1# $OpenBSD: test-exec.sh,v 1.76 2020/04/04 23:04:41 dtucker Exp $ 2# Placed in the Public Domain. 3 4#SUDO=sudo 5 6# Unbreak GNU head(1) 7_POSIX2_VERSION=199209 8export _POSIX2_VERSION 9 10case `uname -s 2>/dev/null` in 11OSF1*) 12 BIN_SH=xpg4 13 export BIN_SH 14 ;; 15CYGWIN*) 16 os=cygwin 17 ;; 18esac 19 20if [ ! -z "$TEST_SSH_PORT" ]; then 21 PORT="$TEST_SSH_PORT" 22else 23 PORT=4242 24fi 25 26# If configure tells us to use a different egrep, create a wrapper function 27# to call it. This means we don't need to change all the tests that depend 28# on a good implementation. 29if test "x${EGREP}" != "x"; then 30 egrep () 31{ 32 ${EGREP} "$@" 33} 34fi 35 36if [ -x /usr/ucb/whoami ]; then 37 USER=`/usr/ucb/whoami` 38elif whoami >/dev/null 2>&1; then 39 USER=`whoami` 40elif logname >/dev/null 2>&1; then 41 USER=`logname` 42else 43 USER=`id -un` 44fi 45 46OBJ=$1 47if [ "x$OBJ" = "x" ]; then 48 echo '$OBJ not defined' 49 exit 2 50fi 51if [ ! -d $OBJ ]; then 52 echo "not a directory: $OBJ" 53 exit 2 54fi 55SCRIPT=$2 56if [ "x$SCRIPT" = "x" ]; then 57 echo '$SCRIPT not defined' 58 exit 2 59fi 60if [ ! -f $SCRIPT ]; then 61 echo "not a file: $SCRIPT" 62 exit 2 63fi 64if $TEST_SHELL -n $SCRIPT; then 65 true 66else 67 echo "syntax error in $SCRIPT" 68 exit 2 69fi 70unset SSH_AUTH_SOCK 71 72SRC=`dirname ${SCRIPT}` 73 74# defaults 75SSH=ssh 76SSHD=sshd 77SSHAGENT=ssh-agent 78SSHADD=ssh-add 79SSHKEYGEN=ssh-keygen 80SSHKEYSCAN=ssh-keyscan 81SFTP=sftp 82SFTPSERVER=/usr/libexec/openssh/sftp-server 83SCP=scp 84 85# Set by make_tmpdir() on demand (below). 86SSH_REGRESS_TMP= 87 88# Interop testing 89PLINK=plink 90PUTTYGEN=puttygen 91CONCH=conch 92 93# Tools used by multiple tests 94NC=$OBJ/netcat 95 96if [ "x$TEST_SSH_SSH" != "x" ]; then 97 SSH="${TEST_SSH_SSH}" 98fi 99if [ "x$TEST_SSH_SSHD" != "x" ]; then 100 SSHD="${TEST_SSH_SSHD}" 101fi 102if [ "x$TEST_SSH_SSHAGENT" != "x" ]; then 103 SSHAGENT="${TEST_SSH_SSHAGENT}" 104fi 105if [ "x$TEST_SSH_SSHADD" != "x" ]; then 106 SSHADD="${TEST_SSH_SSHADD}" 107fi 108if [ "x$TEST_SSH_SSHKEYGEN" != "x" ]; then 109 SSHKEYGEN="${TEST_SSH_SSHKEYGEN}" 110fi 111if [ "x$TEST_SSH_SSHKEYSCAN" != "x" ]; then 112 SSHKEYSCAN="${TEST_SSH_SSHKEYSCAN}" 113fi 114if [ "x$TEST_SSH_SFTP" != "x" ]; then 115 SFTP="${TEST_SSH_SFTP}" 116fi 117if [ "x$TEST_SSH_SFTPSERVER" != "x" ]; then 118 SFTPSERVER="${TEST_SSH_SFTPSERVER}" 119fi 120if [ "x$TEST_SSH_SCP" != "x" ]; then 121 SCP="${TEST_SSH_SCP}" 122fi 123if [ "x$TEST_SSH_PLINK" != "x" ]; then 124 # Find real binary, if it exists 125 case "${TEST_SSH_PLINK}" in 126 /*) PLINK="${TEST_SSH_PLINK}" ;; 127 *) PLINK=`which ${TEST_SSH_PLINK} 2>/dev/null` ;; 128 esac 129fi 130if [ "x$TEST_SSH_PUTTYGEN" != "x" ]; then 131 # Find real binary, if it exists 132 case "${TEST_SSH_PUTTYGEN}" in 133 /*) PUTTYGEN="${TEST_SSH_PUTTYGEN}" ;; 134 *) PUTTYGEN=`which ${TEST_SSH_PUTTYGEN} 2>/dev/null` ;; 135 esac 136fi 137if [ "x$TEST_SSH_CONCH" != "x" ]; then 138 # Find real binary, if it exists 139 case "${TEST_SSH_CONCH}" in 140 /*) CONCH="${TEST_SSH_CONCH}" ;; 141 *) CONCH=`which ${TEST_SSH_CONCH} 2>/dev/null` ;; 142 esac 143fi 144if [ "x$TEST_SSH_PKCS11_HELPER" != "x" ]; then 145 SSH_PKCS11_HELPER="${TEST_SSH_PKCS11_HELPER}" 146fi 147if [ "x$TEST_SSH_SK_HELPER" != "x" ]; then 148 SSH_SK_HELPER="${TEST_SSH_SK_HELPER}" 149fi 150 151# Path to sshd must be absolute for rexec 152case "$SSHD" in 153/*) ;; 154*) SSHD=`which $SSHD` ;; 155esac 156 157case "$SSHAGENT" in 158/*) ;; 159*) SSHAGENT=`which $SSHAGENT` ;; 160esac 161 162# Record the actual binaries used. 163SSH_BIN=${SSH} 164SSHD_BIN=${SSHD} 165SSHAGENT_BIN=${SSHAGENT} 166SSHADD_BIN=${SSHADD} 167SSHKEYGEN_BIN=${SSHKEYGEN} 168SSHKEYSCAN_BIN=${SSHKEYSCAN} 169SFTP_BIN=${SFTP} 170SFTPSERVER_BIN=${SFTPSERVER} 171SCP_BIN=${SCP} 172 173if [ "x$USE_VALGRIND" != "x" ]; then 174 rm -rf $OBJ/valgrind-out $OBJ/valgrind-vgdb 175 mkdir -p $OBJ/valgrind-out $OBJ/valgrind-vgdb 176 # When using sudo ensure low-priv tests can write pipes and logs. 177 if [ "x$SUDO" != "x" ]; then 178 chmod 777 $OBJ/valgrind-out $OBJ/valgrind-vgdb 179 fi 180 VG_TEST=`basename $SCRIPT .sh` 181 182 # Some tests are difficult to fix. 183 case "$VG_TEST" in 184 reexec) 185 VG_SKIP=1 ;; 186 sftp-chroot) 187 if [ "x${SUDO}" != "x" ]; then 188 VG_SKIP=1 189 fi ;; 190 esac 191 192 if [ x"$VG_SKIP" = "x" ]; then 193 VG_LEAK="--leak-check=no" 194 if [ x"$VALGRIND_CHECK_LEAKS" != "x" ]; then 195 VG_LEAK="--leak-check=full" 196 fi 197 VG_IGNORE="/bin/*,/sbin/*,/usr/*,/var/*" 198 VG_LOG="$OBJ/valgrind-out/${VG_TEST}." 199 VG_OPTS="--track-origins=yes $VG_LEAK" 200 VG_OPTS="$VG_OPTS --trace-children=yes" 201 VG_OPTS="$VG_OPTS --trace-children-skip=${VG_IGNORE}" 202 VG_OPTS="$VG_OPTS --vgdb-prefix=$OBJ/valgrind-vgdb/" 203 VG_PATH="valgrind" 204 if [ "x$VALGRIND_PATH" != "x" ]; then 205 VG_PATH="$VALGRIND_PATH" 206 fi 207 VG="$VG_PATH $VG_OPTS" 208 SSH="$VG --log-file=${VG_LOG}ssh.%p $SSH" 209 SSHD="$VG --log-file=${VG_LOG}sshd.%p $SSHD" 210 SSHAGENT="$VG --log-file=${VG_LOG}ssh-agent.%p $SSHAGENT" 211 SSHADD="$VG --log-file=${VG_LOG}ssh-add.%p $SSHADD" 212 SSHKEYGEN="$VG --log-file=${VG_LOG}ssh-keygen.%p $SSHKEYGEN" 213 SSHKEYSCAN="$VG --log-file=${VG_LOG}ssh-keyscan.