зеркало из https://github.com/Azure/sonic-openssh.git
- (djm) Import OpenBSD regression tests. Requires BSD make to run
This commit is contained in:
Родитель
2f09289e74
Коммит
38cd435892
|
@ -1,3 +1,6 @@
|
||||||
|
20020501
|
||||||
|
- (djm) Import OpenBSD regression tests. Requires BSD make to run
|
||||||
|
|
||||||
20020429
|
20020429
|
||||||
- (tim) [contrib/caldera/openssh.spec] update fixUP to reflect changes in
|
- (tim) [contrib/caldera/openssh.spec] update fixUP to reflect changes in
|
||||||
sshd_config.
|
sshd_config.
|
||||||
|
@ -521,4 +524,4 @@
|
||||||
- (stevesk) entropy.c: typo in debug message
|
- (stevesk) entropy.c: typo in debug message
|
||||||
- (djm) ssh-keygen -i needs seeded RNG; report from markus@
|
- (djm) ssh-keygen -i needs seeded RNG; report from markus@
|
||||||
|
|
||||||
$Id: ChangeLog,v 1.2089 2002/04/30 03:53:12 tim Exp $
|
$Id: ChangeLog,v 1.2090 2002/05/01 03:17:33 djm Exp $
|
||||||
|
|
|
@ -0,0 +1,73 @@
|
||||||
|
# $OpenBSD: Makefile,v 1.13 2002/04/01 22:15:08 markus Exp $
|
||||||
|
|
||||||
|
REGRESSTARGETS= t1 t2 t3 t4 t5 t6 t7
|
||||||
|
|
||||||
|
CLEANFILES+= t2.out t6.out1 t6.out2 t7.out t7.out.pub
|
||||||
|
|
||||||
|
LTESTS= connect \
|
||||||
|
proxy-connect \
|
||||||
|
connect-privsep \
|
||||||
|
proto-version \
|
||||||
|
proto-mismatch \
|
||||||
|
exit-status \
|
||||||
|
transfer \
|
||||||
|
stderr-data \
|
||||||
|
stderr-after-eof \
|
||||||
|
broken-pipe \
|
||||||
|
try-ciphers \
|
||||||
|
yes-head \
|
||||||
|
agent \
|
||||||
|
keyscan \
|
||||||
|
sftp \
|
||||||
|
forwarding
|
||||||
|
|
||||||
|
USER!= id -un
|
||||||
|
CLEANFILES+= authorized_keys_${USER} known_hosts pidfile \
|
||||||
|
ssh_config ssh_proxy sshd_config sshd_proxy \
|
||||||
|
rsa.pub rsa rsa1.pub rsa1 host.rsa host.rsa1 \
|
||||||
|
rsa-agent rsa-agent.pub rsa1-agent rsa1-agent.pub \
|
||||||
|
ls.copy
|
||||||
|
|
||||||
|
#LTESTS+= ssh-com ssh-com-client ssh-com-keygen ssh-com-sftp
|
||||||
|
|
||||||
|
t1:
|
||||||
|
ssh-keygen -if ${.CURDIR}/rsa_ssh2.prv | diff - ${.CURDIR}/rsa_openssh.prv
|
||||||
|
|
||||||
|
t2:
|
||||||
|
cat ${.CURDIR}/rsa_openssh.prv > t2.out
|
||||||
|
chmod 600 t2.out
|
||||||
|
ssh-keygen -yf t2.out | diff - ${.CURDIR}/rsa_openssh.pub
|
||||||
|
|
||||||
|
t3:
|
||||||
|
ssh-keygen -ef ${.CURDIR}/rsa_openssh.pub |\
|
||||||
|
ssh-keygen -if /dev/stdin |\
|
||||||
|
diff - ${.CURDIR}/rsa_openssh.pub
|
||||||
|
|
||||||
|
t4:
|
||||||
|
ssh-keygen -lf ${.CURDIR}/rsa_openssh.pub |\
|
||||||
|
awk '{print $$2}' | diff - ${.CURDIR}/t4.ok
|
||||||
|
|
||||||
|
t5:
|
||||||
|
ssh-keygen -Bf ${.CURDIR}/rsa_openssh.pub |\
|
||||||
|
awk '{print $$2}' | diff - ${.CURDIR}/t5.ok
|
||||||
|
|
||||||
|
t6:
|
||||||
|
ssh-keygen -if ${.CURDIR}/dsa_ssh2.prv > t6.out1
|
||||||
|
ssh-keygen -if ${.CURDIR}/dsa_ssh2.pub > t6.out2
|
||||||
|
chmod 600 t6.out1
|
||||||
|
ssh-keygen -yf t6.out1 | diff - t6.out2
|
||||||
|
|
||||||
|
t7.out:
|
||||||
|
ssh-keygen -q -t rsa -N '' -f $@
|
||||||
|
|
||||||
|
t7: t7.out
|
||||||
|
ssh-keygen -lf t7.out > /dev/null
|
||||||
|
ssh-keygen -Bf t7.out > /dev/null
|
||||||
|
|
||||||
|
.for t in ${LTESTS}
|
||||||
|
REGRESSTARGETS+=t-${t}
|
||||||
|
t-${t}:
|
||||||
|
sh ${.CURDIR}/test-exec.sh ${.OBJDIR} ${.CURDIR}/${t}.sh
|
||||||
|
.endfor
|
||||||
|
|
||||||
|
.include "bsd.regress.mk"
|
|
@ -0,0 +1,75 @@
|
||||||
|
# $OpenBSD: agent.sh,v 1.6 2002/03/15 13:08:56 markus Exp $
|
||||||
|
# Placed in the Public Domain.
|
||||||
|
|
||||||
|
tid="simple agent test"
|
||||||
|
|
||||||
|
SSH_AUTH_SOCK=/nonexistant ${SSHADD} -l > /dev/null 2>&1
|
||||||
|
if [ $? -ne 2 ]; then
|
||||||
|
fail "ssh-add -l did not fail with exit code 2"
|
||||||
|
fi
|
||||||
|
|
||||||
|
trace "start agent"
|
||||||
|
eval `${SSHAGENT} -s` > /dev/null
|
||||||
|
r=$?
|
||||||
|
if [ $r -ne 0 ]; then
|
||||||
|
fail "could not start ssh-agent: exit code $r"
|
||||||
|
else
|
||||||
|
${SSHADD} -l > /dev/null 2>&1
|
||||||
|
if [ $? -ne 1 ]; then
|
||||||
|
fail "ssh-add -l did not fail with exit code 1"
|
||||||
|
fi
|
||||||
|
trace "overwrite authorized keys"
|
||||||
|
echo -n > $OBJ/authorized_keys_$USER
|
||||||
|
for t in rsa rsa1; do
|
||||||
|
# generate user key for agent
|
||||||
|
rm -f $OBJ/$t-agent
|
||||||
|
${SSHKEYGEN} -q -N '' -t $t -f $OBJ/$t-agent ||\
|
||||||
|
fail "ssh-keygen for $t-agent failed"
|
||||||
|
# add to authorized keys
|
||||||
|
cat $OBJ/$t-agent.pub >> $OBJ/authorized_keys_$USER
|
||||||
|
# add privat key to agent
|
||||||
|
${SSHADD} $OBJ/$t-agent > /dev/null 2>&1
|
||||||
|
if [ $? -ne 0 ]; then
|
||||||
|
fail "ssh-add did succeed exit code 0"
|
||||||
|
fi
|
||||||
|
done
|
||||||
|
${SSHADD} -l > /dev/null 2>&1
|
||||||
|
if [ $? -ne 0 ]; then
|
||||||
|
fail "ssh-add -l failed: exit code $?"
|
||||||
|
fi
|
||||||
|
# the same for full pubkey output
|
||||||
|
${SSHADD} -L > /dev/null 2>&1
|
||||||
|
if [ $? -ne 0 ]; then
|
||||||
|
fail "ssh-add -L failed: exit code $?"
|
||||||
|
fi
|
||||||
|
|
||||||
|
trace "simple connect via agent"
|
||||||
|
for p in 1 2; do
|
||||||
|
${SSH} -$p -F $OBJ/ssh_proxy somehost exit 5$p
|
||||||
|
if [ $? -ne 5$p ]; then
|
||||||
|
fail "ssh connect with protocol $p failed (exit code $?)"
|
||||||
|
fi
|
||||||
|
done
|
||||||
|
|
||||||
|
trace "agent forwarding"
|
||||||
|
for p in 1 2; do
|
||||||
|
${SSH} -A -$p -F $OBJ/ssh_proxy somehost ${SSHADD} -l > /dev/null 2>&1
|
||||||
|
if [ $? -ne 0 ]; then
|
||||||
|
fail "ssh-add -l via agent fwd proto $p failed (exit code $?)"
|
||||||
|
fi
|
||||||
|
${SSH} -A -$p -F $OBJ/ssh_proxy somehost \
|
||||||
|
"${SSH} -$p -F $OBJ/ssh_proxy somehost exit 5$p"
|
||||||
|
if [ $? -ne 5$p ]; then
|
||||||
|
fail "agent fwd proto $p failed (exit code $?)"
|
||||||
|
fi
|
||||||
|
done
|
||||||
|
|
||||||
|
trace "delete all agent keys"
|
||||||
|
${SSHADD} -D > /dev/null 2>&1
|
||||||
|
if [ $? -ne 0 ]; then
|
||||||
|
fail "ssh-add -D failed: exit code $?"
