diff -ru --new-file --exclude=CVS openssh-cvs/Makefile.in openssh-regress/Makefile.in --- openssh-cvs/Makefile.in Mon Jul 15 20:49:31 2002 +++ openssh-regress/Makefile.in Sat Sep 28 19:30:55 2002 @@ -167,6 +167,7 @@ rm -f *.o *.a $(TARGETS) logintest config.cache config.log rm -f *.out core (cd openbsd-compat && $(MAKE) clean) + (cd $(srcdir)/regress && $(MAKE) $@) distclean: rm -f *.o *.a $(TARGETS) logintest config.cache config.log @@ -342,3 +343,32 @@ -rm -f $(DESTDIR)$(mandir)/$(mansubdir)8/sftp-server.8 -rm -f $(DESTDIR)$(mandir)/$(mansubdir)8/ssh-keysign.8 -rm -f $(DESTDIR)$(mandir)/$(mansubdir)1/slogin.1 + + +tests: $(TARGETS) + BUILDDIR="`pwd`"; \ + TEST_SSH_SSH="$${BUILDDIR}/ssh"; \ + TEST_SSH_SSHD="$${BUILDDIR}/sshd"; \ + TEST_SSH_SSHAGENT="$${BUILDDIR}/ssh-agent"; \ + TEST_SSH_SSHADD="$${BUILDDIR}/ssh-add"; \ + TEST_SSH_SSHKEYGEN="$${BUILDDIR}/ssh-keygen"; \ + TEST_SSH_SSHKEYSCAN="$${BUILDDIR}/ssh-keyscan"; \ + TEST_SSH_SFTP="$${BUILDDIR}/sftp"; \ + TEST_SSH_SFTPSERVER="$${BUILDDIR}/sftp-server"; \ + cd $(srcdir)/regress || exit $$?; \ + $(MAKE) \ + .OBJDIR="$${BUILDDIR}" \ + .CURDIR="`pwd`" \ + OBJ="$${BUILDDIR}" \ + TEST_SSH_SSH="$${TEST_SSH_SSH}" \ + TEST_SSH_SSHD="$${TEST_SSH_SSHD}" \ + TEST_SSH_SSHAGENT="$${TEST_SSH_SSHAGENT}" \ + TEST_SSH_SSHADD="$${TEST_SSH_SSHADD}" \ + TEST_SSH_SSHKEYGEN="$${TEST_SSH_SSHKEYGEN}" \ + TEST_SSH_SSHKEYSCAN="$${TEST_SSH_SSHKEYSCAN}" \ + TEST_SSH_SFTP="$${TEST_SSH_SFTP}" \ + TEST_SSH_SFTPSERVER="$${TEST_SSH_SFTPSERVER}" \ + AUTHORIZED_KEYS_DIR="$${HOME}/.ssh" \ + $@ + +regress: tests diff -ru --new-file --exclude=CVS openssh-cvs/README.regress openssh-regress/README.regress --- openssh-cvs/README.regress Thu Jan 1 10:00:00 1970 +++ openssh-regress/README.regress Sat Sep 28 19:39:12 2002 @@ -0,0 +1,95 @@ +Overview. + +$ ./configure && make tests + +You'll see some progress info. A failure will cause either the make to +abort or the driver script to report a "FATAL" failure. + +The test consists of 2 parts. The first is the file-based tests which is +driven by the Makefile, and the second is a set of network or proxycommand +based tests, which are driven by a driver script (test-exec.sh) which is +called multiple times by the Makefile. + +Failures in the first part will cause the Makefile to return an error. +Failures in the second part will print a "FATAL" message for the failed +test and continue. + +OpenBSD has a system-wide regression test suite. OpenSSH's test suite uses +the OpenBSD test scripts unmodified, however the Makefile is different +because OpenBSD's uses BSD-specific makefile extensions. + + +Environment variables. + +SUDO: path to sudo command, if desired. Note that some systems (eg AIX, + Solaris with PAM) require sudo to execute some tests. +TEST_SSH_TRACE: set yo "yes" for verbose output from tests +TEST_SSH_QUIET: set to "yes" to suppress non-fatal output. +TEST_SSH_x: path to "ssh" command under test, where x=SSH,SSHD,SSHAGENT,SSHADD + SSHKEYGEN,SSHKEYSCAN,SFTP,SFTPSERVER +OBJ: used by test scripts to access build dir. + + +Individual tests. + +You can invoke test-exec.sh directly if you set up the path to find the +binaries under