%p $SSHKEYSCAN" 214 SFTP="$VG --log-file=${VG_LOG}sftp.%p ${SFTP}" 215 SCP="$VG --log-file=${VG_LOG}scp.%p $SCP" 216 cat > $OBJ/valgrind-sftp-server.sh << EOF 217#!/bin/sh 218exec $VG --log-file=${VG_LOG}sftp-server.%p $SFTPSERVER "\$@" 219EOF 220 chmod a+rx $OBJ/valgrind-sftp-server.sh 221 SFTPSERVER="$OBJ/valgrind-sftp-server.sh" 222 fi 223fi 224 225# Logfiles. 226# SSH_LOGFILE should be the debug output of ssh(1) only 227# SSHD_LOGFILE should be the debug output of sshd(8) only 228# REGRESS_LOGFILE is the output of the test itself stdout and stderr 229if [ "x$TEST_SSH_LOGFILE" = "x" ]; then 230 TEST_SSH_LOGFILE=$OBJ/ssh.log 231fi 232if [ "x$TEST_SSHD_LOGFILE" = "x" ]; then 233 TEST_SSHD_LOGFILE=$OBJ/sshd.log 234fi 235if [ "x$TEST_REGRESS_LOGFILE" = "x" ]; then 236 TEST_REGRESS_LOGFILE=$OBJ/regress.log 237fi 238 239# truncate logfiles 240>$TEST_SSH_LOGFILE 241>$TEST_SSHD_LOGFILE 242>$TEST_REGRESS_LOGFILE 243 244# Create wrapper ssh with logging. We can't just specify "SSH=ssh -E..." 245# because sftp and scp don't handle spaces in arguments. 246SSHLOGWRAP=$OBJ/ssh-log-wrapper.sh 247echo "#!/bin/sh" > $SSHLOGWRAP 248echo "exec ${SSH} -E${TEST_SSH_LOGFILE} "'"$@"' >>$SSHLOGWRAP 249 250chmod a+rx $OBJ/ssh-log-wrapper.sh 251REAL_SSH="$SSH" 252REAL_SSHD="$SSHD" 253SSH="$SSHLOGWRAP" 254 255# Some test data. We make a copy because some tests will overwrite it. 256# The tests may assume that $DATA exists and is writable and $COPY does 257# not exist. Tests requiring larger data files can call increase_datafile_size 258# [kbytes] to ensure the file is at least that large. 259DATANAME=data 260DATA=$OBJ/${DATANAME} 261cat ${SSHAGENT_BIN} >${DATA} 262chmod u+w ${DATA} 263COPY=$OBJ/copy 264rm -f ${COPY} 265 266increase_datafile_size() 267{ 268 while [ `du -k ${DATA} | cut -f1` -lt $1 ]; do 269 cat ${SSHAGENT_BIN} >>${DATA} 270 done 271} 272 273# these should be used in tests 274export SSH SSHD SSHAGENT SSHADD SSHKEYGEN SSHKEYSCAN SFTP SFTPSERVER SCP 275export SSH_PKCS11_HELPER SSH_SK_HELPER 276#echo $SSH $SSHD $SSHAGENT $SSHADD $SSHKEYGEN $SSHKEYSCAN $SFTP $SFTPSERVER $SCP 277 278# Portable specific functions 279have_prog() 280{ 281 saved_IFS="$IFS" 282 IFS=":" 283 for i in $PATH 284 do 285 if [ -x $i/$1 ]; then 286 IFS="$saved_IFS" 287 return 0 288 fi 289 done 290 IFS="$saved_IFS" 291 return 1 292} 293 294jot() { 295 awk "BEGIN { for (i = $2; i < $2 + $1; i++) { printf \"%d\n\", i } exit }" 296} 297 298# Check whether preprocessor symbols are defined in config.h. 299config_defined () 300{ 301 str=$1 302 while test "x$2" != "x" ; do 303 str="$str|$2" 304 shift 305 done 306 egrep "^#define.