|
||||||
|
fi
|
||||||
|
|
||||||
|
trace "kill agent"
|
||||||
|
${SSHAGENT} -k > /dev/null
|
||||||
|
fi
|
|
@ -0,0 +1,2 @@
|
||||||
|
ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAIEAt6ttBacbgvLPsF1VWWfT51t55/5Mj62Xp8EaoH5SNSaLiGIgrrja077lKEept75U4uKFUYU5JJX9GPE9A7Y43LXv+/A6Jm4rEj/U0s4H8tf0UmzVC3t6xh0sRK0hYVNILyoHnIAgdY8CmOiybw7p6DxJY8MRAehD3n9+kFcachU= root@xenon
|
||||||
|
1024 35 132789427207755621599908461558918671787816692978751485815532032934821830960131244604702969298486352138126114080367609979552547448841583955126231410604842765726397407176910594168641969541792069550006878863592030567875913190224374005367884774859544943329148178663694126456638431428703289837638970464685771819219 root@xenon
|
|
@ -0,0 +1,15 @@
|
||||||
|
# $OpenBSD: broken-pipe.sh,v 1.4 2002/03/15 13:08:56 markus Exp $
|
||||||
|
# Placed in the Public Domain.
|
||||||
|
|
||||||
|
tid="broken pipe test"
|
||||||
|
|
||||||
|
for p in 1 2; do
|
||||||
|
trace "protocol $p"
|
||||||
|
for i in 1 2 3 4; do
|
||||||
|
${SSH} -$p -F $OBJ/ssh_config_config nexthost echo $i 2> /dev/null | true
|
||||||
|
r=$?
|
||||||
|
if [ $r -ne 0 ]; then
|
||||||
|
fail "broken pipe returns $r for protocol $p"
|
||||||
|
fi
|
||||||
|
done
|
||||||
|
done
|
|
@ -0,0 +1,79 @@
|
||||||
|
# $OpenBSD: bsd.regress.mk,v 1.9 2002/02/17 01:10:15 marc Exp $
|
||||||
|
# No man pages for regression tests.
|
||||||
|
NOMAN=
|
||||||
|
|
||||||
|
# No installation.
|
||||||
|
install:
|
||||||
|
|
||||||
|
# If REGRESSTARGETS is defined and PROG is not defined, set NOPROG
|
||||||
|
.if defined(REGRESSTARGETS) && !defined(PROG)
|
||||||
|
NOPROG=
|
||||||
|
.endif
|
||||||
|
|
||||||
|
.include <bsd.prog.mk>
|
||||||
|
|
||||||
|
.MAIN: all
|
||||||
|
all: regress
|
||||||
|
|
||||||
|
# XXX - Need full path to REGRESSLOG, otherwise there will be much pain.
|
||||||
|
|
||||||
|
REGRESSLOG?=/dev/null
|
||||||
|
REGRESSNAME=${.CURDIR:S/${BSDSRCDIR}\/regress\///}
|
||||||
|
|
||||||
|
.if defined(PROG) && !empty(PROG)
|
||||||
|
run-regress-${PROG}: ${PROG}
|
||||||
|
./${PROG}
|
||||||
|
.endif
|
||||||
|
|
||||||
|
.if !defined(REGRESSTARGETS)
|
||||||
|
REGRESSTARGETS=run-regress-${PROG}
|
||||||
|
. if defined(REGRESSSKIP)
|
||||||
|
REGRESSSKIPTARGETS=run-regress-${PROG}
|
||||||
|
. endif
|
||||||
|
.endif
|
||||||
|
|
||||||
|
REGRESSSKIPSLOW?=no
|
||||||
|
|
||||||
|
#.if (${REGRESSSKIPSLOW:L} == "yes") && defined(REGRESSSLOWTARGETS)
|
||||||
|
|
||||||
|
.if (${REGRESSSKIPSLOW} == "yes") && defined(REGRESSSLOWTARGETS)
|
||||||
|
REGRESSSKIPTARGETS+=${REGRESSSLOWTARGETS}
|
||||||
|
.endif
|
||||||
|
|
||||||
|
.if defined(REGRESSROOTTARGETS)
|
||||||
|
ROOTUSER!=id -g
|
||||||
|
SUDO?=
|
||||||
|
. if (${ROOTUSER} != 0) && empty(SUDO)
|
||||||
|
REGRESSSKIPTARGETS+=${REGRESSROOTTARGETS}
|
||||||
|
. endif
|
||||||
|
.endif
|
||||||
|
|
||||||
|
REGRESSSKIPTARGETS?=
|
||||||
|
|
||||||
|
regress:
|
||||||
|
.for RT in ${REGRESSTARGETS}
|
||||||
|
. if ${REGRESSSKIPTARGETS:M${RT}}
|
||||||
|
@echo -n "SKIP " >> ${REGRESSLOG}
|
||||||
|
. else
|
||||||
|
# XXX - we need a better method to see if a test fails due to timeout or just
|
||||||
|
# normal failure.
|
||||||
|
. if !defined(REGRESSMAXTIME)
|
||||||
|
@if cd ${.CURDIR} && ${MAKE} ${RT}; then \
|
||||||
|
echo -n "SUCCESS " >> ${REGRESSLOG} ; \
|
||||||
|
else \
|
||||||
|
echo -n "FAIL " >> ${REGRESSLOG} ; \
|
||||||
|
echo FAILED ; \
|
||||||
|
fi
|
||||||
|
. else
|
||||||
|
@if cd ${.CURDIR} && (ulimit -t ${REGRESSMAXTIME} ; ${MAKE} ${RT}); then \
|
||||||
|
echo -n "SUCCESS " >> ${REGRESSLOG} ; \
|
||||||
|
else \
|
||||||
|
echo -n "FAIL (possible timeout) " >> ${REGRESSLOG} ; \
|
||||||
|
echo FAILED ; \
|
||||||
|
fi
|
||||||
|
. endif
|
||||||
|
. endif
|
||||||
|
@echo ${REGRESSNAME}/${RT:S/^run-regress-//} >> ${REGRESSLOG}
|
||||||
|
.endfor
|
||||||
|
|
||||||
|
.PHONY: regress
|
|
@ -0,0 +1,13 @@
|
||||||
|
# $OpenBSD: connect-privsep.sh,v 1.1 2002/03/21 21:45:07 markus Exp $
|
||||||
|
# Placed in the Public Domain.
|
||||||
|
|
||||||
|
tid="proxy connect with privsep"
|
||||||
|
|
||||||
|
echo 'UsePrivilegeSeparation yes' >> $OBJ/sshd_proxy
|
||||||
|
|
||||||
|
for p in 1 2; do
|
||||||
|
${SSH} -$p -F $OBJ/ssh_proxy 999.999.999.999 true
|
||||||
|
if [ $? -ne 0 ]; then
|
||||||
|
fail "ssh privsep+proxyconnect protocol $p failed"
|
||||||
|
fi
|
||||||
|
done
|
|
@ -0,0 +1,13 @@
|
||||||
|
# $OpenBSD: connect.sh,v 1.4 2002/03/15 13:08:56 markus Exp $
|
||||||
|
# Placed in the Public Domain.
|
||||||
|
|
||||||
|
tid="simple connect"
|
||||||
|
|
||||||
|
start_sshd
|
||||||
|
|
||||||
|
for p in 1 2; do
|
||||||
|
${SSH} -o "Protocol=$p" -F $OBJ/ssh_config somehost true
|
||||||
|
if [ $? -ne 0 ]; then
|
||||||
|
fail "ssh connect with protocol $p failed"
|
||||||
|
fi
|
||||||
|
done
|
Двоичный файл не отображается.
Двоичный файл не отображается.
