ else gdb ${SSHAGENT} ${SSH_AGENT_PID} > ${OBJ}/gdb.out 2>&1 << EOF quit EOF - if [ $? -ne 0 ]; then - fail "gdb failed: exit code $?" + r=$? + if [ $r -ne 0 ]; then + fail "gdb failed: exit code $r" fi egrep 'ptrace: Operation not permitted.|procfs:.*Permission denied.|ttrace.*Permission denied.|procfs:.*: Invalid argument.|Unable to access task ' >/dev/null ${OBJ}/gdb.out r=$? diff --git a/crypto/openssh/regress/agent.sh b/crypto/openssh/regress/agent.sh index be7d913..cf1a45f 100644 --- a/crypto/openssh/regress/agent.sh +++ b/crypto/openssh/regress/agent.sh @@ -1,4 +1,4 @@ -# $OpenBSD: agent.sh,v 1.8 2013/05/17 00:37:40 dtucker Exp $ +# $OpenBSD: agent.sh,v 1.9 2013/12/06 13:52:46 markus Exp $ # Placed in the Public Domain. tid="simple agent test" @@ -20,7 +20,7 @@ else fi trace "overwrite authorized keys" printf '' > $OBJ/authorized_keys_$USER - for t in rsa rsa1; do + for t in ed25519 rsa rsa1; do # generate user key for agent rm -f $OBJ/$t-agent ${SSHKEYGEN} -q -N '' -t $t -f $OBJ/$t-agent ||\ @@ -34,40 +34,46 @@ else fi done ${SSHADD} -l > /dev/null 2>&1 - if [ $? -ne 0 ]; then - fail "ssh-add -l failed: exit code $?" + r=$? + if [ $r -ne 0 ]; then + fail "ssh-add -l failed: exit code $r" fi # the same for full pubkey output ${SSHADD} -L > /dev/null 2>&1 - if [ $? -ne 0 ]; then - fail "ssh-add -L failed: exit code $?" + r=$? + if [ $r -ne 0 ]; then + fail "ssh-add -L failed: exit code $r" fi trace "simple connect via agent" for p in 1 2; do ${SSH} -$p -F $OBJ/ssh_proxy somehost exit 5$p - if [ $? -ne 5$p ]; then - fail "ssh connect with protocol $p failed (exit code $?)" + r=$? + if [ $r -ne 5$p ]; then + fail "ssh connect with protocol $p failed (exit code $r)" fi done trace "agent forwarding" for p in 1 2; do ${SSH} -A -$p -F $OBJ/ssh_proxy somehost ${SSHADD} -l > /dev/null 2>&1 - if [ $? -ne 0 ]; then - fail "ssh-add -l via agent fwd proto $p failed (exit code $?)" + r=$? + if [ $r -ne 0 ]; then + fail "ssh-add -l via agent fwd proto $p failed (exit code $r)" fi ${SSH} -A -$p -F $OBJ/ssh_proxy somehost \ "${SSH} -$p -F $OBJ/ssh_proxy somehost exit 5$p" - if [ $? -ne 5$p ]; then - fail "agent fwd proto $p failed (exit code $?)" + r=$? + if [ $r -ne 5$p ]; then + fail "agent fwd proto $p failed (exit code $r)" fi done trace "delete all agent keys" ${SSHADD} -D > /dev/null 2>&1 - if [ $? -ne 0 ]; then - fail "ssh-add -D failed: exit code $?" + r=$? + if [ $r -ne 0 ]; then + fail "ssh-add -D failed: exit code $r" fi trace "kill agent" diff --git a/crypto/openssh/regress/cert-hostkey.sh b/crypto/openssh/regress/cert-hostkey.sh index 35cd392..a1318cd 100755 --- a/crypto/openssh/regress/cert-hostkey.sh +++ b/crypto/openssh/regress/cert-hostkey.sh @@ -1,14 +1,8 @@ -# $OpenBSD: cert-hostkey.sh,v 1.7 2013/05/17 00:37:40 dtucker Exp $ +# $OpenBSD: cert-hostkey.sh,v 1.8 2013/12/06 13:52:46 markus Exp $ # Placed in the Public Domain. tid="certified host keys" -# used to disable ECC based tests on platforms without ECC -ecdsa="" -if test "x$TEST_SSH_ECC" = "xyes"; then - ecdsa=ecdsa -fi - rm -f $OBJ/known_hosts-cert $OBJ/host_ca_key* $OBJ/cert_host_key* cp $OBJ/sshd_proxy $OBJ/sshd_proxy_bak @@ -23,8 +17,17 @@ ${SSHKEYGEN} -q -N '' -t rsa -f $OBJ/host_ca_key ||\ cat $OBJ/host_ca_key.pub ) > $OBJ/known_hosts-cert +PLAIN_TYPES=`$SSH -Q key-plain | sed 's/^ssh-dss/ssh-dsa/g;s/^ssh-//'` + +type_has_legacy() { + case $1 in + ed25519*|ecdsa*) return 1 ;; + esac + return 0 +} + # Generate and sign host keys -for ktype in rsa dsa $ecdsa ; do +for ktype in $PLAIN_TYPES ; do verbose "$tid: sign host ${ktype} cert" # Generate and sign a host key ${SSHKEYGEN} -q -N '' -t ${ktype} \ @@ -34,10 +37,10 @@ for ktype in rsa dsa $ecdsa ; do -I "regress host key for $USER" \ -n $HOSTS $OBJ/cert_host_key_${ktype} || fail "couldn't sign cert_host_key_${ktype}" - # v00 ecdsa certs do not exist - test "${ktype}" = "ecdsa" && continue + type_has_legacy $ktype || continue cp $OBJ/cert_host_key_${ktype} $OBJ/cert_host_key_${ktype}_v00 cp $OBJ/cert_host_key_${ktype}.pub $OBJ/cert_host_key_${ktype}_v00.pub + verbose "$tid: sign host ${ktype}_v00 cert" ${SSHKEYGEN} -t v00 -h -q -s $OBJ/host_ca_key \ -I "regress host key for $USER" \ -n $HOSTS $OBJ/cert_host_key_${ktype}_v00 || @@ -46,7 +49,7 @@ done # Basic connect tests for privsep in yes no ; do - for ktype in rsa dsa $ecdsa rsa_v00 dsa_v00; do + for ktype in $PLAIN_TYPES rsa_v00 dsa_v00; do verbose "$tid: host ${ktype} cert connect privsep $privsep" ( cat $OBJ/sshd_proxy_bak @@ -69,26 +72,13 @@ done printf '@cert-authority ' printf "$HOSTS " cat $OBJ/host_ca_key.pub - printf '@revoked ' - printf "* " - cat $OBJ/cert_host_key_rsa.pub - if test "x$TEST_SSH_ECC" = "xyes"; then - printf '@revoked ' - printf "* " - cat $OBJ/cert_host_key_ecdsa.pub - fi - printf '@revoked ' - printf "* " - cat $OBJ/cert_host_key_dsa.pub - printf '@revoked ' - printf "* " - cat $OBJ/cert_host_key_rsa_v00.pub - printf '@revoked ' - printf "* " - cat $OBJ/cert_host_key_dsa_v00.pub + for ktype in $PLAIN_TYPES rsa_v00 dsa_v00; do + test -f "$OBJ/cert_host_key_${ktype}.pub" || fatal "no pubkey" + printf "@revoked * `cat $OBJ/cert_host_key_${ktype}.pub`\n" + done ) > $OBJ/known_hosts-cert for privsep in yes no ; do - for ktype in rsa dsa $ecdsa rsa_v00 dsa_v00; do + for ktype in $PLAIN_TYPES rsa_v00 dsa_v00; do verbose "$tid: host ${ktype} revoked cert privsep $privsep" ( cat $OBJ/sshd_proxy_bak @@ -115,7 +105,7 @@ done printf "* " cat $OBJ/host_ca_key.pub ) > $OBJ/known_hosts-cert -for ktype in rsa dsa $ecdsa rsa_v00 dsa_v00 ; do +for ktype in $PLAIN_TYPES rsa_v00 dsa_v00 ; do verbose "$tid: host ${ktype} revoked cert" ( cat $OBJ/sshd_proxy_bak @@ -186,9 +176,8 @@ test_one "cert has constraints" failure "-h -Oforce-command=false" # Check downgrade of cert to raw key when no CA found for v in v01 v00 ; do - for ktype in rsa dsa $ecdsa ; do - # v00 ecdsa certs do not exist. - test "${v}${ktype}" = "v00ecdsa" && continue + for ktype in $PLAIN_TYPES ; do + type_has_legacy $ktype || continue rm -f $OBJ/known_hosts-cert $OBJ/cert_host_key* verbose "$tid: host ${ktype} ${v} cert downgrade to raw key" # Generate and sign a host key @@ -225,9 +214,8 @@ done cat $OBJ/host_ca_key.pub ) > $OBJ/known_hosts-cert for v in v01 v00 ; do - for kt in rsa dsa $ecdsa ; do - # v00 ecdsa certs do not exist. - test "${v}${ktype}" = "v00ecdsa" && continue + for kt in $PLAIN_TYPES ; do + type_has_legacy $kt || continue rm -f $OBJ/cert_host_key* # Self-sign key ${SSHKEYGEN} -q -N '' -t ${kt} \ diff --git a/crypto/openssh/regress/cert-userkey.sh b/crypto/openssh/regress/cert-userkey.sh index 6018b38..b093a91 100755 --- a/crypto/openssh/regress/cert-userkey.sh +++ b/crypto/openssh/regress/cert-userkey.sh @@ -1,23 +1,26 @@ -# $OpenBSD: cert-userkey.sh,v 1.11 2013/05/17 00:37:40 dtucker Exp $ +# $OpenBSD: cert-userkey.sh,v 1.12 2013/12/06 13:52:46 markus Exp $ # Placed in the Public Domain. tid="certified user keys" -# used to disable ECC based tests on platforms without ECC -ecdsa="" -if test "x$TEST_SSH_ECC" = "xyes"; then - ecdsa=ecdsa -fi - rm -f $OBJ/authorized_keys_$USER $OBJ/user_ca_key* $OBJ/cert_user_key* cp $OBJ/sshd_proxy $OBJ/sshd_proxy_bak +PLAIN_TYPES=`$SSH -Q key-plain | sed 's/^ssh-dss/ssh-dsa/;s/^ssh-//'` + +type_has_legacy() { + case $1 in + ed25519*|ecdsa*) return 1 ;; + esac + return 0 +} + # Create a CA key ${SSHKEYGEN} -q -N '' -t rsa -f $OBJ/user_ca_key ||\ fail "ssh-keygen of user_ca_key failed" # Generate and sign user keys -for ktype in rsa dsa $ecdsa ; do +for ktype in $PLAIN_TYPES ; do verbose "$tid: sign user ${ktype} cert" ${SSHKEYGEN} -q -N '' -t ${ktype} \ -f $OBJ/cert_user_key_${ktype} || \ @@ -25,18 +28,18 @@ for ktype in rsa dsa $ecdsa ; do ${SSHKEYGEN} -q -s $OBJ/user_ca_key -I "regress user key for $USER" \ -z $$ -n ${USER},mekmitasdigoat $OBJ/cert_user_key_${ktype} || fail "couldn't sign cert_user_key_${ktype}" - # v00 ecdsa certs do not exist - test "${ktype}" = "ecdsa" && continue + type_has_legacy $ktype || continue cp $OBJ/cert_user_key_${ktype} $OBJ/cert_user_key_${ktype}_v00 cp $OBJ/cert_user_key_${ktype}.pub $OBJ/cert_user_key_${ktype}_v00.pub + verbose "$tid: sign host ${ktype}_v00 cert" ${SSHKEYGEN} -q -t v00 -s $OBJ/user_ca_key -I \ "regress user key for $USER" \ -n ${USER},mekmitasdigoat $OBJ/cert_user_key_${ktype}_v00 || - fail "couldn't sign cert_user_key_${ktype}_v00" + fatal "couldn't sign cert_user_key_${ktype}_v00" done # Test explicitly-specified principals -for ktype in rsa dsa $ecdsa rsa_v00 dsa_v00 ; do +for ktype in $PLAIN_TYPES rsa_v00 dsa_v00 ; do for privsep in yes no ; do _prefix="${ktype} privsep $privsep" @@ -162,7 +165,7 @@ basic_tests() { extra_sshd="TrustedUserCAKeys $OBJ/user_ca_key.pub" fi - for ktype in rsa dsa $ecdsa rsa_v00 dsa_v00 ; do + for ktype in $PLAIN_TYPES rsa_v00 dsa_v00 ; do for privsep in yes no ; do _prefix="${ktype} privsep $privsep $auth" # Simple connect @@ -332,7 +335,7 @@ test_one "principals key option no principals" failure "" \ # Wrong certificate cat $OBJ/sshd_proxy_bak > $OBJ/sshd_proxy -for ktype in rsa dsa $ecdsa rsa_v00 dsa_v00 ; do +for ktype in $PLAIN_TYPES rsa_v00 dsa_v00 ; do case $ktype in *_v00) args="-t v00" ;; *) args="" ;; diff --git a/crypto/openssh/regress/cipher-speed.sh b/crypto/openssh/regress/cipher-speed.sh index 489d9f5..a6d53a7 100644 --- a/crypto/openssh/regress/cipher-speed.sh +++ b/crypto/openssh/regress/cipher-speed.sh @@ -1,4 +1,4 @@ -# $OpenBSD: cipher-speed.sh,v 1.9 2013/05/17 04:29:14 dtucker Exp $ +# $OpenBSD: cipher-speed.sh,v 1.11 2013/11/21 03:18:51 djm Exp $ # Placed in the Public Domain. tid="cipher speed" @@ -11,18 +11,7 @@ getbytes () tries="1 2" -ciphers="aes128-cbc 3des-cbc blowfish-cbc cast128-cbc - arcfour128 arcfour256 arcfour - aes192-cbc aes256-cbc rijndael-cbc@lysator.liu.se - aes128-ctr aes192-ctr aes256-ctr" -config_defined OPENSSL_HAVE_EVPGCM && \ - ciphers="$ciphers aes128-gcm@openssh.com aes256-gcm@openssh.com" -macs="hmac-sha1 hmac-md5 umac-64@openssh.com umac-128@openssh.com - hmac-sha1-96 hmac-md5-96" -config_defined HAVE_EVP_SHA256 && \ - macs="$macs hmac-sha2-256 hmac-sha2-512" - -for c in $ciphers; do n=0; for m in $macs; do +for c in `${SSH} -Q cipher`; do n=0; for m in `${SSH} -Q mac`; do trace "proto 2 cipher $c mac $m" for x in $tries; do printf "%-60s" "$c/$m:" @@ -35,10 +24,10 @@ for c in $ciphers; do n=0; for m in $macs; do fail "ssh -2 failed with mac $m cipher $c" fi done - # No point trying all MACs for GCM since they are ignored. - case $c in - aes*-gcm@openssh.com) test $n -gt 0 && break;; - esac + # No point trying all MACs for AEAD ciphers since they are ignored. + if ssh -Q cipher-auth | grep "^${c}\$" >/dev/null 2>&1 ; then + break + fi n=`expr $n + 1` done; done diff --git a/crypto/openssh/regress/forward-control.sh b/crypto/openssh/regress/forward-control.sh index 80ddb41..7f7d105 100755 --- a/crypto/openssh/regress/forward-control.sh +++ b/crypto/openssh/regress/forward-control.sh @@ -1,4 +1,4 @@ -# $OpenBSD: forward-control.sh,v 1.1 2012/12/02 20:47:48 djm Exp $ +# $OpenBSD: forward-control.sh,v 1.2 2013/11/18 05:09:32 naddy Exp $ # Placed in the Public Domain. tid="sshd control of local and remote forwarding" diff --git a/crypto/openssh/regress/integrity.sh b/crypto/openssh/regress/integrity.sh index 1d17fe1..852d826 100755 --- a/crypto/openssh/regress/integrity.sh +++ b/crypto/openssh/regress/integrity.sh @@ -1,4 +1,4 @@ -# $OpenBSD: integrity.sh,v 1.10 2013/05/17 01:32:11 dtucker Exp $ +# $OpenBSD: integrity.sh,v 1.12 2013/11/21 03:18:51 djm Exp $ # Placed in the Public Domain. tid="integrity" @@ -8,18 +8,10 @@ tid="integrity" # XXX and ssh tries to read... tries=10 startoffset=2900 -macs="hmac-sha1 hmac-md5 umac-64@openssh.com umac-128@openssh.com - hmac-sha1-96 hmac-md5-96 - hmac-sha1-etm@openssh.com hmac-md5-etm@openssh.com - umac-64-etm@openssh.com umac-128-etm@openssh.com - hmac-sha1-96-etm@openssh.com hmac-md5-96-etm@openssh.com" -config_defined HAVE_EVP_SHA256 && - macs="$macs hmac-sha2-256 hmac-sha2-512 - hmac-sha2-256-etm@openssh.com hmac-sha2-512-etm@openssh.com" +macs=`${SSH} -Q mac` # The following are not MACs, but ciphers with integrated integrity. They are # handled specially below. -config_defined OPENSSL_HAVE_EVPGCM && \ - macs="$macs aes128-gcm@openssh.com aes256-gcm@openssh.com" +macs="$macs `${SSH} -Q cipher-auth`" # avoid DH group exchange as the extra traffic makes it harder to get the # offset into the stream right. @@ -44,12 +36,14 @@ for m in $macs; do fi # modify output from sshd at offset $off pxy="proxycommand=$cmd | $OBJ/modpipe -wm xor:$off:1" - case $m in - aes*gcm*) macopt="-c $m";; - *) macopt="-m $m";; - esac + if ssh -Q cipher-auth | grep "^${m}\$" >/dev/null 2>&1 ; then + macopt="-c $m" + else + macopt="-m $m -c aes128-ctr" + fi verbose "test $tid: $m @$off" ${SSH} $macopt -2F $OBJ/ssh_proxy -o "$pxy" \ + -oServerAliveInterval=1 -oServerAliveCountMax=30 \ 999.999.999.999 'printf "%4096s" " "' >/dev/null if [ $? -eq 0 ]; then fail "ssh -m $m succeeds with bit-flip at $off" diff --git a/crypto/openssh/regress/kextype.sh b/crypto/openssh/regress/kextype.sh index 79c0817..8c2ac09 100755 --- a/crypto/openssh/regress/kextype.sh +++ b/crypto/openssh/regress/kextype.sh @@ -1,4 +1,4 @@ -# $OpenBSD: kextype.sh,v 1.1 2010/09/22 12:26:05 djm Exp $ +# $OpenBSD: kextype.sh,v 1.4 2013/11/07 04:26:56 dtucker Exp $ # Placed in the Public Domain. tid="login with different key exchange algorithms" @@ -7,18 +7,8 @@ TIME=/usr/bin/time cp $OBJ/sshd_proxy $OBJ/sshd_proxy_bak cp $OBJ/ssh_proxy $OBJ/ssh_proxy_bak -if test "$TEST_SSH_ECC" = "yes"; then - kextypes="ecdh-sha2-nistp256 ecdh-sha2-nistp384 ecdh-sha2-nistp521" -fi -if test "$TEST_SSH_SHA256" = "yes"; then - kextypes="$kextypes diffie-hellman-group-exchange-sha256" -fi -kextypes="$kextypes diffie-hellman-group-exchange-sha1" -kextypes="$kextypes diffie-hellman-group14-sha1" -kextypes="$kextypes diffie-hellman-group1-sha1" - tries="1 2 3 4" -for k in $kextypes; do +for k in `${SSH} -Q kex`; do verbose "kex $k" for i in $tries; do ${SSH} -F $OBJ/ssh_proxy -o KexAlgorithms=$k x true diff --git a/crypto/openssh/regress/keytype.sh b/crypto/openssh/regress/keytype.sh index 59586bf..9752acb 100755 --- a/crypto/openssh/regress/keytype.sh +++ b/crypto/openssh/regress/keytype.sh @@ -1,4 +1,4 @@ -# $OpenBSD: keytype.sh,v 1.2 2013/05/17 00:37:40 dtucker Exp $ +# $OpenBSD: keytype.sh,v 1.3 2013/12/06 13:52:46 markus Exp $ # Placed in the Public Domain. tid="login with different key types" @@ -11,10 +11,16 @@ fi cp $OBJ/sshd_proxy $OBJ/sshd_proxy_bak cp $OBJ/ssh_proxy $OBJ/ssh_proxy_bak -ktypes="dsa-1024 rsa-2048 rsa-3072" -if test "$TEST_SSH_ECC" = "yes"; then - ktypes="$ktypes ecdsa-256 ecdsa-384 ecdsa-521" -fi +# Traditional and builtin key types. +ktypes="dsa-1024 rsa-2048 rsa-3072 ed25519-512" +# Types not present in all OpenSSL versions. +for i in `$SSH -Q key`; do + case "$i" in + ecdsa-sha2-nistp256) ktypes="$ktypes ecdsa-256" ;; + ecdsa-sha2-nistp384) ktypes="$ktypes ecdsa-384" ;; + ecdsa-sha2-nistp521) ktypes="$ktypes ecdsa-521" ;; + esac +done for kt in $ktypes; do rm -f $OBJ/key.