*($str)" ${BUILDDIR}/config.h >/dev/null 2>&1 307} 308 309md5 () { 310 if have_prog md5sum; then 311 md5sum 312 elif have_prog openssl; then 313 openssl md5 314 elif have_prog cksum; then 315 cksum 316 elif have_prog sum; then 317 sum 318 else 319 wc -c 320 fi 321} 322# End of portable specific functions 323 324stop_sshd () 325{ 326 if [ -f $PIDFILE ]; then 327 pid=`$SUDO cat $PIDFILE` 328 if [ "X$pid" = "X" ]; then 329 echo no sshd running 330 else 331 if [ $pid -lt 2 ]; then 332 echo bad pid for sshd: $pid 333 else 334 $SUDO kill $pid 335 trace "wait for sshd to exit" 336 i=0; 337 while [ -f $PIDFILE -a $i -lt 5 ]; do 338 i=`expr $i + 1` 339 sleep $i 340 done 341 if test -f $PIDFILE; then 342 if $SUDO kill -0 $pid; then 343 echo "sshd didn't exit " \ 344 "port $PORT pid $pid" 345 else 346 echo "sshd died without cleanup" 347 fi 348 exit 1 349 fi 350 fi 351 fi 352 fi 353} 354 355make_tmpdir () 356{ 357 SSH_REGRESS_TMP="$($OBJ/mkdtemp openssh-XXXXXXXX)" || \ 358 fatal "failed to create temporary directory" 359} 360 361# helper 362cleanup () 363{ 364 if [ "x$SSH_PID" != "x" ]; then 365 if [ $SSH_PID -lt 2 ]; then 366 echo bad pid for ssh: $SSH_PID 367 else 368 kill $SSH_PID 369 fi 370 fi 371 if [ "x$SSH_REGRESS_TMP" != "x" ]; then 372 rm -rf "$SSH_REGRESS_TMP" 373 fi 374 stop_sshd 375} 376 377start_debug_log () 378{ 379 echo "trace: $@" >$TEST_REGRESS_LOGFILE 380 echo "trace: $@" >$TEST_SSH_LOGFILE 381 echo "trace: $@" >$TEST_SSHD_LOGFILE 382} 383 384save_debug_log () 385{ 386 echo $@ >>$TEST_REGRESS_LOGFILE 387 echo $@ >>$TEST_SSH_LOGFILE 388 echo $@ >>$TEST_SSHD_LOGFILE 389 (cat $TEST_REGRESS_LOGFILE; echo) >>$OBJ/failed-regress.log 390 (cat $TEST_SSH_LOGFILE; echo) >>$OBJ/failed-ssh.log 391 (cat $TEST_SSHD_LOGFILE; echo) >>$OBJ/failed-sshd.log 392} 393 394trace () 395{ 396 start_debug_log $@ 397 if [ "X$TEST_SSH_TRACE" = "Xyes" ]; then 398 echo "$@" 399 fi 400} 401 402verbose () 403{ 404 start_debug_log $@ 405 if [ "X$TEST_SSH_QUIET" != "Xyes" ]; then 406 echo "$@" 407 fi 408} 409 410warn () 411{ 412 echo "WARNING: $@" >>$TEST_SSH_LOGFILE 413 echo "WARNING: $@" 414} 415 416fail () 417{ 418 save_debug_log "FAIL: $@" 419 RESULT=1 420 echo "$@" 421 if test "x$TEST_SSH_FAIL_FATAL" != "x" ; then 422 cleanup 423 exit $RESULT 424 fi 425} 426 427fatal () 428{ 429 save_debug_log "FATAL: $@" 430 printf "FATAL: " 431 fail "$@" 432 cleanup 433 exit $RESULT 434} 435 436RESULT=0 437PIDFILE=$OBJ/pidfile 438 439trap fatal 3 2 440 441# create server config 442cat << EOF > $OBJ/sshd_config 443 StrictModes no 444 Port $PORT 445 AddressFamily inet 446 