test and the test scripts themselves, for example: + +$ cd regress +$ PATH=`pwd`/..:$PATH:. sh test-exec.sh `pwd` agent-timeout.sh +ok agent timeout test + + +Files. + +test-exec.sh: the main test driver. Sets environment, creates config files +and keys and runs the specified test. + +At the time of writing, the individual tests are: +agent-timeout.sh: agent timeout test +agent.sh: simple agent test +broken-pipe.sh: broken pipe test +connect-privsep.sh: proxy connect with privsep +connect.sh: simple connect +exit-status.sh: remote exit status +forwarding.sh: local and remote forwarding +keygen-change.sh: change passphrase for key +keyscan.sh: keyscan +proto-mismatch.sh: protocol version mismatch +proto-version.sh: sshd version with different protocol combinations +proxy-connect.sh: proxy connect +sftp.sh: basic sftp put/get +ssh-com-client.sh: connect with ssh.com client +ssh-com-keygen.sh: ssh.com key import +ssh-com-sftp.sh: basic sftp put/get with ssh.com server +ssh-com.sh: connect to ssh.com server +stderr-after-eof.sh: stderr data after eof +stderr-data.sh: stderr data transfer +transfer.sh: transfer data +try-ciphers.sh: try ciphers +yes-head.sh: yes pipe head + + +Problems? + +One common cause of problems is directory permissions. The regress directory +and all parent directories (all the way up to /) must be writable by the +testing user or root only. In particular, the directories must not be group +writable or setgid. The portable tests default to using $HOME/.ssh for the +authorized_keys file. + +A test that fails with a host key error can be caused by an sshd from an +aborted previous test that's still running. + +Run the failing test with shell tracing (-x) turned on: +$ PATH=`pwd`/..:$PATH:. sh -x test-exec.sh `pwd` agent-timeout.sh + +Failed tests can be difficult to diagnose. Suggestions: +- run the individual test via ./test-exec.sh . [testname] +- set LogLevel to VERBOSE in test-exec.sh and enable syslogging of + auth.debug (eg to /var/log/authlog). + + +Known Issues. + + diff -ru --new-file --exclude=CVS openssh-cvs/regress/Makefile openssh-regress/regress/Makefile --- openssh-cvs/regress/Makefile Wed May 1 13:17:34 2002 +++ openssh-regress/regress/Makefile Sat Sep 28 17:47:53 2002 @@ -1,9 +1,13 @@ -# $OpenBSD: Makefile,v 1.13 2002/04/01 22:15:08 markus Exp $ +# $OpenBSD: Makefile,v 1.17 2002/09/02 20:01:44 avsm Exp $ -REGRESSTARGETS= t1 t2 t3 t4 t5 t6 t7 +all: -CLEANFILES+= t2.out t6.out1 t6.out2 t7.out t7.out.pub +REGRESSTARGETS= t1 t2 t3 t4 t5 t6 t7 t-exec +tests: $(REGRESSTARGETS) +clean: + @for F in $(CLEANFILES); do rm -f $(OBJ)/$${F}; done + LTESTS= connect \ proxy-connect \ connect-privsep \ @@ -17,57 +21,61 @@ try-ciphers \ yes-head \ agent \ + agent-timeout \ keyscan \ + keygen-change \ sftp \ forwarding -USER!= id -un -CLEANFILES+= authorized_keys_${USER} known_hosts pidfile \ +CLEANFILES+= known_hosts pidfile \ ssh_config ssh_proxy sshd_config sshd_proxy \ rsa.pub rsa rsa1.pub rsa1 host.rsa host.rsa1 \ rsa-agent rsa-agent.pub rsa1-agent rsa1-agent.pub \ - ls.copy + ls.copy rsa_secsh.pub t2.out t6.out1 t6.out2 t7.out t7.out.pub copy.1 copy.2 #LTESTS+= ssh-com ssh-com-client ssh-com-keygen ssh-com-sftp +OBJ?