• Home
  • Line#
  • Scopes#
  • Navigate#
  • Raw
  • Download
1#!/bin/sh
2# SPDX-License-Identifier: GPL-2.0-or-later
3# Copyright (c) 2021 Joerg Vehlow <joerg.vehlow@aox-tech.de>
4# Copyright (c) 2015 Oracle and/or its affiliates. All Rights Reserved.
5# Copyright (c) International Business Machines Corp., 2005
6# Author: Mitsuru Chinen <mitch@jp.ibm.com>
7
8TST_CLEANUP="cleanup"
9TST_SETUP="setup"
10TST_TESTFUNC="test"
11TST_CNT=3
12TST_NEEDS_ROOT=1
13TST_NEEDS_TMPDIR=1
14TST_NEEDS_CMDS="sshd ssh ssh-keygen od pkill pgrep"
15
16
17# SSH config file on the remote host
18RHOST_SSH_CONF=
19# SSH command to connect from the remote host to the test host
20RHOST_SSH=
21# Processes started on the remote host, killed at cleanup
22RHOST_PIDS=
23# Netstress process started on the test host, killed at cleanup
24NETSTRESS_PID=
25
26cleanup()
27{
28	local pids
29
30	# Stop the ssh daemon
31	[ -s sshd.pid ] && kill $(cat sshd.pid)
32	[ -n "$NETSTRESS_PID" ] && kill -INT $NETSTRESS_PID >/dev/null 2>&1
33
34	[ -n "$RHOST_PIDS" ] && tst_rhost_run -c "kill $RHOST_PIDS" >/dev/null 2>&1
35
36	# Kill all remaining ssh processes
37	[ -n "$RHOST_SSH_CONF" ] && tst_rhost_run -c "pkill -f '^ssh $RHOST_SSH_CONF'"
38}
39
40setup()
41{
42	local port rc
43
44
45	port=$(tst_rhost_run -c "tst_get_unused_port ipv${TST_IPVER} stream")
46
47	cat << EOF > sshd_config
48Port $port
49ListenAddress $(tst_ipaddr)
50PermitRootLogin yes
51AuthorizedKeysFile $TST_TMPDIR/authorized_keys
52PasswordAuthentication no
53AllowTcpForwarding yes
54TCPKeepAlive yes
55UseDNS no
56StrictModes no
57PidFile $TST_TMPDIR/sshd.pid
58HostKey $TST_TMPDIR/ssh_host_rsa_key
59HostKey $TST_TMPDIR/ssh_host_ecdsa_key
60HostKey $TST_TMPDIR/ssh_host_ed25519_key
61EOF
62
63	ssh-keygen -q -N "" -t rsa -b 4096 -f $TST_TMPDIR/ssh_host_rsa_key
64	ssh-keygen -q -N "" -t ecdsa -f $TST_TMPDIR/ssh_host_ecdsa_key
65	ssh-keygen -q -N "" -t ed25519 -f $TST_TMPDIR/ssh_host_ed25519_key
66
67	tst_res TINFO "Generate configuration file and key at the remote host"
68	tst_rhost_run -s -c "ssh-keygen -t rsa -N \"\" -f $TST_TMPDIR/id_rsa \
69		>/dev/null"
70
71	RHOST_SSH_CONF=$TST_TMPDIR/ssh_config
72
73	tst_rhost_run -s -c "printf \"\
74Port $port\n\
75StrictHostKeyChecking no\n\
76PasswordAuthentication no\n\
77ExitOnForwardFailure yes\n\
78UserKnownHostsFile $TST_TMPDIR/known_hosts\n\
79IdentityFile $TST_TMPDIR/id_rsa\n\" > $RHOST_SSH_CONF"
80
81	tst_res TINFO "Generate authorized_keys"
82	tst_rhost_run -c "cat ${TST_TMPDIR}/id_rsa.pub" > authorized_keys
83
84	tst_res TINFO "restore context of authorized_keys"
85	rc=$(command -v restorecon)
86	[ -n "$rc" ] && $rc authorized_keys
87
88	$(command -v sshd) -f $TST_TMPDIR/sshd_config || \
89		tst_brk TBROK "Failed to run sshd daemon"
90
91	RHOST_SSH="ssh -$TST_IPVER -F $RHOST_SSH_CONF $(tst_ipaddr)"
92}
93
94test_ssh_connectivity()
95{
96	tst_rhost_run -c "$RHOST_SSH 'true >/dev/null 2>&1' >/dev/null"
97	[ $? -ne 0 ] && tst_brk TFAIL "SSH not reachable"
98}
99
100test1()
101{
102	local num all_conn pid
103
104	tst_res TINFO "Verify SSH connectivity over IPv$TST_IPVER is not broken after creating many SSH sessions"
105
106	test_ssh_connectivity
107
108	RHOST_PIDS=
109	num=0
110	while [ $num -lt $CONNECTION_TOTAL ]; do
111		pid=$(tst_rhost_run -c "$RHOST_SSH -N </dev/null 1>/dev/null 2>&1 \
112			& echo \$!")