ListenAddress 127.0.0.1 447 #ListenAddress ::1 448 PidFile $PIDFILE 449 AuthorizedKeysFile $OBJ/authorized_keys_%u 450 LogLevel DEBUG3 451 AcceptEnv _XXX_TEST_* 452 AcceptEnv _XXX_TEST 453 Subsystem sftp $SFTPSERVER 454EOF 455 456# This may be necessary if /usr/src and/or /usr/obj are group-writable, 457# but if you aren't careful with permissions then the unit tests could 458# be abused to locally escalate privileges. 459if [ ! -z "$TEST_SSH_UNSAFE_PERMISSIONS" ]; then 460 echo "StrictModes no" >> $OBJ/sshd_config 461else 462 # check and warn if excessive permissions are likely to cause failures. 463 unsafe="" 464 dir="${OBJ}" 465 while test ${dir} != "/"; do 466 if test -d "${dir}" && ! test -h "${dir}"; then 467 perms=`ls -ld ${dir}` 468 case "${perms}" in 469 ?????w????*|????????w?*) unsafe="${unsafe} ${dir}" ;; 470 esac 471 fi 472 dir=`dirname ${dir}` 473 done 474 if ! test -z "${unsafe}"; then 475 cat <<EOD 476 477WARNING: Unsafe (group or world writable) directory permissions found: 478${unsafe} 479 480These could be abused to locally escalate privileges. If you are 481sure that this is not a risk (eg there are no other users), you can 482bypass this check by setting TEST_SSH_UNSAFE_PERMISSIONS=1 483 484EOD 485 fi 486fi 487 488if [ ! -z "$TEST_SSH_SSHD_CONFOPTS" ]; then 489 trace "adding sshd_config option $TEST_SSH_SSHD_CONFOPTS" 490 echo "$TEST_SSH_SSHD_CONFOPTS" >> $OBJ/sshd_config 491fi 492 493# server config for proxy connects 494cp $OBJ/sshd_config $OBJ/sshd_proxy 495 496# allow group-writable directories in proxy-mode 497echo 'StrictModes no' >> $OBJ/sshd_proxy 498 499# create client config 500cat << EOF > $OBJ/ssh_config 501Host * 502 Hostname 127.0.0.1 503 HostKeyAlias localhost-with-alias 504 Port $PORT 505 User $USER 506 GlobalKnownHostsFile $OBJ/known_hosts 507 UserKnownHostsFile $OBJ/known_hosts 508 PubkeyAuthentication yes 509 ChallengeResponseAuthentication no 510 HostbasedAuthentication no 511 PasswordAuthentication no 512 BatchMode yes 513 StrictHostKeyChecking yes 514 LogLevel DEBUG3 515EOF 516 517if [ ! -z "$TEST_SSH_SSH_CONFOPTS" ]; then 518 trace "adding ssh_config option $TEST_SSH_SSH_CONFOPTS" 519 echo "$TEST_SSH_SSH_CONFOPTS" >> $OBJ/ssh_config 520fi 521 522rm -f $OBJ/known_hosts $OBJ/authorized_keys_$USER 523 524SSH_SK_PROVIDER= 525if ! config_defined ENABLE_SK; then 526 trace skipping sk-dummy 527elif [ -f "${SRC}/misc/sk-dummy/obj/sk-dummy.so" ] ; then 528 SSH_SK_PROVIDER="${SRC}/misc/sk-dummy/obj/sk-dummy.so" 529elif [ -f "${SRC}/misc/sk-dummy/sk-dummy.so" ] ; then 530 SSH_SK_PROVIDER="${SRC}/misc/sk-dummy/sk-dummy.so" 531fi 532export SSH_SK_PROVIDER 533 534if ! test -z "$SSH_SK_PROVIDER"; then 535 EXTRA_AGENT_ARGS='-P/*' # XXX want realpath(1)... 