= . + t1: - ssh-keygen -if ${.CURDIR}/rsa_ssh2.prv | diff - ${.CURDIR}/rsa_openssh.prv + $(TEST_SSH_SSHKEYGEN) -if ${.CURDIR}/rsa_ssh2.prv | diff - ${.CURDIR}/rsa_openssh.prv t2: - cat ${.CURDIR}/rsa_openssh.prv > t2.out - chmod 600 t2.out - ssh-keygen -yf t2.out | diff - ${.CURDIR}/rsa_openssh.pub + cat ${.CURDIR}/rsa_openssh.prv > $(OBJ)/t2.out + chmod 600 $(OBJ)/t2.out + $(TEST_SSH_SSHKEYGEN) -yf $(OBJ)/t2.out | diff - ${.CURDIR}/rsa_openssh.pub t3: - ssh-keygen -ef ${.CURDIR}/rsa_openssh.pub |\ - ssh-keygen -if /dev/stdin |\ + $(TEST_SSH_SSHKEYGEN) -ef ${.CURDIR}/rsa_openssh.pub >$(OBJ)/rsa_secsh.pub + $(TEST_SSH_SSHKEYGEN) -if $(OBJ)/rsa_secsh.pub |\ diff - ${.CURDIR}/rsa_openssh.pub + rm -f ${.CURDIR}/rsa_secsh.pub t4: - ssh-keygen -lf ${.CURDIR}/rsa_openssh.pub |\ + $(TEST_SSH_SSHKEYGEN) -lf ${.CURDIR}/rsa_openssh.pub |\ awk '{print $$2}' | diff - ${.CURDIR}/t4.ok t5: - ssh-keygen -Bf ${.CURDIR}/rsa_openssh.pub |\ + $(TEST_SSH_SSHKEYGEN) -Bf ${.CURDIR}/rsa_openssh.pub |\ awk '{print $$2}' | diff - ${.CURDIR}/t5.ok t6: - ssh-keygen -if ${.CURDIR}/dsa_ssh2.prv > t6.out1 - ssh-keygen -if ${.CURDIR}/dsa_ssh2.pub > t6.out2 - chmod 600 t6.out1 - ssh-keygen -yf t6.out1 | diff - t6.out2 - -t7.out: - ssh-keygen -q -t rsa -N '' -f $@ - -t7: t7.out - ssh-keygen -lf t7.out > /dev/null - ssh-keygen -Bf t7.out > /dev/null - -.for t in ${LTESTS} -REGRESSTARGETS+=t-${t} -t-${t}: - sh ${.CURDIR}/test-exec.sh ${.OBJDIR} ${.CURDIR}/${t}.sh -.endfor - -.include "bsd.regress.mk" + $(TEST_SSH_SSHKEYGEN) -if ${.CURDIR}/dsa_ssh2.prv > $(OBJ)/t6.out1 + $(TEST_SSH_SSHKEYGEN) -if ${.CURDIR}/dsa_ssh2.pub > $(OBJ)/t6.out2 + chmod 600 $(OBJ)/t6.out1 + $(TEST_SSH_SSHKEYGEN) -yf $(OBJ)/t6.out1 | diff - $(OBJ)/t6.out2 + +$(OBJ)/t7.out: + $(TEST_SSH_SSHKEYGEN) -q -t rsa -N '' -f $(OBJ)/t7.out + +t7: $(OBJ)/t7.out + $(TEST_SSH_SSHKEYGEN) -lf $(OBJ)/t7.out > /dev/null + $(TEST_SSH_SSHKEYGEN) -Bf $(OBJ)/t7.out > /dev/null + +t-exec: ${LTESTS:=.sh} + echo OBJ = $(OBJ) + @if [ "x$?" = "x" ]; then exit 0; fi; \ + for TEST in ""$?; do \ + echo "run test $${TEST}" ... 1>&2; \ + (sh ${.CURDIR}/test-exec.sh ${.OBJDIR} ${.CURDIR}/$${TEST}) || exit $$?; \ + done diff -ru --new-file --exclude=CVS openssh-cvs/regress/agent-timeout.sh openssh-regress/regress/agent-timeout.sh --- openssh-cvs/regress/agent-timeout.sh Thu Jan 1 10:00:00 1970 +++ openssh-regress/regress/agent-timeout.sh Sat Sep 28 22:57:51 2002 @@ -0,0 +1,36 @@ +# $OpenBSD: agent-timeout.sh,v 1.1 2002/06/06 00:38:40 markus Exp $ +# Placed in the Public Domain. + +tid="agent timeout test" + +TIMEOUT=5 + +trace "start agent" +eval `${SSHAGENT} -s` > /dev/null +r=$? +if [ $r -ne 0 ]; then + fail "could not start ssh-agent: exit code $r" +else + trace "add keys with timeout" + for t in rsa rsa1; do + ${SSHADD} -t ${TIMEOUT} $OBJ/$t > /dev/null 2>&1 + if [ $? -ne 0 ]; then + fail "ssh-add did succeed exit code 0" + fi + done + n=`${SSHADD} -l 2> /dev/null | wc -l` + trace "agent has $n keys" + if [ $n -ne 2 ]; then + fail "ssh-add -l did not return 2 keys: $n" + fi + trace "sleeping 2*${TIMEOUT} seconds" + sleep ${TIMEOUT} + sleep ${TIMEOUT} + ${SSHADD} -l 2> /dev/null | grep 'The agent has no identities.' >/dev/null + if [ $? -ne 0 ]; then + fail "ssh-add -l still returns keys after timeout" + fi + + trace "kill agent" + ${SSHAGENT} -k > /dev/null +fi diff -ru --new-file --exclude=CVS openssh-cvs/regress/agent.sh openssh-regress/regress/agent.sh --- openssh-cvs/regress/agent.sh Wed May 1 13:17:34 2002 +++ openssh-regress/regress/agent.sh Sat Sep 28 16:24:33 2002 @@ -19,14 +19,14 @@ fail "ssh-add -l did not fail with exit code 1" fi trace "overwrite authorized keys" - echo -n > $OBJ/authorized_keys_$USER + echon > "$AUTHORIZED_KEYS_FILE" for t in rsa rsa1; do # generate user key for agent rm -f $OBJ/$t-agent ${SSHKEYGEN} -q -N '' -t $t -f $OBJ/$t-agent ||\ fail "ssh-keygen for $t-agent failed" # add to authorized keys - cat $OBJ/$t-agent.pub >> $OBJ/authorized_keys_$USER + cat $OBJ/$t-agent.pub >> "$AUTHORIZED_KEYS_FILE" # add privat key to agent ${SSHADD} $OBJ/$t-agent > /dev/null 2>&1 if [ $? -ne 0 ]; then diff -ru --new-file --exclude=CVS openssh-cvs/regress/authorized_keys_root openssh-regress/regress/authorized_keys_root --- openssh-cvs/regress/authorized_keys_root Wed May 1 13:17:34 2002 +++ openssh-regress/regress/authorized_keys_root Thu Jan 1 10:00:00 1970 @@ -1,2 +0,0 @@ -ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAIEAt6ttBacbgvLPsF1VWWfT51t55/5Mj62Xp8EaoH5SNSaLiGIgrrja077lKEept75U4uKFUYU5JJX9GPE9A7Y43LXv+/A6Jm4rEj/U0s4H8tf0UmzVC3t6xh0sRK0hYVNILyoHnIAgdY8CmOiybw7p6DxJY8MRAehD3n9+kFcachU= root@xenon -1024 35 132789427207755621599908461558918671787816692978751485815532032934821830960131244604702969298486352138126114080367609979552547448841583955126231410604842765726397407176910594168641969541792069550006878863592030567875913190224374005367884774859544943329148178663694126456638431428703289837638970464685771819219 root@xenon diff -ru --new-file --exclude=CVS openssh-cvs/regress/bsd.regress.mk openssh-regress/regress/bsd.regress.mk --- openssh-cvs/regress/bsd.regress.mk Wed May 1 13:17:34 2002 +++ openssh-regress/regress/bsd.regress.mk Thu Jan 1 10:00:00 1970 @@ -1,79 +0,0 @@ -# $OpenBSD: bsd.regress.mk,v 1.9 2002/02/17 01:10:15 marc Exp $ -# No man pages for regression tests. -NOMAN= - -# No installation. -install: - -# If REGRESSTARGETS is defined and PROG is not defined, set NOPROG -.if defined(REGRESSTARGETS) && !defined(PROG) -NOPROG= -.endif - -.include - -.MAIN: all -all: regress - -# XXX - Need full path to REGRESSLOG, otherwise there will be much pain. - -REGRESSLOG?=/dev/null -REGRESSNAME=${.CURDIR:S/${BSDSRCDIR}\/regress\///} - -.if defined(PROG) && !empty(PROG) -run-regress-${PROG}: ${PROG} - ./${PROG} -.endif - -.if !defined(REGRESSTARGETS) -REGRESSTARGETS=run-regress-${PROG} -. if defined(REGRESSSKIP) -REGRESSSKIPTARGETS=run-regress-${PROG} -. endif -.endif - -REGRESSSKIPSLOW?=no - -#.if (${REGRESSSKIPSLOW:L} == "yes") && defined(REGRESSSLOWTARGETS) - -.if (${REGRESSSKIPSLOW} == "yes") && defined(REGRESSSLOWTARGETS) -REGRESSSKIPTARGETS+=${REGRESSSLOWTARGETS} -.endif - -.if defined(REGRESSROOTTARGETS) -ROOTUSER!=id -g -SUDO?= -. if (${ROOTUSER} != 0) && empty(SUDO) -REGRESSSKIPTARGETS+=${REGRESSROOTTARGETS} -. endif -.endif - -REGRESSSKIPTARGETS?