|
@ -0,0 +1,14 @@
|
||||||
|
---- BEGIN SSH2 ENCRYPTED PRIVATE KEY ----
|
||||||
|
Subject: ssh-keygen test
|
||||||
|
Comment: "1024-bit dsa, Tue Jan 08 2002 22:00:23 +0100"
|
||||||
|
P2/56wAAAgIAAAAmZGwtbW9kcHtzaWdue2RzYS1uaXN0LXNoYTF9LGRoe3BsYWlufX0AAA
|
||||||
|
AEbm9uZQAAAcQAAAHAAAAAAAAABACwUfm3AxZTut3icBmwCcD48nY64HzuELlQ+vEqjIcR
|
||||||
|
Lo49es/DQTeLNQ+kdKRCfouosGNv0WqxRtF0tUsWdXxS37oHGa4QPugBdHRd7YlZGZv8kg
|
||||||
|
x7FsoepY7v7E683/97dv2zxL3AGagTEzWr7fl0yPexAaZoDvtQrrjX44BLmwAABACWQkvv
|
||||||
|
MxnD8eFkS1konFfMJ1CkuRfTN34CBZ6dY7VTSGemy4QwtFdMKmoufD0eKgy3p5WOeWCYKt
|
||||||
|
F4FhjHKZk/aaxFjjIbtkrnlvXg64QI11dSZyBN6/ViQkHPSkUDF+A6AAEhrNbQbAFSvao1
|
||||||
|
kTvNtPCtL0AkUIduEMzGQfLCTAAAAKDeC043YVo9Zo0zAEeIA4uZh4LBCQAAA/9aj7Y5ik
|
||||||
|
ehygJ4qTDSlVypsPuV+n59tMS0e2pfrSG87yf5r94AKBmJeho5OO6wYaXCxsVB7AFbSUD6
|
||||||
|
75AK8mHF4v1/+7SWKk5f8xlMCMSPZ9K0+j/W1d/q2qkhnnDZolOHDomLA+U00i5ya/jnTV
|
||||||
|
zyDPWLFpWK8u3xGBPAYX324gAAAKDHFvooRnaXdZbeWGTTqmgHB1GU9A==
|
||||||
|
---- END SSH2 ENCRYPTED PRIVATE KEY ----
|
|
@ -0,0 +1,13 @@
|
||||||
|
---- BEGIN SSH2 PUBLIC KEY ----
|
||||||
|
Subject: ssh-keygen test
|
||||||
|
Comment: "1024-bit dsa, Tue Jan 08 2002 22:00:23 +0100"
|
||||||
|
AAAAB3NzaC1kc3MAAACBALBR+bcDFlO63eJwGbAJwPjydjrgfO4QuVD68SqMhxEujj16z8
|
||||||
|
NBN4s1D6R0pEJ+i6iwY2/RarFG0XS1SxZ1fFLfugcZrhA+6AF0dF3tiVkZm/ySDHsWyh6l
|
||||||
|
ju/sTrzf/3t2/bPEvcAZqBMTNavt+XTI97EBpmgO+1CuuNfjgEubAAAAFQDeC043YVo9Zo
|
||||||
|
0zAEeIA4uZh4LBCQAAAIEAlkJL7zMZw/HhZEtZKJxXzCdQpLkX0zd+AgWenWO1U0hnpsuE
|
||||||
|
MLRXTCpqLnw9HioMt6eVjnlgmCrReBYYxymZP2msRY4yG7ZK55b14OuECNdXUmcgTev1Yk
|
||||||
|
JBz0pFAxfgOgABIazW0GwBUr2qNZE7zbTwrS9AJFCHbhDMxkHywkwAAACAWo+2OYpHocoC
|
||||||
|
eKkw0pVcqbD7lfp+fbTEtHtqX60hvO8n+a/eACgZiXoaOTjusGGlwsbFQewBW0lA+u+QCv
|
||||||
|
JhxeL9f/u0lipOX/MZTAjEj2fStPo/1tXf6tqpIZ5w2aJThw6JiwPlNNIucmv4501c8gz1
|
||||||
|
ixaVivLt8RgTwGF99uI=
|
||||||
|
---- END SSH2 PUBLIC KEY ----
|
|
@ -0,0 +1,24 @@
|
||||||
|
# $OpenBSD: exit-status.sh,v 1.6 2002/03/15 13:08:56 markus Exp $
|
||||||
|
# Placed in the Public Domain.
|
||||||
|
|
||||||
|
tid="remote exit status"
|
||||||
|
|
||||||
|
for p in 1 2; do
|
||||||
|
for s in 0 1 4 5 44; do
|
||||||
|
trace "proto $p status $s"
|
||||||
|
verbose "test $tid: proto $p status $s"
|
||||||
|
${SSH} -$p -F $OBJ/ssh_proxy otherhost exit $s
|
||||||
|
r=$?
|
||||||
|
if [ $r -ne $s ]; then
|
||||||
|
fail "exit code mismatch for protocol $p: $r != $s"
|
||||||
|
fi
|
||||||
|
|
||||||
|
# same with early close of stdout/err
|
||||||
|
${SSH} -$p -F $OBJ/ssh_proxy -n otherhost \
|
||||||
|
exec sh -c \'"sleep 2; exec > /dev/null 2>&1; sleep 3; exit $s"\'
|
||||||
|
r=$?
|
||||||
|
if [ $r -ne $s ]; then
|
||||||
|
fail "exit code (with sleep) mismatch for protocol $p: $r != $s"
|
||||||
|
fi
|
||||||
|
done
|
||||||
|
done
|
|
@ -0,0 +1,33 @@
|
||||||
|
# $OpenBSD: forwarding.sh,v 1.4 2002/03/15 13:08:56 markus Exp $
|
||||||
|
# Placed in the Public Domain.
|
||||||
|
|
||||||
|
tid="local and remote forwarding"
|
||||||
|
|
||||||
|
start_sshd
|
||||||
|
|
||||||
|
base=33
|
||||||
|
last=$PORT
|
||||||
|
fwd=""
|
||||||
|
for j in 0 1 2; do
|
||||||
|
for i in 0 1 2; do
|
||||||
|
a=$base$j$i
|
||||||
|
b=`expr $a + 50`
|
||||||
|
c=$last
|
||||||
|
# fwd chain: $a -> $b -> $c
|
||||||
|
fwd="$fwd -L$a:127.0.0.1:$b -R$b:127.0.0.1:$c"
|
||||||
|
last=$a
|
||||||
|
done
|
||||||
|
done
|
||||||
|
for p in 1 2; do
|
||||||
|
q=`expr 3 - $p`
|
||||||
|
trace "start forwarding, fork to background"
|
||||||
|
${SSH} -$p -F $OBJ/ssh_config -f $fwd somehost sleep 10
|
||||||
|
|
||||||
|
trace "transfer over forwarded channels and check result"
|
||||||
|
${SSH} -$q -F $OBJ/ssh_config -p$last -o 'ConnectionAttempts=4' \
|
||||||
|
somehost cat /bin/ls > $OBJ/ls.copy
|
||||||
|
test -f $OBJ/ls.copy || fail "failed copy /bin/ls"
|
||||||
|
cmp /bin/ls $OBJ/ls.copy || fail "corrupted copy of /bin/ls"
|
||||||
|
|
||||||
|
sleep 10
|
||||||
|
done
|
|
@ -0,0 +1,19 @@
|
||||||
|
# $OpenBSD: keyscan.sh,v 1.3 2002/03/15 13:08:56 markus Exp $
|
||||||
|
# Placed in the Public Domain.
|
||||||
|
|
||||||
|
tid="keyscan"
|
||||||
|
|
||||||
|
# remove DSA hostkey
|
||||||
|
rm -f ${OBJ}/host.dsa
|
||||||
|
|
||||||
|
start_sshd
|
||||||
|
|
||||||
|
for t in rsa1 rsa dsa; do
|
||||||
|
trace "keyscan type $t"
|
||||||
|
${SSHKEYSCAN} -t $t -p $PORT 127.0.0.1 127.0.0.1 127.0.0.1 \
|
||||||
|
> /dev/null 2>&1
|
||||||
|
r=$?
|
||||||
|
if [ $r -ne 0 ]; then
|
||||||
|
fail "ssh-keyscan -t $t failed with: $r"
|
||||||
|
fi
|
||||||
|
done
|
|
@ -0,0 +1,19 @@
|
||||||
|
# $OpenBSD: proto-mismatch.sh,v 1.3 2002/03/15 13:08:56 markus Exp $
|
||||||
|
# Placed in the Public Domain.
|
||||||
|
|
||||||
|
tid="protocol version mismatch"
|
||||||
|
|
||||||
|
mismatch ()
|
||||||
|
{
|
||||||
|
server=$1
|
||||||
|
client=$2
|
||||||
|
banner=`echo ${client} | ${SSHD} -o "Protocol=${server}" -i -f ${OBJ}/sshd_proxy`
|
||||||
|
r=$?
|
||||||
|
trace "sshd prints ${banner}"
|
||||||
|
if [ $r -ne 255 ]; then
|
||||||
|
fail "sshd prints ${banner} and accepts connect with version ${client}"
|
||||||
|
fi
|
||||||
|
}
|
||||||
|
|
||||||
|
mismatch 2 SSH-1.5-HALLO
|
||||||
|
mismatch 1 SSH-2.0-HALLO
|
|
@ -0,0 +1,34 @@
|
||||||
|
# $OpenBSD: proto-version.sh,v 1.3 2002/03/15 13:08:56 markus Exp $
|
||||||
|
# Placed in the Public Domain.
|
||||||
|
|
||||||
|
tid="sshd version with different protocol combinations"
|
||||||
|
|
||||||
|
# we just start sshd in inetd mode and check the banner
|
||||||
|
check_version ()
|
||||||
|
{
|
||||||
|
version=$1
|
||||||
|
expect=$2
|
||||||
|
banner=`echo -n | ${SSHD} -o "Protocol=${version}" -i -f ${OBJ}/sshd_proxy`
|
||||||
|
case ${banner} in
|
||||||
|
SSH-1.99-*)
|
||||||
|
proto=199
|
||||||
|
;;
|
||||||
|
SSH-2.0-*)
|
||||||
|
proto=20
|
||||||
|
;;
|
||||||
|
SSH-1.5-*)
|
||||||
|
proto=15
|
||||||
|
;;
|
||||||
|
*)
|
||||||
|
proto=0
|
||||||
|
;;
|
||||||
|
esac
|
||||||
|
if [ ${expect} -ne ${proto} ]; then
|
||||||
|
fail "wrong protocol version ${banner} for ${version}"