536 echo "SecurityKeyProvider $SSH_SK_PROVIDER" >> $OBJ/ssh_config 537 echo "SecurityKeyProvider $SSH_SK_PROVIDER" >> $OBJ/sshd_config 538 echo "SecurityKeyProvider $SSH_SK_PROVIDER" >> $OBJ/sshd_proxy 539fi 540export EXTRA_AGENT_ARGS 541 542maybe_filter_sk() { 543 if test -z "$SSH_SK_PROVIDER" ; then 544 grep -v ^sk 545 else 546 cat 547 fi 548} 549 550SSH_KEYTYPES=`$SSH -Q key-plain | maybe_filter_sk` 551SSH_HOSTKEY_TYPES=`$SSH -Q key-plain | maybe_filter_sk` 552 553for t in ${SSH_KEYTYPES}; do 554 # generate user key 555 if [ ! -f $OBJ/$t ] || [ ${SSHKEYGEN_BIN} -nt $OBJ/$t ]; then 556 trace "generating key type $t" 557 rm -f $OBJ/$t 558 ${SSHKEYGEN} -q -N '' -t $t -f $OBJ/$t ||\ 559 fail "ssh-keygen for $t failed" 560 else 561 trace "using cached key type $t" 562 fi 563 564 # setup authorized keys 565 cat $OBJ/$t.pub >> $OBJ/authorized_keys_$USER 566 echo IdentityFile $OBJ/$t >> $OBJ/ssh_config 567done 568 569for t in ${SSH_HOSTKEY_TYPES}; do 570 # known hosts file for client 571 ( 572 printf 'localhost-with-alias,127.0.0.1,::1 ' 573 cat $OBJ/$t.pub 574 ) >> $OBJ/known_hosts 575 576 # use key as host key, too 577 $SUDO cp $OBJ/$t $OBJ/host.$t 578 echo HostKey $OBJ/host.$t >> $OBJ/sshd_config 579 580 # don't use SUDO for proxy connect 581 echo HostKey $OBJ/$t >> $OBJ/sshd_proxy 582done 583chmod 644 $OBJ/authorized_keys_$USER 584 585# Activate Twisted Conch tests if the binary is present 586REGRESS_INTEROP_CONCH=no 587if test -x "$CONCH" ; then 588 REGRESS_INTEROP_CONCH=yes 589fi 590 591# If PuTTY is present and we are running a PuTTY test, prepare keys and 592# configuration 593REGRESS_INTEROP_PUTTY=no 594if test -x "$PUTTYGEN" -a -x "$PLINK" ; then 595 REGRESS_INTEROP_PUTTY=yes 596fi 597case "$SCRIPT" in 598*putty*) ;; 599*) REGRESS_INTEROP_PUTTY=no ;; 600esac 601 602if test "$REGRESS_INTEROP_PUTTY" = "yes" ; then 603 mkdir -p ${OBJ}/.putty 604 605 # Add a PuTTY key to authorized_keys 606 rm -f ${OBJ}/putty.rsa2 607 if ! puttygen -t rsa -o ${OBJ}/putty.rsa2 \ 608 --random-device=/dev/urandom \ 609 --new-passphrase /dev/null < /dev/null > /dev/null; then 610 echo "Your installed version of PuTTY is too old to support --new-passphrase; trying without (may require manual interaction) ..." >&2 611 puttygen -t rsa -o ${OBJ}/putty.rsa2 < /dev/null > /dev/null 612 fi 613 puttygen -O public-openssh ${OBJ}/putty.rsa2 \ 614 >> $OBJ/authorized_keys_$USER 615 616 # Convert rsa2 host key to PuTTY format 617 cp $OBJ/ssh-rsa $OBJ/ssh-rsa_oldfmt 