113		RHOST_PIDS="$RHOST_PIDS $pid"
114		num=$(($num + 1))
115	done
116
117	tst_res TINFO "Killing all ssh sessions"
118	num=0
119	for pid in $RHOST_PIDS; do
120		tst_rhost_run -c "kill $pid" >/dev/null
121		[ $? -ne 0 ] && num=$((num + 1))
122	done
123
124	[ $num -ne 0 ] && tst_brk TFAIL "$num ssh processes died unexpectedly during execution"
125
126	test_ssh_connectivity
127
128	tst_res TPASS "Test finished successfully"
129}
130
131test2()
132{
133	local start_epoc pids total_connections elapse_epoc new_pids
134	local ssh_num wait_sec login_sec
135
136	tst_res TINFO "Verify SSH connectivity over IPv$TST_IPVER is not broken after logging in/out by many clients asynchronously"
137
138	test_ssh_connectivity
139
140	start_epoc=$(date +%s)
141	RHOST_PIDS=
142	total_connections=0
143	while true; do
144		# Exit after the specified time has elapsed.
145		elapse_epoc=$(( $(date +%s) - $start_epoc))
146		[ $elapse_epoc -ge $NS_DURATION ] && break
147
148		new_pids=
149		for pid in $RHOST_PIDS; do
150			if tst_rhost_run -c "kill -0 $pid" >/dev/null; then
151				new_pids="$new_pids $pid"
152			fi
153		done
154		RHOST_PIDS="$new_pids"
155
156		# Do not make ssh connection over the specified quantity
157		ssh_num=$(echo "$pids" | wc -w)
158		if [ $ssh_num -ge $CONNECTION_TOTAL ]; then
159			tst_res TINFO "Max connections reached"
160			tst_sleep 1
161			continue
162		fi
163
164		# specified wait time and login time
165		wait_sec=$(( $(od -A n -d -N 1 /dev/urandom) * 3 / 255 ))
166		login_sec=$(( $(od -A n -d -N 1 /dev/urandom) * 10 / 255 ))
167
168		# Login to the server
169		pid=$(tst_rhost_run -c "( \
170			  sleep $wait_sec && $RHOST_SSH -l root \"sleep $login_sec\" \
171			) </dev/null 1>/dev/null 2>&1 & echo \$!"
172		)
173		RHOST_PIDS="$RHOST_PIDS $pid"
174		total_connections=$(( total_connections + 1 ))
175	done
176
177	tst_res TINFO "Waiting for all connections to terminate"
178	while [ -n "$RHOST_PIDS" ]; do
179		tst_sleep 1
180		new_pids=
181		for pid in $RHOST_PIDS; do
182			if tst_rhost_run -c "kill -0 $pid" >/dev/null 2>&1; then
183				new_pids="$new_pids $pid"
184			fi
185		done
186		RHOST_PIDS="$new_pids"
187	done
188
189	test_ssh_connectivity
190
191	tst_res TPASS "Test finished successfully ($total_connections connections)"
192}
193
194test3()
195{
196	local port lport localhost rhost ret
197	tst_res TINFO "Verify SSH connectivity over IPv$TST_IPVER is not broken after forwarding TCP traffic"
198
199	localhost="127.0.0.1"
200	rhost="$(tst_ipaddr)"
201	if [ "$TST_IPVER" = "6" ]; then
202		localhost="::1"
203		rhost="[$(tst_ipaddr)]"
204	fi
205
206	test_ssh_connectivity
207
208	# Get an ssh forwarding port
209	lport=$(tst_rhost_run -c "tst_get_unused_port ipv${TST_IPVER} stream")
210
211	# Start a tcp server
212	netstress -R 3 -B $TST_TMPDIR >/dev/null 2>&1
213	[ $? -ne 0 ] && tst_brk TBROK "Unable to start netstress server"
214	NETSTRESS_PID=$(pgrep -f "^netstress .*$TST_TMPDIR")
215	port=$(cat netstress_port)
216
217	# Setup an ssh tunnel from the remote host to testhost
218	tst_rhost_run -c "$RHOST_SSH -f -N -L $lport:$rhost:$port </dev/null >/dev/null 2>&1"
219	[ "$?" -ne 0 ] && tst_brk TFAIL "Failed to create an SSH session with port forwarding"
220	RHOST_PIDS=$(tst_rhost_run -c "pgrep -f '^ssh .*$lport:$rhost:$port'")
221
222	# Start the TCP traffic clients
223	tst_rhost_run -s -c "netstress -r $NS_TIMES -l -H $localhost -g $lport > /dev/null"
224
225	tst_rhost_run -c "kill $RHOST_PIDS >/dev/null 2>&1"
226
227	test_ssh_connectivity
228
229	tst_res TPASS "Test finished successfully"
230}
231
232. tst_net.sh
233tst_run
234