|
||||||
|
fi
|
||||||
|
}
|
||||||
|
|
||||||
|
check_version 2,1 199
|
||||||
|
check_version 1,2 199
|
||||||
|
check_version 2 20
|
||||||
|
check_version 1 15
|
|
@ -0,0 +1,11 @@
|
||||||
|
# $OpenBSD: proxy-connect.sh,v 1.4 2002/03/15 13:08:56 markus Exp $
|
||||||
|
# Placed in the Public Domain.
|
||||||
|
|
||||||
|
tid="proxy connect"
|
||||||
|
|
||||||
|
for p in 1 2; do
|
||||||
|
${SSH} -$p -F $OBJ/ssh_proxy 999.999.999.999 true
|
||||||
|
if [ $? -ne 0 ]; then
|
||||||
|
fail "ssh proxyconnect protocol $p failed"
|
||||||
|
fi
|
||||||
|
done
|
|
@ -0,0 +1,15 @@
|
||||||
|
-----BEGIN RSA PRIVATE KEY-----
|
||||||
|
MIICWgIBAAKBgQDsilwKcaKN6wSMNd1WgQ9+HRqQEkD0kCTVttrazGu0OhBU3Uko
|
||||||
|
+dFD1Ip0CxdXmN25JQWxOYF7h/Ocu8P3jzv3RTX87xKR0YzlXTLX+SLtF/ySebS3
|
||||||
|
xWPrlfRUDhh03hR5V+8xxvvy9widPYKw/oItwGSueOsEq1LTczCDv2dAjQIDAQAB
|
||||||
|
An8nH5VzvHkMbSqJ6eOYDsVwomRvYbH5IEaYl1x6VATITNvAu9kUdQ4NsSpuMc+7
|
||||||
|
Jj9gKZvmO1y2YCKc0P/iO+i/eV0L+yQh1Rw18jQZll+12T+LZrKRav03YNvMx0gN
|
||||||
|
wqWY48Kt6hv2/N/ebQzKRe79+D0t2cTh92hT7xENFLIBAkEBGnoGKFjAUkJCwO1V
|
||||||
|
mzpUqMHpRZVOrqP9hUmPjzNJ5oBPFGe4+h1hoSRFOAzaNuZt8ssbqaLCkzB8bfzj
|
||||||
|
qhZqAQJBANZekuUpp8iBLeLSagw5FkcPwPzq6zfExbhvsZXb8Bo/4SflNs4JHXwI
|
||||||
|
7SD9Z8aJLvM4uQ/5M70lblDMQ40i3o0CQQDIJvBYBFL5tlOgakq/O7yi+wt0L5BZ
|
||||||
|
9H79w5rCSAA0IHRoK/qI1urHiHC3f3vbbLk5UStfrqEaND/mm0shyNIBAkBLsYdC
|
||||||
|
/ctt5Bc0wUGK4Vl5bBmj9LtrrMJ4FpBpLwj/69BwCuKoK9XKZ0h73p6XHveCEGRg
|
||||||
|
PIlFX4MtaoLrwgU9AkBV2k4dgIws+X8YX65EsyyFjnlDqX4x0nSOjQB1msIKfHBr
|
||||||
|
dh5XLDBTTCxnKhMJ0Yx/opgOvf09XHBFwaQntR5i
|
||||||
|
-----END RSA PRIVATE KEY-----
|
|
@ -0,0 +1 @@
|
||||||
|
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAAAgQDsilwKcaKN6wSMNd1WgQ9+HRqQEkD0kCTVttrazGu0OhBU3Uko+dFD1Ip0CxdXmN25JQWxOYF7h/Ocu8P3jzv3RTX87xKR0YzlXTLX+SLtF/ySebS3xWPrlfRUDhh03hR5V+8xxvvy9widPYKw/oItwGSueOsEq1LTczCDv2dAjQ==
|
|
@ -0,0 +1,16 @@
|
||||||
|
---- BEGIN SSH2 ENCRYPTED PRIVATE KEY ----
|
||||||
|
Subject: ssh-keygen test
|
||||||
|
Comment: "1024-bit rsa, Sat Jun 23 2001 12:21:26 -0400"
|
||||||
|
P2/56wAAAi4AAAA3aWYtbW9kbntzaWdue3JzYS1wa2NzMS1zaGExfSxlbmNyeXB0e3JzYS
|
||||||
|
1wa2NzMXYyLW9hZXB9fQAAAARub25lAAAB3wAAAdsAAAARAQABAAAD9icflXO8eQxtKonp
|
||||||
|
45gOxXCiZG9hsfkgRpiXXHpUBMhM28C72RR1Dg2xKm4xz7smP2Apm+Y7XLZgIpzQ/+I76L
|
||||||
|
95XQv7JCHVHDXyNBmWX7XZP4tmspFq/Tdg28zHSA3CpZjjwq3qG/b8395tDMpF7v34PS3Z
|
||||||
|
xOH3aFPvEQ0UsgEAAAQA7IpcCnGijesEjDXdVoEPfh0akBJA9JAk1bba2sxrtDoQVN1JKP
|
||||||
|
nRQ9SKdAsXV5jduSUFsTmBe4fznLvD948790U1/O8SkdGM5V0y1/ki7Rf8knm0t8Vj65X0
|
||||||
|
VA4YdN4UeVfvMcb78vcInT2CsP6CLcBkrnjrBKtS03Mwg79nQI0AAAH/VdpOHYCMLPl/GF
|
||||||
|
+uRLMshY55Q6l+MdJ0jo0AdZrCCnxwa3YeVywwU0wsZyoTCdGMf6KYDr39PVxwRcGkJ7Ue
|
||||||
|
YgAAAgDWXpLlKafIgS3i0moMORZHD8D86us3xMW4b7GV2/AaP+En5TbOCR18CO0g/WfGiS
|
||||||
|
7zOLkP+TO9JW5QzEONIt6NAAACAQEaegYoWMBSQkLA7VWbOlSowelFlU6uo/2FSY+PM0nm
|
||||||
|
gE8UZ7j6HWGhJEU4DNo25m3yyxuposKTMHxt/OOqFmoB
|
||||||
|
---- END SSH2 ENCRYPTED PRIVATE KEY ----
|
||||||
|
---
|
|
@ -0,0 +1,13 @@
|
||||||
|
#!/bin/sh
|
||||||
|
|
||||||
|
TEST_SSH_SSH=../ssh
|
||||||
|
TEST_SSH_SSHD=../sshd
|
||||||
|
TEST_SSH_SSHAGENT=../ssh-agent
|
||||||
|
TEST_SSH_SSHADD=../ssh-add
|
||||||
|
TEST_SSH_SSHKEYGEN=../ssh-keygen
|
||||||
|
TEST_SSH_SSHKEYSCAN=../ssh-keyscan
|
||||||
|
TEST_SSH_SFTP=../sftp
|
||||||
|
TEST_SSH_SFTPSERVER=../sftp-server
|
||||||
|
|
||||||
|
pmake
|
||||||
|
|
|
@ -0,0 +1,29 @@
|
||||||
|
# $OpenBSD: sftp.sh,v 1.2 2002/03/27 22:39:52 markus Exp $
|
||||||
|
# Placed in the Public Domain.
|
||||||
|
|
||||||
|
tid="basic sftp put/get"
|
||||||
|
|
||||||
|
DATA=/bin/ls
|
||||||
|
COPY=${OBJ}/copy
|
||||||
|
|
||||||
|
BUFFERSIZE="5 1000 32000 64000"
|
||||||
|
REQUESTS="1 2 10"
|
||||||
|
|
||||||
|
for B in ${BUFFERSIZE}; do
|
||||||
|
for R in ${REQUESTS}; do
|
||||||
|
verbose "test $tid: buffer_size $B num_requests $R"
|
||||||
|
rm -f ${COPY}.1 ${COPY}.2
|
||||||
|
${SFTP} -P ${SFTPSERVER} -B $B -R $R -b /dev/stdin \
|
||||||
|
> /dev/null 2>&1 << EOF
|
||||||
|
version
|
||||||
|
get $DATA ${COPY}.1
|
||||||
|
put $DATA ${COPY}.2
|
||||||
|
EOF
|
||||||
|
r=$?
|
||||||
|
if [ $r -ne 0 ]; then
|
||||||
|
fail "sftp failed with $r"
|
||||||
|
fi
|
||||||
|
cmp $DATA ${COPY}.1 || fail "corrupted copy after get"
|
||||||
|
cmp $DATA ${COPY}.2 || fail "corrupted copy after put"