$kt diff --git a/crypto/openssh/regress/krl.sh b/crypto/openssh/regress/krl.sh index de9cc87..0924637 100755 --- a/crypto/openssh/regress/krl.sh +++ b/crypto/openssh/regress/krl.sh @@ -1,4 +1,4 @@ -# $OpenBSD: krl.sh,v 1.1 2013/01/18 00:45:29 djm Exp $ +# $OpenBSD: krl.sh,v 1.2 2013/11/21 03:15:46 djm Exp $ # Placed in the Public Domain. tid="key revocation lists" @@ -101,6 +101,9 @@ $SSHKEYGEN $OPTS -kf $OBJ/krl-keyid -s $OBJ/revoked-ca.pub $OBJ/revoked-keyid \ >/dev/null || fatal "$SSHKEYGEN KRL failed" } +## XXX dump with trace and grep for set cert serials +## XXX test ranges near (u64)-1, etc. + verbose "$tid: generating KRLs" genkrls diff --git a/crypto/openssh/regress/modpipe.c b/crypto/openssh/regress/modpipe.c index 85747cf..e854f9e 100755 --- a/crypto/openssh/regress/modpipe.c +++ b/crypto/openssh/regress/modpipe.c @@ -14,7 +14,7 @@ * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. */ -/* $OpenBSD: modpipe.c,v 1.5 2013/05/10 03:46:14 djm Exp $ */ +/* $OpenBSD: modpipe.c,v 1.6 2013/11/21 03:16:47 djm Exp $ */ #include "includes.h" @@ -68,7 +68,7 @@ usage(void) #define MAX_MODIFICATIONS 256 struct modification { enum { MOD_XOR, MOD_AND_OR } what; - u_int64_t offset; + unsigned long long offset; u_int8_t m1, m2; }; @@ -79,7 +79,7 @@ parse_modification(const char *s, struct modification *m) int n, m1, m2; bzero(m, sizeof(*m)); - if ((n = sscanf(s, "%16[^:]%*[:]%lli%*[:]%i%*[:]%i", + if ((n = sscanf(s, "%16[^:]%*[:]%llu%*[:]%i%*[:]%i", what, &m->offset, &m1, &m2)) < 3) errx(1, "Invalid modification spec \"%s\"", s); if (strcasecmp(what, "xor") == 0) { diff --git a/crypto/openssh/regress/rekey.sh b/crypto/openssh/regress/rekey.sh index 8eb7efa..cf9401e 100644 --- a/crypto/openssh/regress/rekey.sh +++ b/crypto/openssh/regress/rekey.sh @@ -1,4 +1,4 @@ -# $OpenBSD: rekey.sh,v 1.8 2013/05/17 04:29:14 dtucker Exp $ +# $OpenBSD: rekey.sh,v 1.14 2013/11/21 03:18:51 djm Exp $ # Placed in the Public Domain. tid="rekey" @@ -7,34 +7,67 @@ LOG=${TEST_SSH_LOGFILE} rm -f ${LOG} -for s in 16 1k 128k 256k; do - verbose "client rekeylimit ${s}" +# Test rekeying based on data volume only. +# Arguments will be passed to ssh. +ssh_data_rekeying() +{ rm -f ${COPY} ${LOG} - cat $DATA | \ - ${SSH} -oCompression=no -oRekeyLimit=$s \ - -v -F $OBJ/ssh_proxy somehost "cat > ${COPY}" + ${SSH} <${DATA} -oCompression=no $@ -v -F $OBJ/ssh_proxy somehost \ + "cat > ${COPY}" if [ $? -ne 0 ]; then - fail "ssh failed" + fail "ssh failed ($@)" fi - cmp $DATA ${COPY} || fail "corrupted copy" + cmp ${DATA} ${COPY} || fail "corrupted copy ($@)" n=`grep 'NEWKEYS sent' ${LOG} | wc -l` n=`expr $n - 1` trace "$n rekeying(s)" if [ $n -lt 1 ]; then - fail "no rekeying occured" + fail "no rekeying occured ($@)" fi +} + +increase_datafile_size 300 + +opts="" +for i in `${SSH} -Q kex`; do + opts="$opts KexAlgorithms=$i" +done +for i in `${SSH} -Q cipher`; do + opts="$opts Ciphers=$i" +done +for i in `${SSH} -Q mac`; do + opts="$opts MACs=$i" +done + +for opt in $opts; do + verbose "client rekey $opt" + ssh_data_rekeying -oRekeyLimit=256k -o$opt +done + +# AEAD ciphers are magical so test with all KexAlgorithms +if ${SSH} -Q cipher-auth | grep '^.*$' >/dev/null 2>&1 ; then + for c in `${SSH} -Q cipher-auth`; do + for kex in `${SSH} -Q kex`; do + verbose "client rekey $c $kex" + ssh_data_rekeying -oRekeyLimit=256k -oCiphers=$c -oKexAlgorithms=$kex + done + done +fi + +for s in 16 1k 128k 256k; do + verbose "client rekeylimit ${s}" + ssh_data_rekeying -oCompression=no -oRekeyLimit=$s done for s in 5 10; do verbose "client rekeylimit default ${s}" rm -f ${COPY} ${LOG} - cat $DATA | \ - ${SSH} -oCompression=no -oRekeyLimit="default $s" -F \ - $OBJ/ssh_proxy somehost "cat >${COPY};sleep $s;sleep 3" + ${SSH} < ${DATA} -oCompression=no -oRekeyLimit="default $s" -F \ + $OBJ/ssh_proxy somehost "cat >${COPY};sleep $s;sleep 3" if [ $? -ne 0 ]; then fail "ssh failed" fi - cmp $DATA ${COPY} || fail "corrupted copy" + cmp ${DATA} ${COPY} || fail "corrupted copy" n=`grep 'NEWKEYS sent' ${LOG} | wc -l` n=`expr $n - 1` trace "$n rekeying(s)" @@ -98,10 +131,10 @@ for size in 16 1k 1K 1m 1M 1g 1G; do awk '/rekeylimit/{print $3}'` if [ "$bytes" != "$b" ]; then - fatal "rekeylimit size: expected $bytes got $b" + fatal "rekeylimit size: expected $bytes bytes got $b" fi if [ "$seconds" != "$s" ]; then - fatal "rekeylimit time: expected $time got $s" + fatal "rekeylimit time: expected $time seconds got $s" fi done done diff --git a/crypto/openssh/regress/scp-ssh-wrapper.sh b/crypto/openssh/regress/scp-ssh-wrapper.sh index d1005a9..c63bc2b 100644 --- a/crypto/openssh/regress/scp-ssh-wrapper.sh +++ b/crypto/openssh/regress/scp-ssh-wrapper.sh @@ -17,7 +17,7 @@ printname () { } # Discard all but last argument. We use arg later. -while test "$1" != ""; do +while test "x$1" != "x"; do arg="$1" shift done @@ -52,6 +52,8 @@ badserver_4) echo "X" ;; *) - exec $arg + set -- $arg + shift + exec $SCP "$@" ;; esac diff --git a/crypto/openssh/regress/scp.sh b/crypto/openssh/regress/scp.sh index 29c5b35..c2da2a8 100644 --- a/crypto/openssh/regress/scp.sh +++ b/crypto/openssh/regress/scp.sh @@ -20,6 +20,7 @@ SRC=`dirname ${SCRIPT}` cp ${SRC}/scp-ssh-wrapper.sh ${OBJ}/scp-ssh-wrapper.scp chmod 755 ${OBJ}/scp-ssh-wrapper.scp scpopts="-q -S ${OBJ}/scp-ssh-wrapper.scp" +export SCP # used in scp-ssh-wrapper.scp scpclean() { rm -rf ${COPY} ${COPY2} ${DIR} ${DIR2} diff --git a/crypto/openssh/regress/setuid-allowed.c b/crypto/openssh/regress/setuid-allowed.c new file mode 100644 index 0000000..37b7dc8 --- /dev/null +++ b/crypto/openssh/regress/setuid-allowed.c @@ -0,0 +1,56 @@ +/* + * Copyright (c) 2013 Damien Miller <djm@mindrot.org> + * + * Permission to use, copy, modify, and distribute this software for any + * purpose with or without fee is hereby granted, provided that the above + * copyright notice and this permission notice appear in all copies. + * + * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES + * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF + * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR + * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES + * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN + * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF + * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. + */ + +/* $OpenBSD$ */ + +#include "includes.h" + +#include <sys/types.h> +#ifdef HAVE_SYS_STATVFS_H +# include <sys/statvfs.h> +#endif +#include <stdio.h> +#include <errno.h> + +void +usage(void) +{ + fprintf(stderr, "check-setuid [path]\n"); + exit(1); +} + +int +main(int argc, char **argv) +{ + const char *path = "."; + struct statvfs sb; + + if (argc > 2) + usage(); + else if (argc == 2) + path = argv[1]; + + if (statvfs(path, &sb) != 0) { + /* Don't return an error if the host doesn't support statvfs */ + if (errno == ENOSYS) + return 0; + fprintf(stderr, "statvfs for \"%s\" failed: %s\n", + path, strerror(errno)); + } + return (sb.f_flag & ST_NOSUID) ? 1 : 0; +} + + diff --git a/crypto/openssh/regress/sftp-perm.sh b/crypto/openssh/regress/sftp-perm.sh new file mode 100644 index 0000000..304ca0a --- /dev/null +++ b/crypto/openssh/regress/sftp-perm.sh @@ -0,0 +1,269 @@ +# $OpenBSD: sftp-perm.sh,v 1.2 2013/10/17 22:00:18 djm Exp $ +# Placed in the Public Domain. + +tid="sftp permissions" + +SERVER_LOG=${OBJ}/sftp-server.log +CLIENT_LOG=${OBJ}/sftp.log +TEST_SFTP_SERVER=${OBJ}/sftp-server.sh + +prepare_server() { + printf "#!/bin/sh\nexec $SFTPSERVER -el debug3 $* 2>$SERVER_LOG\n" \ + > $TEST_SFTP_SERVER + chmod a+x $TEST_SFTP_SERVER +} + +run_client() { + echo "$@" | ${SFTP} -D ${TEST_SFTP_SERVER} -vvvb - >$CLIENT_LOG 2>&1 +} + +prepare_files() { + _prep="$1" + rm -f ${COPY} ${COPY}.1 + test -d ${COPY}.dd && { rmdir ${COPY}.dd || fatal "rmdir ${COPY}.dd"; } + test -z "$_prep" && return + sh -c "$_prep" || fail "preparation failed: \"$_prep\"" +} + +postcondition() { + _title="$1" + _check="$2" + test -z "$_check" && return + ${TEST_SHELL} -c "$_check" || fail "postcondition check failed: $_title" +} + +ro_test() { + _desc=$1 + _cmd="$2" + _prep="$3" + _expect_success_post="$4" + _expect_fail_post="$5" + verbose "$tid: read-only $_desc" + # Plain (no options, mostly to