618 ${SSHKEYGEN} -p -N '' -m PEM -f $OBJ/ssh-rsa_oldfmt >/dev/null 619 ${SRC}/ssh2putty.sh 127.0.0.1 $PORT $OBJ/ssh-rsa_oldfmt > \ 620 ${OBJ}/.putty/sshhostkeys 621 ${SRC}/ssh2putty.sh 127.0.0.1 22 $OBJ/ssh-rsa_oldfmt >> \ 622 ${OBJ}/.putty/sshhostkeys 623 rm -f $OBJ/ssh-rsa_oldfmt 624 625 # Setup proxied session 626 mkdir -p ${OBJ}/.putty/sessions 627 rm -f ${OBJ}/.putty/sessions/localhost_proxy 628 echo "Protocol=ssh" >> ${OBJ}/.putty/sessions/localhost_proxy 629 echo "HostName=127.0.0.1" >> ${OBJ}/.putty/sessions/localhost_proxy 630 echo "PortNumber=$PORT" >> ${OBJ}/.putty/sessions/localhost_proxy 631 echo "ProxyMethod=5" >> ${OBJ}/.putty/sessions/localhost_proxy 632 echo "ProxyTelnetCommand=sh ${SRC}/sshd-log-wrapper.sh ${TEST_SSHD_LOGFILE} ${SSHD} -i -f $OBJ/sshd_proxy" >> ${OBJ}/.putty/sessions/localhost_proxy 633 echo "ProxyLocalhost=1" >> ${OBJ}/.putty/sessions/localhost_proxy 634 635 PUTTYDIR=${OBJ}/.putty 636 export PUTTYDIR 637 638 REGRESS_INTEROP_PUTTY=yes 639fi 640 641# create a proxy version of the client config 642( 643 cat $OBJ/ssh_config 644 echo proxycommand ${SUDO} env SSH_SK_HELPER=\"$SSH_SK_HELPER\" sh ${SRC}/sshd-log-wrapper.sh ${TEST_SSHD_LOGFILE} ${SSHD} -i -f $OBJ/sshd_proxy 645) > $OBJ/ssh_proxy 646 647# check proxy config 648${SSHD} -t -f $OBJ/sshd_proxy || fatal "sshd_proxy broken" 649 650start_sshd () 651{ 652 # start sshd 653 $SUDO ${SSHD} -f $OBJ/sshd_config "$@" -t || fatal "sshd_config broken" 654 $SUDO env SSH_SK_HELPER="$SSH_SK_HELPER" \ 655 ${SSHD} -f $OBJ/sshd_config "$@" -E$TEST_SSHD_LOGFILE 656 657 trace "wait for sshd" 658 i=0; 659 while [ ! -f $PIDFILE -a $i -lt 10 ]; do 660 i=`expr $i + 1` 661 sleep $i 662 done 663 664 test -f $PIDFILE || fatal "no sshd running on port $PORT" 665} 666 667# source test body 668. $SCRIPT 669 670# kill sshd 671cleanup 672 673if [ "x$USE_VALGRIND" != "x" ]; then 674 # wait for any running process to complete 675 wait; sleep 1 676 VG_RESULTS=$(find $OBJ/valgrind-out -type f -print) 677 VG_RESULT_COUNT=0 678 VG_FAIL_COUNT=0 679 for i in $VG_RESULTS; do 680 if grep "ERROR SUMMARY" $i >/dev/null; then 681 VG_RESULT_COUNT=$(($VG_RESULT_COUNT + 1)) 682 if ! grep "ERROR SUMMARY: 0 errors" $i >/dev/null; then 683 VG_FAIL_COUNT=$(($VG_FAIL_COUNT + 1)) 684 RESULT=1 685 verbose valgrind failure $i 686 cat $i 687 fi 688 fi 689 done 690 if [ x"$VG_SKIP" != "x" ]; then 691 verbose valgrind skipped 692 else 693 verbose valgrind results $VG_RESULT_COUNT failures $VG_FAIL_COUNT 694 fi 695fi 696 697if [ $RESULT -eq 0 ]; then 698 verbose ok $tid 699else 700 echo failed $tid 701fi 702exit $RESULT 703