|
||||||
|
done
|
||||||
|
done
|
|
@ -0,0 +1,127 @@
|
||||||
|
# $OpenBSD: ssh-com-client.sh,v 1.3 2002/04/10 08:45:30 markus Exp $
|
||||||
|
# Placed in the Public Domain.
|
||||||
|
|
||||||
|
tid="connect with ssh.com client"
|
||||||
|
|
||||||
|
#TEST_COMBASE=/path/to/ssh/com/binaries
|
||||||
|
if [ "X${TEST_COMBASE}" = "X" ]; then
|
||||||
|
fatal '$TEST_COMBASE is not set'
|
||||||
|
fi
|
||||||
|
|
||||||
|
VERSIONS="
|
||||||
|
2.1.0
|
||||||
|
2.2.0
|
||||||
|
2.3.0
|
||||||
|
2.3.1
|
||||||
|
2.4.0
|
||||||
|
3.0.0
|
||||||
|
3.1.0"
|
||||||
|
|
||||||
|
# 2.0.10 2.0.12 2.0.13 don't like the test setup
|
||||||
|
|
||||||
|
# setup authorized keys
|
||||||
|
SRC=`dirname ${SCRIPT}`
|
||||||
|
cp ${SRC}/dsa_ssh2.prv ${OBJ}/id.com
|
||||||
|
chmod 600 ${OBJ}/id.com
|
||||||
|
${SSHKEYGEN} -i -f ${OBJ}/id.com > $OBJ/id.openssh
|
||||||
|
chmod 600 ${OBJ}/id.openssh
|
||||||
|
${SSHKEYGEN} -y -f ${OBJ}/id.openssh > $OBJ/authorized_keys_$USER
|
||||||
|
${SSHKEYGEN} -e -f ${OBJ}/id.openssh > $OBJ/id.com.pub
|
||||||
|
echo IdKey ${OBJ}/id.com > ${OBJ}/id.list
|
||||||
|
|
||||||
|
# we need a DSA host key
|
||||||
|
t=dsa
|
||||||
|
rm -f ${OBJ}/$t ${OBJ}/$t.pub
|
||||||
|
${SSHKEYGEN} -q -N '' -t $t -f ${OBJ}/$t
|
||||||
|
$SUDO cp $OBJ/$t $OBJ/host.$t
|
||||||
|
echo HostKey $OBJ/host.$t >> $OBJ/sshd_config
|
||||||
|
|
||||||
|
# add hostkeys to known hosts
|
||||||
|
mkdir -p ${OBJ}/${USER}/hostkeys
|
||||||
|
HK=${OBJ}/${USER}/hostkeys/key_${PORT}_127.0.0.1
|
||||||
|
${SSHKEYGEN} -e -f ${OBJ}/rsa.pub > ${HK}.ssh-rsa.pub
|
||||||
|
${SSHKEYGEN} -e -f ${OBJ}/dsa.pub > ${HK}.ssh-dss.pub
|
||||||
|
|
||||||
|
cat > ${OBJ}/ssh2_config << EOF
|
||||||
|
*:
|
||||||
|
QuietMode yes
|
||||||
|
StrictHostKeyChecking yes
|
||||||
|
Port ${PORT}
|
||||||
|
User ${USER}
|
||||||
|
Host 127.0.0.1
|
||||||
|
IdentityFile ${OBJ}/id.list
|
||||||
|
RandomSeedFile ${OBJ}/random_seed
|
||||||
|
UserConfigDirectory ${OBJ}/%U
|
||||||
|
AuthenticationSuccessMsg no
|
||||||
|
BatchMode yes
|
||||||
|
ForwardX11 no
|
||||||
|
EOF
|
||||||
|
|
||||||
|
# we need a real server (no ProxyConnect option)
|
||||||
|
start_sshd
|
||||||
|
|
||||||
|
DATA=/bin/ls
|
||||||
|
COPY=${OBJ}/copy
|
||||||
|
rm -f ${COPY}
|
||||||
|
|
||||||
|
# go for it
|
||||||
|
for v in ${VERSIONS}; do
|
||||||
|
ssh2=${TEST_COMBASE}/${v}/ssh2
|
||||||
|
if [ ! -x ${ssh2} ]; then
|
||||||
|
continue
|
||||||
|
fi
|
||||||
|
verbose "ssh2 ${v}"
|
||||||
|
key=ssh-dss
|
||||||
|
skipcat=0
|
||||||
|
case $v in
|
||||||
|
2.1.*|2.3.0)
|
||||||
|
skipcat=1
|
||||||
|
;;
|
||||||
|
3.0.*)
|
||||||
|
key=ssh-rsa
|
||||||
|
;;
|
||||||
|
esac
|
||||||
|
cp ${HK}.$key.pub ${HK}.pub
|
||||||
|
|
||||||
|
# check exit status
|
||||||
|
${ssh2} -q -F ${OBJ}/ssh2_config somehost exit 42
|
||||||
|
r=$?
|
||||||
|
if [ $r -ne 42 ]; then
|
||||||
|
fail "ssh2 ${v} exit code test failed (got $r, expected 42)"
|
||||||
|
fi
|
||||||
|
|
||||||
|
# data transfer
|
||||||
|
rm -f ${COPY}
|
||||||
|
${ssh2} -F ${OBJ}/ssh2_config somehost cat ${DATA} > ${COPY}
|
||||||
|
if [ $? -ne 0 ]; then
|
||||||
|
fail "ssh2 ${v} cat test (receive) failed"
|
||||||
|
fi
|
||||||
|
cmp ${DATA} ${COPY} || fail "ssh2 ${v} cat test (receive) data mismatch"
|
||||||
|
|
||||||
|
# data transfer, again
|
||||||
|
if [ $skipcat -eq 0 ]; then
|
||||||
|
rm -f ${COPY}
|
||||||
|
cat ${DATA} | \
|
||||||
|
${ssh2} -F ${OBJ}/ssh2_config host "cat > ${COPY}"
|
||||||
|
if [ $? -ne 0 ]; then
|
||||||
|
fail "ssh2 ${v} cat test (send) failed"
|
||||||
|
fi
|
||||||
|
cmp ${DATA} ${COPY} || \
|
||||||
|
fail "ssh2 ${v} cat test (send) data mismatch"
|
||||||
|
fi
|
||||||
|
|
||||||
|
# no stderr after eof
|
||||||
|
rm -f ${COPY}
|
||||||
|
${ssh2} -F ${OBJ}/ssh2_config somehost \
|
||||||
|
exec sh -c \'"exec > /dev/null; sleep 1; echo bla 1>&2; exit 0"\' \
|
||||||
|
2> /dev/null
|
||||||
|
if [ $? -ne 0 ]; then
|
||||||
|
fail "ssh2 ${v} stderr test failed"
|
||||||
|
fi
|
||||||
|
done
|
||||||
|
|
||||||
|
rm -rf ${OBJ}/${USER}
|
||||||
|
for i in ssh2_config random_seed dsa.pub dsa host.dsa \
|
||||||
|
id.list id.com id.com.pub id.openssh; do
|
||||||
|
rm -f ${OBJ}/$i
|
||||||
|
done
|
|
@ -0,0 +1,67 @@
|
||||||
|
# $OpenBSD: ssh-com-keygen.sh,v 1.1 2002/03/27 22:40:27 markus Exp $
|
||||||
|
# Placed in the Public Domain.
|
||||||
|
|
||||||
|
tid="ssh.com key import"
|
||||||
|
|
||||||
|
#TEST_COMBASE=/path/to/ssh/com/binaries
|
||||||
|
if [ "X${TEST_COMBASE}" = "X" ]; then
|
||||||
|
fatal '$TEST_COMBASE is not set'
|
||||||
|
fi
|
||||||
|
|
||||||
|
VERSIONS="
|
||||||
|
2.0.10
|
||||||
|
2.0.12
|
||||||
|
2.0.13
|
||||||
|
2.1.0
|
||||||
|
2.2.0
|
||||||
|
2.3.0
|
||||||
|
2.3.1
|
||||||
|
2.4.0
|
||||||
|
3.0.0
|
||||||
|
3.1.0"
|
||||||
|
|
||||||
|
COMPRV=${OBJ}/comkey
|
||||||
|
COMPUB=${COMPRV}.pub
|
||||||
|
OPENSSHPRV=${OBJ}/opensshkey
|
||||||
|
OPENSSHPUB=${OPENSSHPRV}.pub
|
||||||
|
|
||||||
|
# go for it
|
||||||
|
for v in ${VERSIONS}; do
|
||||||
|
keygen=${TEST_COMBASE}/${v}/ssh-keygen2
|
||||||
|
if [ ! -x ${keygen} ]; then
|
||||||
|
continue
|
||||||
|
fi
|
||||||
|
types="dss"
|
||||||
|
case $v in
|
||||||
|
2.3.1|3.*)
|
||||||
|
types="$types rsa"
|
||||||
|
;;
|
||||||
|
esac
|
||||||
|
for t in $types; do
|
||||||
|
verbose "ssh-keygen $v/$t"
|
||||||
|
rm -f $COMPRV $COMPUB $OPENSSHPRV $OPENSSHPUB
|
||||||
|
${keygen} -q -P -t $t ${COMPRV} > /dev/null 2>&1
|
||||||
|
if [ $? -ne 0 ]; then
|
||||||
|
fail "${keygen} -t $t failed"
|
||||||
|
continue
|
||||||
|
fi
|
||||||
|
${SSHKEYGEN} -if ${COMPUB} > ${OPENSSHPUB}
|
||||||
|
if [ $? -ne 0 ]; then
|
||||||
|
fail "import public key ($v/$t) failed"
|
||||||
|
continue
|
||||||
|
fi
|
||||||
|
${SSHKEYGEN} -if ${COMPRV} > ${OPENSSHPRV}
|
||||||
|
if [ $? -ne 0 ]; then
|
||||||
|
fail "import private key ($v/$t) failed"
|
||||||
|
continue
|
||||||
|
fi
|
||||||
|
chmod 600 ${OPENSSHPRV}
|
||||||
|
${SSHKEYGEN} -yf ${OPENSSHPRV} |\
|
||||||
|
diff - ${OPENSSHPUB}
|
||||||
|
if [ $? -ne 0 ]; then
|
||||||
|
fail "public keys ($v/$t) differ"