test that _cmd is good) + prepare_files "$_prep" + prepare_server + run_client "$_cmd" || fail "plain $_desc failed" + postcondition "$_desc no-readonly" "$_expect_success_post" + # Read-only enabled + prepare_files "$_prep" + prepare_server -R + run_client "$_cmd" && fail "read-only $_desc succeeded" + postcondition "$_desc readonly" "$_expect_fail_post" +} + +perm_test() { + _op=$1 + _whitelist_ops=$2 + _cmd="$3" + _prep="$4" + _expect_success_post="$5" + _expect_fail_post="$6" + verbose "$tid: explicit $_op" + # Plain (no options, mostly to test that _cmd is good) + prepare_files "$_prep" + prepare_server + run_client "$_cmd" || fail "plain $_op failed" + postcondition "$_op no white/blacklists" "$_expect_success_post" + # Whitelist + prepare_files "$_prep" + prepare_server -p $_op,$_whitelist_ops + run_client "$_cmd" || fail "whitelisted $_op failed" + postcondition "$_op whitelisted" "$_expect_success_post" + # Blacklist + prepare_files "$_prep" + prepare_server -P $_op + run_client "$_cmd" && fail "blacklisted $_op succeeded" + postcondition "$_op blacklisted" "$_expect_fail_post" + # Whitelist with op missing. + prepare_files "$_prep" + prepare_server -p $_whitelist_ops + run_client "$_cmd" && fail "no whitelist $_op succeeded" + postcondition "$_op not in whitelist" "$_expect_fail_post" +} + +ro_test \ + "upload" \ + "put $DATA $COPY" \ + "" \ + "cmp $DATA $COPY" \ + "test ! -f $COPY" + +ro_test \ + "setstat" \ + "chmod 0700 $COPY" \ + "touch $COPY; chmod 0400 $COPY" \ + "test -x $COPY" \ + "test ! -x $COPY" + +ro_test \ + "rm" \ + "rm $COPY" \ + "touch $COPY" \ + "test ! -f $COPY" \ + "test -f $COPY" + +ro_test \ + "mkdir" \ + "mkdir ${COPY}.dd" \ + "" \ + "test -d ${COPY}.dd" \ + "test ! -d ${COPY}.dd" + +ro_test \ + "rmdir" \ + "rmdir ${COPY}.dd" \ + "mkdir ${COPY}.dd" \ + "test ! -d ${COPY}.dd" \ + "test -d ${COPY}.dd" + +ro_test \ + "posix-rename" \ + "rename $COPY ${COPY}.1" \ + "touch $COPY" \ + "test -f ${COPY}.1 -a ! -f $COPY" \ + "test -f $COPY -a ! -f ${COPY}.1" + +ro_test \ + "oldrename" \ + "rename -l $COPY ${COPY}.1" \ + "touch $COPY" \ + "test -f ${COPY}.1 -a ! -f $COPY" \ + "test -f $COPY -a ! -f ${COPY}.1" + +ro_test \ + "symlink" \ + "ln -s $COPY ${COPY}.1" \ + "touch $COPY" \ + "test -h ${COPY}.1" \ + "test ! -h ${COPY}.1" + +ro_test \ + "hardlink" \ + "ln $COPY ${COPY}.1" \ + "touch $COPY" \ + "test -f ${COPY}.1" \ + "test ! -f ${COPY}.1" + +# Test explicit permissions + +perm_test \ + "open" \ + "realpath,stat,lstat,read,close" \ + "get $DATA $COPY" \ + "" \ + "cmp $DATA $COPY" \ + "! cmp $DATA $COPY 2>/dev/null" + +perm_test \ + "read" \ + "realpath,stat,lstat,open,close" \ + "get $DATA $COPY" \ + "" \ + "cmp $DATA $COPY" \ + "! cmp $DATA $COPY 2>/dev/null" + +perm_test \ + "write" \ + "realpath,stat,lstat,open,close" \ + "put $DATA $COPY" \ + "" \ + "cmp $DATA $COPY" \ + "! cmp $DATA $COPY 2>/dev/null" + +perm_test \ + "lstat" \ + "realpath,stat,open,read,close" \ + "get $DATA $COPY" \ + "" \ + "cmp $DATA $COPY" \ + "! cmp $DATA $COPY 2>/dev/null" + +perm_test \ + "opendir" \ + "realpath,readdir,stat,lstat" \ + "ls -ln $OBJ" + +perm_test \ + "readdir" \ + "realpath,opendir,stat,lstat" \ + "ls -ln $OBJ" + +perm_test \ + "setstat" \ + "realpath,stat,lstat" \ + "chmod 0700 $COPY" \ + "touch $COPY; chmod 0400 $COPY" \ + "test -x $COPY" \ + "test ! -x $COPY" + +perm_test \ + "remove" \ + "realpath,stat,lstat" \ + "rm $COPY" \ + "touch $COPY" \ + "test ! -f $COPY" \ + "test -f $COPY" + +perm_test \ + "mkdir" \ + "realpath,stat,lstat" \ + "mkdir ${COPY}.dd" \ + "" \ + "test -d ${COPY}.dd" \ + "test ! -d ${COPY}.dd" + +perm_test \ + "rmdir" \ + "realpath,stat,lstat" \ + "rmdir ${COPY}.dd" \ + "mkdir ${COPY}.dd" \ + "test ! -d ${COPY}.dd" \ + "test -d ${COPY}.dd" + +perm_test \ + "posix-rename" \ + "realpath,stat,lstat" \ + "rename $COPY ${COPY}.1" \ + "touch $COPY" \ + "test -f ${COPY}.1 -a ! -f $COPY" \ + "test -f $COPY -a ! -f ${COPY}.1" + +perm_test \ + "rename" \ + "realpath,stat,lstat" \ + "rename -l $COPY ${COPY}.1" \ + "touch $COPY" \ + "test -f ${COPY}.1 -a ! -f $COPY" \ + "test -f $COPY -a ! -f ${COPY}.1" + +perm_test \ + "symlink" \ + "realpath,stat,lstat" \ + "ln -s $COPY ${COPY}.1" \ + "touch $COPY" \ + "test -h ${COPY}.1" \ + "test ! -h ${COPY}.1" + +perm_test \ + "hardlink" \ + "realpath,stat,lstat" \ + "ln $COPY ${COPY}.1" \ + "touch $COPY" \ + "test -f ${COPY}.1" \ + "test ! -f ${COPY}.1" + +perm_test \ + "statvfs" \ + "realpath,stat,lstat" \ + "df /" + +# XXX need good tests for: +# fstat +# fsetstat +# realpath +# stat +# readlink +# fstatvfs + +rm -rf ${COPY} ${COPY}.1 ${COPY}.dd + diff --git a/crypto/openssh/regress/test-exec.sh b/crypto/openssh/regress/test-exec.sh index eee4462..aac8aa5 100644 --- a/crypto/openssh/regress/test-exec.sh +++ b/crypto/openssh/regress/test-exec.sh @@ -1,4 +1,4 @@ -# $OpenBSD: test-exec.sh,v 1.46 2013/06/21 02:26:26 djm Exp $ +# $OpenBSD: test-exec.sh,v 1.47 2013/11/09 05:41:34 dtucker Exp $ # Placed in the Public Domain. #SUDO=sudo @@ -133,7 +133,12 @@ fi # Path to sshd must be absolute for rexec case "$SSHD" in /*) ;; -*) SSHD=`which sshd` ;; +*) SSHD=`which $SSHD` ;; +esac + +case "$SSHAGENT" in +/*) ;; +*) SSHAGENT=`which $SSHAGENT` ;; esac # Logfiles. @@ -166,14 +171,22 @@ SSH="$SSHLOGWRAP" # Some test data. We make a copy because some tests will overwrite it. # The tests may assume that $DATA exists and is writable and $COPY does -# not exist. +# not exist. Tests requiring larger data files can call increase_datafile_size +# [kbytes] to ensure the file is at least that large. DATANAME=data DATA=$OBJ/${DATANAME} -cat $SSHD $SSHD $SSHD $SSHD >${DATA} +cat ${SSHAGENT} >${DATA} chmod u+w ${DATA} COPY=$OBJ/copy rm -f ${COPY} +increase_datafile_size() +{ + while [ `du -k ${DATA} | cut -f1` -lt $1 ]; do + cat ${SSHAGENT} >>${DATA} + done +} + # these should be used in tests export SSH SSHD SSHAGENT SSHADD SSHKEYGEN SSHKEYSCAN SFTP SFTPSERVER SCP #echo $SSH $SSHD $SSHAGENT $SSHADD $SSHKEYGEN $SSHKEYSCAN $SFTP $SFTPSERVER $SCP diff --git a/crypto/openssh/regress/try-ciphers.sh b/crypto/openssh/regress/try-ciphers.sh index e17c9f5..ac34ced 100644 --- a/crypto/openssh/regress/try-ciphers.sh +++ b/crypto/openssh/regress/try-ciphers.sh @@ -1,37 +1,22 @@ -# $OpenBSD: try-ciphers.sh,v 1.20 2013/05/17 10:16:26 dtucker Exp $ +# $OpenBSD: try-ciphers.sh,v 1.22 2013/11/21 03:18:51 djm Exp $ # Placed in the Public Domain. tid="try ciphers" -ciphers="aes128-cbc 3des-cbc blowfish-cbc cast128-cbc - arcfour128 arcfour256 arcfour - aes192-cbc aes256-cbc rijndael-cbc@lysator.liu.se - aes128-ctr aes192-ctr aes256-ctr" -config_defined OPENSSL_HAVE_EVPGCM && \ - ciphers="$ciphers aes128-gcm@openssh.com aes256-gcm@openssh.com" -macs="hmac-sha1 hmac-md5 umac-64@openssh.com umac-128@openssh.com - hmac-sha1-96 hmac-md5-96 - hmac-sha1-etm@openssh.com hmac-md5-etm@openssh.com - umac-64-etm@openssh.com umac-128-etm@openssh.com - hmac-sha1-96-etm@openssh.com hmac-md5-96-etm@openssh.com - hmac-ripemd160-etm@openssh.com" -config_defined HAVE_EVP_SHA256 && - macs="$macs hmac-sha2-256 hmac-sha2-512 - hmac-sha2-256-etm@openssh.com hmac-sha2-512-etm@openssh.com" - -for c in $ciphers; do +for c in `${SSH} -Q cipher`; do n=0 - for m in $macs; do + for m in `${SSH} -Q mac`; do trace "proto 2 cipher $c mac $m" verbose "test $tid: proto 2 cipher $c mac $m" ${SSH} -F $OBJ/ssh_proxy -2 -m $m -c $c somehost true if [ $? -ne 0 ]; then fail "ssh -2 failed with mac $m cipher $c" fi - # No point trying all MACs for GCM since they are ignored. - case $c in - aes*-gcm@openssh.com) test $n -gt 0 && break;; - esac + # No point trying all MACs for AEAD ciphers since they + # are ignored. + if ssh -Q cipher-auth | grep "^${c}\$" >/dev/null 2>&1 ; then + break + fi n=`expr $n + 1` done done |