|
||||||
|
fi
|
||||||
|
done
|
||||||
|
done
|
||||||
|
|
||||||
|
rm -f $COMPRV $COMPUB $OPENSSHPRV $OPENSSHPUB
|
|
@ -0,0 +1,54 @@
|
||||||
|
# $OpenBSD: ssh-com-sftp.sh,v 1.2 2002/04/10 08:45:30 markus Exp $
|
||||||
|
# Placed in the Public Domain.
|
||||||
|
|
||||||
|
tid="basic sftp put/get with ssh.com server"
|
||||||
|
|
||||||
|
DATA=/bin/ls
|
||||||
|
COPY=${OBJ}/copy
|
||||||
|
|
||||||
|
BUFFERSIZE="5 1000 32000 64000"
|
||||||
|
REQUESTS="1 2 10"
|
||||||
|
|
||||||
|
#TEST_COMBASE=/path/to/ssh/com/binaries
|
||||||
|
if [ "X${TEST_COMBASE}" = "X" ]; then
|
||||||
|
fatal '$TEST_COMBASE is not set'
|
||||||
|
fi
|
||||||
|
|
||||||
|
VERSIONS="
|
||||||
|
2.0.10
|
||||||
|
2.0.12
|
||||||
|
2.0.13
|
||||||
|
2.1.0
|
||||||
|
2.2.0
|
||||||
|
2.3.0
|
||||||
|
2.3.1
|
||||||
|
2.4.0
|
||||||
|
3.0.0
|
||||||
|
3.1.0"
|
||||||
|
|
||||||
|
# go for it
|
||||||
|
for v in ${VERSIONS}; do
|
||||||
|
server=${TEST_COMBASE}/${v}/sftp-server2
|
||||||
|
if [ ! -x ${server} ]; then
|
||||||
|
continue
|
||||||
|
fi
|
||||||
|
verbose "sftp-server $v"
|
||||||
|
for B in ${BUFFERSIZE}; do
|
||||||
|
for R in ${REQUESTS}; do
|
||||||
|
verbose "test $tid: buffer_size $B num_requests $R"
|
||||||
|
rm -f ${COPY}.1 ${COPY}.2
|
||||||
|
${SFTP} -P ${server} -B $B -R $R -b /dev/stdin \
|
||||||
|
> /dev/null 2>&1 << EOF
|
||||||
|
version
|
||||||
|
get $DATA ${COPY}.1
|
||||||
|
put $DATA ${COPY}.2
|
||||||
|
EOF
|
||||||
|
r=$?
|
||||||
|
if [ $r -ne 0 ]; then
|
||||||
|
fail "sftp failed with $r"
|
||||||
|
fi
|
||||||
|
cmp $DATA ${COPY}.1 || fail "corrupted copy after get"
|
||||||
|
cmp $DATA ${COPY}.2 || fail "corrupted copy after put"
|
||||||
|
done
|
||||||
|
done
|
||||||
|
done
|
|
@ -0,0 +1,112 @@
|
||||||
|
# $OpenBSD: ssh-com.sh,v 1.3 2002/03/15 13:08:56 markus Exp $
|
||||||
|
# Placed in the Public Domain.
|
||||||
|
|
||||||
|
tid="connect to ssh.com server"
|
||||||
|
|
||||||
|
#TEST_COMBASE=/path/to/ssh/com/binaries
|
||||||
|
if [ "X${TEST_COMBASE}" = "X" ]; then
|
||||||
|
fatal '$TEST_COMBASE is not set'
|
||||||
|
fi
|
||||||
|
|
||||||
|
VERSIONS="
|
||||||
|
2.0.12
|
||||||
|
2.0.13
|
||||||
|
2.1.0
|
||||||
|
2.2.0
|
||||||
|
2.3.0
|
||||||
|
2.3.1
|
||||||
|
2.4.0
|
||||||
|
3.0.0
|
||||||
|
3.1.0"
|
||||||
|
# 2.0.10 does not support UserConfigDirectory
|
||||||
|
|
||||||
|
SRC=`dirname ${SCRIPT}`
|
||||||
|
|
||||||
|
# ssh.com
|
||||||
|
cat << EOF > $OBJ/sshd2_config
|
||||||
|
*:
|
||||||
|
# Port and ListenAdress are not used.
|
||||||
|
QuietMode yes
|
||||||
|
Port 4343
|
||||||
|
ListenAddress 127.0.0.1
|
||||||
|
UserConfigDirectory ${OBJ}/%U
|
||||||
|
Ciphers AnyCipher
|
||||||
|
PubKeyAuthentication yes
|
||||||
|
#AllowedAuthentications publickey
|
||||||
|
AuthorizationFile authorization
|
||||||
|
HostKeyFile ${SRC}/dsa_ssh2.prv
|
||||||
|
PublicHostKeyFile ${SRC}/dsa_ssh2.pub
|
||||||
|
RandomSeedFile ${OBJ}/random_seed
|
||||||
|
MaxConnections 0
|
||||||
|
PermitRootLogin yes
|
||||||
|
VerboseMode no
|
||||||
|
CheckMail no
|
||||||
|
Ssh1Compatibility no
|
||||||
|
EOF
|
||||||
|
|
||||||
|
# create client config
|
||||||
|
sed "s/HostKeyAlias.*/HostKeyAlias ssh2-localhost-with-alias/" \
|
||||||
|
< $OBJ/ssh_config > $OBJ/ssh_config_com
|
||||||
|
|
||||||
|
# we need a DSA key for
|
||||||
|
rm -f ${OBJ}/dsa ${OBJ}/dsa.pub
|
||||||
|
${SSHKEYGEN} -q -N '' -t dsa -f ${OBJ}/dsa
|
||||||
|
|
||||||
|
# setup userdir, try rsa first
|
||||||
|
mkdir -p ${OBJ}/${USER}
|
||||||
|
cp /dev/null ${OBJ}/${USER}/authorization
|
||||||
|
for t in rsa dsa; do
|
||||||
|
${SSHKEYGEN} -e -f ${OBJ}/$t.pub > ${OBJ}/${USER}/$t.com
|
||||||
|
echo Key $t.com >> ${OBJ}/${USER}/authorization
|
||||||
|
echo IdentityFile ${OBJ}/$t >> ${OBJ}/ssh_config_com
|
||||||
|
done
|
||||||
|
|
||||||
|
# convert and append DSA hostkey
|
||||||
|
(
|
||||||
|
echo -n 'ssh2-localhost-with-alias,127.0.0.1,::1 '
|
||||||
|
${SSHKEYGEN} -if ${SRC}/dsa_ssh2.pub
|
||||||
|
) >> $OBJ/known_hosts
|
||||||
|
|
||||||
|
# go for it
|
||||||
|
for v in ${VERSIONS}; do
|
||||||
|
sshd2=${TEST_COMBASE}/${v}/sshd2
|
||||||
|
if [ ! -x ${sshd2} ]; then
|
||||||
|
continue
|
||||||
|
fi
|
||||||
|
trace "sshd2 ${v}"
|
||||||
|
PROXY="proxycommand ${sshd2} -qif ${OBJ}/sshd2_config 2> /dev/null"
|
||||||
|
${SSH} -qF ${OBJ}/ssh_config_com -o "${PROXY}" dummy exit 0
|
||||||
|
if [ $? -ne 0 ]; then
|
||||||
|
fail "ssh connect to sshd2 ${v} failed"
|
||||||
|
fi
|
||||||
|
|
||||||
|
ciphers="3des-cbc blowfish-cbc arcfour"
|
||||||
|
macs="hmac-md5"
|
||||||
|
case $v in
|
||||||
|
2.4.*)
|
||||||
|
ciphers="$ciphers cast128-cbc"
|
||||||
|
macs="$macs hmac-sha1 hmac-sha1-96 hmac-md5-96"
|
||||||
|
;;
|
||||||
|
3.*)
|
||||||
|
ciphers="$ciphers aes128-cbc cast128-cbc"
|
||||||
|
macs="$macs hmac-sha1 hmac-sha1-96 hmac-md5-96"
|
||||||
|
;;
|
||||||
|
esac
|
||||||
|
#ciphers="3des-cbc"
|
||||||
|
for m in $macs; do
|
||||||
|
for c in $ciphers; do
|
||||||
|
trace "sshd2 ${v} cipher $c mac $m"
|
||||||
|
verbose "test ${tid}: sshd2 ${v} cipher $c mac $m"
|
||||||
|
${SSH} -c $c -m $m -qF ${OBJ}/ssh_config_com -o "${PROXY}" dummy exit 0
|
||||||
|
if [ $? -ne 0 ]; then
|
||||||
|
fail "ssh connect to sshd2 ${v} with $c/$m failed"
|
||||||
|
fi
|
||||||
|
done
|
||||||
|
done
|
||||||
|
done
|
||||||
|
|
||||||
|
rm -rf ${OBJ}/${USER}
|
||||||
|
for i in sshd_config_proxy ssh_config_proxy random_seed \
|
||||||
|
sshd2_config dsa.pub dsa ssh_config_com; do
|
||||||
|
rm -f ${OBJ}/$i
|
||||||
|
done
|
|
@ -0,0 +1,30 @@
|
||||||
|
# $OpenBSD: stderr-after-eof.sh,v 1.1 2002/03/23 16:38:09 markus Exp $
|
||||||
|
# Placed in the Public Domain.
|
||||||
|
|
||||||
|
tid="stderr data after eof"
|
||||||
|
|
||||||
|
DATA=/etc/motd
|
||||||
|
DATA=${OBJ}/data
|
||||||
|
COPY=${OBJ}/copy
|
||||||
|
|
||||||
|
MD5=md5sum
|
||||||
|
|
||||||
|
# setup data
|
||||||
|
rm -f ${DATA} ${COPY}
|
||||||
|
cp /dev/null ${DATA}
|
||||||
|
for i in 1 2 3 4 5 6; do
|
||||||
|
(date;echo $i) | $MD5 >> ${DATA}
|
||||||
|
done
|
||||||
|
|
||||||
|
${SSH} -2 -F $OBJ/ssh_proxy otherhost \
|
||||||
|
exec sh -c \'"exec > /dev/null; sleep 2; cat ${DATA} 1>&2 $s"\' \
|
||||||
|
2> ${COPY}
|
||||||
|
r=$?
|
||||||
|
if [ $r -ne 0 ]; then
|
||||||
|
fail "ssh failed with exit code $r"
|
||||||
|
fi
|
||||||
|
egrep 'Disconnecting: Received extended_data after EOF' ${COPY} &&
|
||||||
|
fail "ext data received after eof"
|
||||||
|
cmp ${DATA} ${COPY} || fail "stderr corrupt"
|
||||||
|
|
||||||
|
rm -f ${DATA} ${COPY}
|
|
@ -0,0 +1,33 @@
|
||||||
|
# $OpenBSD: stderr-data.sh,v 1.2 2002/03/27 22:39:52 markus Exp $
|
||||||
|
# Placed in the Public Domain.
|
||||||
|
|
||||||
|
tid="stderr data transfer"
|
||||||
|
|
||||||
|
DATA=/bin/ls
|
||||||
|
COPY=${OBJ}/copy
|
||||||
|
rm -f ${COPY}
|
||||||
|
|
||||||
|
for n in '' -n; do
|
||||||
|
for p in 1 2; do
|
||||||
|
verbose "test $tid: proto $p ($n)"
|
||||||
|
${SSH} $n -$p -F $OBJ/ssh_proxy otherhost \
|
||||||
|
exec sh -c \'"exec > /dev/null; sleep 3; cat ${DATA} 1>&2 $s"\' \
|
||||||
|
2> ${COPY}
|
||||||
|
r=$?
|
||||||
|
if [ $r -ne 0 ]; then
|
||||||
|
fail "ssh failed with exit code $r"
|
||||||
|
fi
|
||||||
|
cmp ${DATA} ${COPY} || fail "stderr corrupt"
|
||||||
|
rm -f ${COPY}
|
||||||
|
|
||||||
|
${SSH} $n -$p -F $OBJ/ssh_proxy otherhost \
|
||||||
|
exec sh -c \'"echo a; exec > /dev/null; sleep 3; cat ${DATA} 1>&2 $s"\' \
|
||||||
|
> /dev/null 2> ${COPY}
|
||||||
|
r=$?
|
||||||
|
if [ $r -ne 0 ]; then
|
||||||
|
fail "ssh failed with exit code $r"
|
||||||
|
fi
|
||||||
|
cmp ${DATA} ${COPY} || fail "stderr corrupt"
|
||||||
|
rm -f ${COPY}
|
||||||
|
done
|
||||||
|
done
|
|
@ -0,0 +1 @@
|
||||||
|
3b:dd:44:e9:49:18:84:95:f1:e7:33:6b:9d:93:b1:36
|
|
@ -0,0 +1 @@
|
||||||
|
xokes-lylis-byleh-zebib-kalus-bihas-tevah-haroz-suhar-foved-noxex
|
|
@ -0,0 +1,224 @@
|
||||||
|
# $OpenBSD: test-exec.sh,v 1.14 2002/04/15 15:19:48 markus Exp $
|
||||||
|
# Placed in the Public Domain.
|
||||||
|
|
||||||
|
PORT=4242
|
||||||
|
USER=`id -un`
|
||||||
|
SUDO=
|
||||||
|
#SUDO=sudo
|
||||||
|
|
||||||
|
OBJ=$1
|
||||||
|
if [ "x$OBJ" = "x" ]; then
|
||||||
|
echo '$OBJ not defined'
|
||||||
|
exit 2
|
||||||
|
fi
|
||||||
|
if [ ! -d $OBJ ]; then
|
||||||
|
echo "not a directory: $OBJ"
|
||||||
|
exit 2
|
||||||
|
fi
|
||||||
|
SCRIPT=$2
|
||||||
|
if [ "x$SCRIPT" = "x" ]; then
|
||||||
|
echo '$SCRIPT not defined'
|
||||||
|
exit 2
|
||||||
|
fi
|
||||||
|
if [ ! -f $SCRIPT ]; then
|
||||||
|
echo "not a file: $SCRIPT"
|
||||||
|
exit 2
|
||||||
|
fi
|
||||||
|
if sh -n $SCRIPT; then
|
||||||
|
true
|
||||||
|
else
|
||||||
|
echo "syntax error in $SCRIPT"
|
||||||
|
exit 2
|
||||||
|
fi
|
||||||
|
unset SSH_AUTH_SOCK
|
||||||
|
|
||||||
|
# defaults
|
||||||
|
SSH=ssh
|
||||||
|
SSHD=sshd
|
||||||
|
SSHAGENT=ssh-agent
|
||||||
|
SSHADD=ssh-add
|
||||||
|
SSHKEYGEN=ssh-keygen
|
||||||
|
SSHKEYSCAN=ssh-keyscan
|
||||||
|
SFTP=sftp
|
||||||
|
SFTPSERVER=/usr/libexec/openssh/sftp-server
|
||||||
|
|
||||||
|
if [ "x$TEST_SSH_SSH" != "x" ]; then
|
||||||
|
SSH=${TEST_SSH_SSH}
|
||||||
|
fi
|
||||||
|
if [ "x$TEST_SSH_SSHD" != "x" ]; then
|
||||||
|
SSHD=${TEST_SSH_SSHD}
|
||||||
|
fi
|
||||||
|
if [ "x$TEST_SSH_SSHAGENT" != "x" ]; then
|
||||||
|
SSHAGENT=${TEST_SSH_SSHAGENT}
|
||||||
|
fi
|
||||||
|
if [ "x$TEST_SSH_SSHADD" != "x" ]; then
|
||||||
|
SSHADD=${TEST_SSH_SSHADD}
|
||||||
|
fi
|
||||||
|
if [ "x$TEST_SSH_SSHKEYGEN" != "x" ]; then
|
||||||
|
SSHKEYGEN=${TEST_SSH_SSHKEYGEN}
|
||||||
|
fi
|
||||||
|
if [ "x$TEST_SSH_SSHKEYSCAN" != "x" ]; then
|
||||||
|
SSHKEYSCAN=${TEST_SSH_SSHKEYSCAN}
|
||||||
|
fi
|
||||||
|
if [ "x$TEST_SSH_SFTP" != "x" ]; then
|
||||||
|
SFTP=${TEST_SSH_SFTP}
|
||||||
|
fi
|
||||||
|
if [ "x$TEST_SSH_SFTPSERVER" != "x" ]; then
|
||||||
|
SFTPSERVER=${TEST_SSH_SFTPSERVER}
|
||||||
|
fi
|
||||||
|
|
||||||
|
# these should be used in tests
|
||||||
|
export SSH SSHD SSHAGENT SSHADD SSHKEYGEN SSHKEYSCAN SFTP SFTPSERVER
|
||||||
|
#echo $SSH $SSHD $SSHAGENT $SSHADD $SSHKEYGEN $SSHKEYSCAN $SFTP $SFTPSERVER
|
||||||
|
|
||||||
|
# helper
|
||||||
|
cleanup ()
|
||||||
|
{
|
||||||
|
if [ -f $PIDFILE ]; then
|
||||||
|
pid=`cat $PIDFILE`
|
||||||
|
if [ "X$pid" = "X" ]; then
|
||||||
|
echo no sshd running
|
||||||
|
else
|
||||||
|
if [ $pid -lt 2 ]; then
|
||||||
|
echo bad pid for ssd: $pid
|
||||||
|
else
|
||||||
|
$SUDO kill $pid
|
||||||
|
fi
|
||||||
|
fi
|
||||||
|
fi
|
||||||
|
}
|
||||||
|
|
||||||
|
trace ()
|
||||||
|
{
|
||||||
|
if [ "X$TEST_SSH_TRACE" = "Xyes" ]; then
|
||||||
|
echo "$@"
|
||||||
|
fi
|
||||||
|
}
|
||||||
|
|
||||||
|
verbose ()
|
||||||
|
{
|
||||||
|
if [ "X$TEST_SSH_QUIET" != "Xyes" ]; then
|
||||||
|
echo "$@"
|
||||||
|
fi
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
|
fail ()
|
||||||
|
{
|
||||||
|
RESULT=1
|
||||||
|
echo "$@"
|
||||||
|
}
|
||||||
|
|
||||||
|
fatal ()
|
||||||
|
{
|
||||||
|
echo -n "FATAL: "
|
||||||
|
fail "$@"
|
||||||
|
cleanup
|
||||||
|
exit $RESULT
|
||||||
|
}
|
||||||
|
|
||||||
|
RESULT=0
|
||||||
|
PIDFILE=$OBJ/pidfile
|
||||||
|
|
||||||
|
trap fatal 3 2
|
||||||
|
|
||||||
|
# create server config
|
||||||
|
cat << EOF > $OBJ/sshd_config
|
||||||
|
Port $PORT
|
||||||
|
ListenAddress 127.0.0.1
|
||||||
|
#ListenAddress ::1
|
||||||
|
PidFile $PIDFILE
|
||||||
|
AuthorizedKeysFile $OBJ/authorized_keys_%u
|
||||||
|
LogLevel QUIET
|
||||||
|
EOF
|
||||||
|
|
||||||
|
# server config for proxy connects
|
||||||
|
cp $OBJ/sshd_config $OBJ/sshd_proxy
|
||||||
|
|
||||||
|
# allow group-writable directories in proxy-mode
|
||||||
|
echo 'StrictModes no' >> $OBJ/sshd_proxy
|
||||||
|
|
||||||
|
# create client config
|
||||||
|
cat << EOF > $OBJ/ssh_config
|
||||||
|
Host *
|
||||||
|
Hostname 127.0.0.1
|
||||||
|
HostKeyAlias localhost-with-alias
|
||||||
|
Port $PORT
|
||||||
|
User $USER
|
||||||
|
GlobalKnownHostsFile $OBJ/known_hosts
|
||||||
|
UserKnownHostsFile $OBJ/known_hosts
|
||||||
|
RSAAuthentication yes
|
||||||
|
PubkeyAuthentication yes
|
||||||
|
ChallengeResponseAuthentication no
|
||||||
|
HostbasedAuthentication no
|
||||||
|
PasswordAuthentication no
|
||||||
|
RhostsAuthentication no
|
||||||
|
RhostsRSAAuthentication no
|
||||||
|
BatchMode yes
|
||||||
|
StrictHostKeyChecking yes
|
||||||
|
EOF
|
||||||
|
|
||||||
|
rm -f $OBJ/known_hosts $OBJ/authorized_keys_$USER
|
||||||
|
|
||||||
|
trace "generate keys"
|
||||||
|
for t in rsa rsa1; do
|
||||||
|
# generate user key
|
||||||
|
rm -f $OBJ/$t
|
||||||
|
${SSHKEYGEN} -q -N '' -t $t -f $OBJ/$t ||\
|
||||||
|
fail "ssh-keygen for $t failed"
|
||||||
|
|
||||||
|
# known hosts file for client
|
||||||
|
(
|
||||||
|
echo -n 'localhost-with-alias,127.0.0.1,::1 '
|
||||||
|
cat $OBJ/$t.pub
|
||||||
|
) >> $OBJ/known_hosts
|
||||||
|
|
||||||
|
# setup authorized keys
|
||||||
|
cat $OBJ/$t.pub >> $OBJ/authorized_keys_$USER
|
||||||
|
echo IdentityFile $OBJ/$t >> $OBJ/ssh_config
|
||||||
|
|
||||||
|
# use key as host key, too
|
||||||
|
$SUDO cp $OBJ/$t $OBJ/host.$t
|
||||||
|
echo HostKey $OBJ/host.$t >> $OBJ/sshd_config
|
||||||
|
|
||||||
|
# don't use SUDO for proxy connect
|
||||||
|
echo HostKey $OBJ/$t >> $OBJ/sshd_proxy
|
||||||
|
done
|
||||||
|
chmod 644 $OBJ/authorized_keys_$USER
|
||||||
|
|
||||||
|
# create a proxy version of the client config
|
||||||
|
(
|
||||||
|
cat $OBJ/ssh_config
|
||||||
|
echo proxycommand ${SSHD} -i -f $OBJ/sshd_proxy
|
||||||
|
) > $OBJ/ssh_proxy
|
||||||
|
|
||||||
|
# check proxy config
|
||||||
|
${SSHD} -t -f $OBJ/sshd_proxy || fatal "sshd_proxy broken"
|
||||||
|
|
||||||
|
start_sshd ()
|
||||||
|
{
|
||||||
|
# start sshd
|
||||||
|
$SUDO ${SSHD} -f $OBJ/sshd_config -t || fatal "sshd_config broken"
|
||||||
|
$SUDO ${SSHD} -f $OBJ/sshd_config
|
||||||
|
|
||||||
|
trace "wait for sshd"
|
||||||
|
i=0;
|
||||||
|
while [ ! -f $PIDFILE -a $i -lt 5 ]; do
|
||||||
|
i=`expr $i + 1`
|
||||||
|
sleep $i
|
||||||
|
done
|
||||||
|
|
||||||
|
test -f $PIDFILE || fatal "no sshd running on port $PORT"
|
||||||
|
}
|
||||||
|
|
||||||
|
# source test body
|
||||||
|
. $SCRIPT
|
||||||
|
|
||||||
|
# kill sshd
|
||||||
|
cleanup
|
||||||
|
if [ $RESULT -eq 0 ]; then
|
||||||
|
verbose ok $tid
|
||||||
|
else
|
||||||
|
echo failed $tid
|
||||||
|
fi
|
||||||
|
exit $RESULT
|
|
@ -0,0 +1,29 @@
|
||||||
|
# $OpenBSD: transfer.sh,v 1.1 2002/03/27 00:03:37 markus Exp $
|
||||||
|
# Placed in the Public Domain.
|
||||||
|
|
||||||
|
tid="transfer data"
|
||||||
|
|
||||||
|
DATA=/bin/ls
|
||||||
|
COPY=${OBJ}/copy
|
||||||
|
|
||||||
|
for p in 1 2; do
|
||||||
|
verbose "$tid: proto $p"
|
||||||
|
rm -f ${COPY}
|
||||||
|
${SSH} -n -q -$p -F $OBJ/ssh_proxy somehost cat ${DATA} > ${COPY}
|
||||||
|
if [ $? -ne 0 ]; then
|
||||||
|
fail "ssh cat $DATA failed"
|
||||||
|
fi
|
||||||
|
cmp ${DATA} ${COPY} || fail "corrupted copy"
|
||||||
|
|
||||||
|
for s in 10 100 1k 32k 64k 128k 256k; do
|
||||||
|
trace "proto $p dd-size ${s}"
|
||||||
|
rm -f ${COPY}
|
||||||
|
dd if=$DATA obs=${s} 2> /dev/null | \
|
||||||
|
${SSH} -q -$p -F $OBJ/ssh_proxy somehost "cat > ${COPY}"
|
||||||
|
if [ $? -ne 0 ]; then
|
||||||
|
fail "ssh cat $DATA failed"
|
||||||
|
fi
|
||||||
|
cmp $DATA ${COPY} || fail "corrupted copy"
|
||||||
|
done
|
||||||
|
done
|
||||||
|
rm -f ${COPY}
|
|
@ -0,0 +1,29 @@
|
||||||
|
# $OpenBSD: try-ciphers.sh,v 1.7 2002/04/03 09:30:01 markus Exp $
|
||||||
|
# Placed in the Public Domain.
|
||||||
|
|
||||||
|
tid="try ciphers"
|
||||||
|
|
||||||
|
ciphers="aes128-cbc 3des-cbc blowfish-cbc cast128-cbc arcfour
|
||||||
|
aes192-cbc aes256-cbc rijndael-cbc@lysator.liu.se"
|
||||||
|
macs="hmac-sha1 hmac-md5 hmac-sha1-96 hmac-md5-96"
|
||||||
|
|
||||||
|
for c in $ciphers; do
|
||||||
|
for m in $macs; do
|
||||||
|
trace "proto 2 cipher $c mac $m"
|
||||||
|
verbose "test $tid: proto 2 cipher $c mac $m"
|
||||||
|
${SSH} -F $OBJ/ssh_proxy -2 -m $m -c $c somehost true
|
||||||
|
if [ $? -ne 0 ]; then
|
||||||
|
fail "ssh -2 failed with mac $m cipher $c"
|
||||||
|
fi
|
||||||
|
done
|
||||||
|
done
|
||||||
|
|
||||||
|
ciphers="3des blowfish"
|
||||||
|
for c in $ciphers; do
|
||||||
|
trace "proto 1 cipher $c"
|
||||||
|
verbose "test $tid: proto 1 cipher $c"
|
||||||
|
${SSH} -F $OBJ/ssh_proxy -1 -c $c somehost true
|
||||||
|
if [ $? -ne 0 ]; then
|
||||||
|
fail "ssh -1 failed with cipher $c"
|
||||||
|
fi
|
||||||
|
done
|
|
@ -0,0 +1,15 @@
|
||||||
|
# $OpenBSD: yes-head.sh,v 1.4 2002/03/15 13:08:56 markus Exp $
|
||||||
|
# Placed in the Public Domain.
|
||||||
|
|
||||||
|
tid="yes pipe head"
|
||||||
|
|
||||||
|
for p in 1 2; do
|
||||||
|
lines=`${SSH} -$p -F $OBJ/ssh_proxy thishost 'yes | head -2000' | (sleep 3 ; wc -l)`
|
||||||
|
if [ $? -ne 0 ]; then
|
||||||
|
fail "yes|head test failed"
|
||||||
|
lines = 0;
|
||||||
|
fi
|
||||||
|
if [ $lines -ne 2000 ]; then
|
||||||
|
fail "yes|head returns $lines lines instead of 2000"
|
||||||
|
fi
|
||||||
|
done
|
Загрузка…
Ссылка в новой задаче