= - -regress: -.for RT in ${REGRESSTARGETS} -. if ${REGRESSSKIPTARGETS:M${RT}} - @echo -n "SKIP " >> ${REGRESSLOG} -. else -# XXX - we need a better method to see if a test fails due to timeout or just -# normal failure. -. if !defined(REGRESSMAXTIME) - @if cd ${.CURDIR} && ${MAKE} ${RT}; then \ - echo -n "SUCCESS " >> ${REGRESSLOG} ; \ - else \ - echo -n "FAIL " >> ${REGRESSLOG} ; \ - echo FAILED ; \ - fi -. else - @if cd ${.CURDIR} && (ulimit -t ${REGRESSMAXTIME} ; ${MAKE} ${RT}); then \ - echo -n "SUCCESS " >> ${REGRESSLOG} ; \ - else \ - echo -n "FAIL (possible timeout) " >> ${REGRESSLOG} ; \ - echo FAILED ; \ - fi -. endif -. endif - @echo ${REGRESSNAME}/${RT:S/^run-regress-//} >> ${REGRESSLOG} -.endfor - -.PHONY: regress Binary files openssh-cvs/regress/copy.1 and openssh-regress/regress/copy.1 differ Binary files openssh-cvs/regress/copy.2 and openssh-regress/regress/copy.2 differ diff -ru --new-file --exclude=CVS openssh-cvs/regress/keygen-change.sh openssh-regress/regress/keygen-change.sh --- openssh-cvs/regress/keygen-change.sh Thu Jan 1 10:00:00 1970 +++ openssh-regress/regress/keygen-change.sh Sat Sep 28 16:24:33 2002 @@ -0,0 +1,23 @@ +# $OpenBSD: keygen-change.sh,v 1.2 2002/07/16 09:15:55 markus Exp $ +# Placed in the Public Domain. + +tid="change passphrase for key" + +S1="secret1" +S2="2secret" + +for t in rsa dsa rsa1; do + # generate user key for agent + trace "generating $t key" + rm -f $OBJ/$t-key + ${SSHKEYGEN} -q -N ${S1} -t $t -f $OBJ/$t-key + if [ $? -eq 0 ]; then + ${SSHKEYGEN} -p -P ${S1} -N ${S2} -f $OBJ/$t-key > /dev/null + if [ $? -ne 0 ]; then + fail "ssh-keygen -p failed for $t-key" + fi + else + fail "ssh-keygen for $t-key failed" + fi + rm -f $OBJ/$t-key $OBJ/$t-key.pub +done diff -ru --new-file --exclude=CVS openssh-cvs/regress/proto-version.sh openssh-regress/regress/proto-version.sh --- openssh-cvs/regress/proto-version.sh Wed May 1 13:17:34 2002 +++ openssh-regress/regress/proto-version.sh Sat Sep 28 16:24:33 2002 @@ -8,7 +8,7 @@ { version=$1 expect=$2 - banner=`echo -n | ${SSHD} -o "Protocol=${version}" -i -f ${OBJ}/sshd_proxy` + banner=`echon | ${SSHD} -o "Protocol=${version}" -i -f ${OBJ}/sshd_proxy` case ${banner} in SSH-1.99-*) proto=199 diff -ru --new-file --exclude=CVS openssh-cvs/regress/runtests.sh openssh-regress/regress/runtests.sh --- openssh-cvs/regress/runtests.sh Wed May 1 13:17:35 2002 +++ openssh-regress/regress/runtests.sh Sat Sep 28 16:24:33 2002 @@ -9,5 +9,5 @@ TEST_SSH_SFTP=../sftp TEST_SSH_SFTPSERVER=../sftp-server -pmake +make diff -ru --new-file --exclude=CVS openssh-cvs/regress/sftp.sh openssh-regress/regress/sftp.sh --- openssh-cvs/regress/sftp.sh Wed May 1 13:17:35 2002 +++ openssh-regress/regress/sftp.sh Sat Sep 28 16:24:33 2002 @@ -5,6 +5,13 @@ DATA=/bin/ls COPY=${OBJ}/copy +SFTPCMDFILE=${OBJ}/batch + +cat >$SFTPCMDFILE < /dev/null 2>&1 << EOF - version - get $DATA ${COPY}.1 - put $DATA ${COPY}.2 -EOF + rm -f ${COPY}.1 ${COPY}.2 + ${SFTP} -P ${SFTPSERVER} -B $B -R $R -b $SFTPCMDFILE \ + > /dev/null 2>&1 r=$? if [ $r -ne 0 ]; then fail "sftp failed with $r" + else + cmp $DATA ${COPY}.1 || fail "corrupted copy after get" + cmp $DATA ${COPY}.2 || fail "corrupted copy after put" fi - cmp $DATA ${COPY}.1 || fail "corrupted copy after get" - cmp $DATA ${COPY}.2 || fail "corrupted copy after put" done done +rm -f ${COPY}.1 ${COPY}.2 +rm -f $SFTPCMDFILE diff -ru --new-file --exclude=CVS openssh-cvs/regress/ssh-com-client.sh openssh-regress/regress/ssh-com-client.sh --- openssh-cvs/regress/ssh-com-client.sh Wed May 1 13:17:35 2002 +++ openssh-regress/regress/ssh-com-client.sh Sat Sep 28 16:24:33 2002 @@ -1,4 +1,4 @@ -# $OpenBSD: ssh-com-client.sh,v 1.3 2002/04/10 08:45:30 markus Exp $ +# $OpenBSD: ssh-com-client.sh,v 1.4 2002/07/16 08:58:16 markus Exp $ # Placed in the Public Domain. tid="connect with ssh.com client" @@ -15,7 +15,9 @@ 2.3.1 2.4.0 3.0.0 - 3.1.0" + 3.1.0 + 3.2.0 + 3.3.0" # 2.0.10 2.0.12 2.0.13 don't like the test setup @@ -25,7 +27,7 @@ chmod 600 ${OBJ}/id.com ${SSHKEYGEN} -i -f ${OBJ}/id.com > $OBJ/id.openssh chmod 600 ${OBJ}/id.openssh -${SSHKEYGEN} -y -f ${OBJ}/id.openssh > $OBJ/authorized_keys_$USER +${SSHKEYGEN} -y -f ${OBJ}/id.openssh > "$AUTHORIZED_KEYS_FILE" ${SSHKEYGEN} -e -f ${OBJ}/id.openssh > $OBJ/id.com.pub echo IdKey ${OBJ}/id.com > ${OBJ}/id.list diff -ru --new-file --exclude=CVS openssh-cvs/regress/ssh-com-keygen.sh openssh-regress/regress/ssh-com-keygen.sh --- openssh-cvs/regress/ssh-com-keygen.sh Wed May 1 13:17:35 2002 +++ openssh-regress/regress/ssh-com-keygen.sh Sat Sep 28 16:24:33 2002 @@ -1,4 +1,4 @@ -# $OpenBSD: ssh-com-keygen.sh,v 1.1 2002/03/27 22:40:27 markus Exp $ +# $OpenBSD: ssh-com-keygen.sh,v 1.2 2002/07/16 08:58:16 markus Exp $ # Placed in the Public Domain. tid="ssh.com key import" @@ -18,7 +18,9 @@ 2.3.1 2.4.0 3.0.0 - 3.1.0" + 3.1.0 + 3.2.0 + 3.3.0" COMPRV=${OBJ}/comkey COMPUB=${COMPRV}.pub diff -ru --new-file --exclude=CVS openssh-cvs/regress/ssh-com-sftp.sh openssh-regress/regress/ssh-com-sftp.sh --- openssh-cvs/regress/ssh-com-sftp.sh Wed May 1 13:17:35 2002 +++ openssh-regress/regress/ssh-com-sftp.sh Sat Sep 28 16:24:33 2002 @@ -1,10 +1,17 @@ -# $OpenBSD: ssh-com-sftp.sh,v 1.2 2002/04/10 08:45:30 markus Exp $ +# $OpenBSD: ssh-com-sftp.sh,v 1.3 2002/07/16 08:58:16 markus Exp $ # Placed in the Public Domain. tid="basic sftp put/get with ssh.com server" DATA=/bin/ls COPY=${OBJ}/copy +SFTPCMDFILE=${OBJ}/batch + +cat >$SFTPCMDFILE < /dev/null 2>&1 << EOF - version - get $DATA ${COPY}.1 - put $DATA ${COPY}.2 -EOF + ${SFTP} -P ${server} -B $B -R $R -b $SFTPCMDFILE \ + > /dev/null 2>&1 r=$? if [ $r -ne 0 ]; then fail "sftp failed with $r" + else + cmp $DATA ${COPY}.1 || fail "corrupted copy after get" + cmp $DATA ${COPY}.2 || fail "corrupted copy after put" fi - cmp $DATA ${COPY}.1 || fail "corrupted copy after get" - cmp $DATA ${COPY}.2 || fail "corrupted copy after put" done done done +rm -f ${COPY}.1 ${COPY}.2 +rm -f $SFTPCMDFILE diff -ru --new-file --exclude=CVS openssh-cvs/regress/ssh-com.sh openssh-regress/regress/ssh-com.sh --- openssh-cvs/regress/ssh-com.sh Wed May 1 13:17:35 2002 +++ openssh-regress/regress/ssh-com.sh Sat Sep 28 16:24:33 2002 @@ -1,4 +1,4 @@ -# $OpenBSD: ssh-com.sh,v 1.3 2002/03/15 13:08:56 markus Exp $ +# $OpenBSD: ssh-com.sh,v 1.4 2002/07/16 08:58:16 markus Exp $ # Placed in the Public Domain. tid="connect to ssh.com server" @@ -14,17 +14,19 @@ 2.1.0 2.2.0 2.3.0 - 2.3.1 2.4.0 3.0.0 - 3.1.0" + 3.1.0 + 3.2.0 + 3.3.0" # 2.0.10 does not support UserConfigDirectory +# 2.3.1 requires a config in $HOME/.ssh2 SRC=`dirname ${SCRIPT}` # ssh.com cat << EOF > $OBJ/sshd2_config -*: +#*: # Port and ListenAdress are not used. QuietMode yes Port 4343 @@ -63,7 +65,7 @@ # convert and append DSA hostkey ( - echo -n 'ssh2-localhost-with-alias,127.0.0.1,::1 ' + echon 'ssh2-localhost-with-alias,127.0.0.1,::1 ' ${SSHKEYGEN} -if ${SRC}/dsa_ssh2.pub ) >> $OBJ/known_hosts diff -ru --new-file --exclude=CVS openssh-cvs/regress/stderr-after-eof.sh openssh-regress/regress/stderr-after-eof.sh --- openssh-cvs/regress/stderr-after-eof.sh Wed May 1 13:17:35 2002 +++ openssh-regress/regress/stderr-after-eof.sh Sat Sep 28 16:24:33 2002 @@ -7,13 +7,23 @@ DATA=${OBJ}/data COPY=${OBJ}/copy -MD5=md5sum +if [ -x "`which md5sum`" ]; then + CHECKSUM=md5sum +elif [ -x "`which openssl`" ]; then + CHECKSUM="openssl md5" +elif [ -x "`which cksum`" ]; then + CHECKSUM=cksum +elif [ -x "`which sum`" ]; then + CHECKSUM=sum +else + fatal "No checksum program available, aborting $tid test" +fi # setup data rm -f ${DATA} ${COPY} cp /dev/null ${DATA} for i in 1 2 3 4 5 6; do - (date;echo $i) | $MD5 >> ${DATA} + (date;echo $i) | $CHECKSUM >> ${DATA} done ${SSH} -2 -F $OBJ/ssh_proxy otherhost \ diff -ru --new-file --exclude=CVS openssh-cvs/regress/test-exec.sh openssh-regress/regress/test-exec.sh --- openssh-cvs/regress/test-exec.sh Wed May 1 13:17:35 2002 +++ openssh-regress/regress/test-exec.sh Sat Sep 28 19:28:34 2002 @@ -2,9 +2,21 @@ # Placed in the Public Domain. PORT=4242 -USER=`id -un` -SUDO= -#SUDO=sudo +#SUDO= + +if [ -x /usr/ucb/whoami ]; then + USER=`/usr/ucb/whoami` +elif [ -x "`which whoami`" ]; then + USER=`whoami` +else + USER=`id -un` +fi + +if [ -x "`which hostname`" ]; then + HOSTNAME="`hostname`" +else + HOSTNAME="unknown" +fi OBJ=$1 if [ "x$OBJ" = "x" ]; then @@ -40,7 +52,7 @@ SSHKEYGEN=ssh-keygen SSHKEYSCAN=ssh-keyscan SFTP=sftp -SFTPSERVER=/usr/libexec/openssh/sftp-server +SFTPSERVER=sftp-server if [ "x$TEST_SSH_SSH" != "x" ]; then SSH=${TEST_SSH_SSH} @@ -66,12 +78,30 @@ if [ "x$TEST_SSH_SFTPSERVER" != "x" ]; then SFTPSERVER=${TEST_SSH_SFTPSERVER} fi +if [ "x${AUTHORIZED_KEYS_DIR}" = "x" ]; then + AUTHORIZED_KEYS_FILE="$OBJ/authorized_keys_$USER" #openbsd default +else + AUTHORIZED_KEYS_FILE=${AUTHORIZED_KEYS_DIR}/authorized_keys_regress_${USER}_${HOSTNAME} + test ! -d ${AUTHORIZED_KEYS_DIR} && mkdir -p ${AUTHORIZED_KEYS_DIR} + chmod 700 ${AUTHORIZED_KEYS_DIR} +fi # these should be used in tests -export SSH SSHD SSHAGENT SSHADD SSHKEYGEN SSHKEYSCAN SFTP SFTPSERVER +export SSH SSHD SSHAGENT SSHADD SSHKEYGEN SSHKEYSCAN SFTP SFTPSERVER AUTHORIZED_KEYS_FILE #echo $SSH $SSHD $SSHAGENT $SSHADD $SSHKEYGEN $SSHKEYSCAN $SFTP $SFTPSERVER # helper +echon() +{ + if [ "x`echo -n`" = "x" ]; then + echo -n "$@" + elif [ "x`echo '\c'`" = "x" ]; then + echo "$@\c" + else + fatal "Don't know how to echo without newline." + fi +} + cleanup () { if [ -f $PIDFILE ]; then @@ -86,6 +116,7 @@ fi fi fi + rm -f $AUTHORIZED_KEYS_FILE } trace () @@ -111,7 +142,7 @@ fatal () { - echo -n "FATAL: " + echon "FATAL: " fail "$@" cleanup exit $RESULT @@ -128,8 +159,9 @@ ListenAddress 127.0.0.1 #ListenAddress ::1 PidFile $PIDFILE - AuthorizedKeysFile $OBJ/authorized_keys_%u - LogLevel QUIET + AuthorizedKeysFile $AUTHORIZED_KEYS_FILE + KeepAlive no + LogLevel VERBOSE EOF # server config for proxy connects @@ -158,7 +190,7 @@ StrictHostKeyChecking yes EOF -rm -f $OBJ/known_hosts $OBJ/authorized_keys_$USER +rm -f $OBJ/known_hosts $AUTHORIZED_KEYS_FILE trace "generate keys" for t in rsa rsa1; do @@ -169,12 +201,12 @@ # known hosts file for client ( - echo -n 'localhost-with-alias,127.0.0.1,::1 ' + echon 'localhost-with-alias,127.0.0.1,::1 ' cat $OBJ/$t.pub ) >> $OBJ/known_hosts # setup authorized keys - cat $OBJ/$t.pub >> $OBJ/authorized_keys_$USER + cat $OBJ/$t.pub >> $AUTHORIZED_KEYS_FILE echo IdentityFile $OBJ/$t >> $OBJ/ssh_config # use key as host key, too @@ -184,12 +216,12 @@ # don't use SUDO for proxy connect echo HostKey $OBJ/$t >> $OBJ/sshd_proxy done -chmod 644 $OBJ/authorized_keys_$USER +chmod 644 $AUTHORIZED_KEYS_FILE # create a proxy version of the client config ( cat $OBJ/ssh_config - echo proxycommand ${SSHD} -i -f $OBJ/sshd_proxy + echo proxycommand ${SUDO} ${SSHD} -i -f $OBJ/sshd_proxy ) > $OBJ/ssh_proxy # check proxy config @@ -203,7 +235,7 @@ trace "wait for sshd" i=0; - while [ ! -f $PIDFILE -a $i -lt 5 ]; do + while [ ! -f $PIDFILE -a $i -lt 10 ]; do i=`expr $i + 1` sleep $i done diff -ru --new-file --exclude=CVS openssh-cvs/ssh_config openssh-regress/ssh_config --- openssh-cvs/ssh_config Sat Jul 6 15:03:28 2002 +++ openssh-regress/ssh_config Sat Sep 28 16:57:36 2002 @@ -1,36 +1,18 @@ -# $OpenBSD: ssh_config,v 1.16 2002/07/03 14:21:05 markus Exp $ - -# This is the ssh client system-wide configuration file. See -# ssh_config(5) for more information. This file provides defaults for -# users, and the values can be changed in per-user configuration files -# or on the command line. - -# Configuration data is parsed as follows: -# 1. command line options -# 2. user-specific file -# 3. system-wide file -# Any configuration value is only changed the first time it is set. -# Thus, host-specific definitions should be at the beginning of the -# configuration file, and defaults at the end. - -# Site-wide defaults for various options - -# Host * -# ForwardAgent no -# ForwardX11 no -# RhostsAuthentication no -# RhostsRSAAuthentication no -# RSAAuthentication yes -# PasswordAuthentication yes -# HostbasedAuthentication no -# BatchMode no -# CheckHostIP yes -# StrictHostKeyChecking ask -# IdentityFile ~/.ssh/identity -# IdentityFile ~/.ssh/id_rsa -# IdentityFile ~/.ssh/id_dsa -# Port 22 -# Protocol 2,1 -# Cipher 3des -# Ciphers aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour,aes192-cbc,aes256-cbc -# EscapeChar ~ +Host * + Hostname 127.0.0.1 + HostKeyAlias localhost-with-alias + Port 4242 + User dtucker + GlobalKnownHostsFile /home/dtucker/openssh/openssh-regressmerge/known_hosts + UserKnownHostsFile /home/dtucker/openssh/openssh-regressmerge/known_hosts + RSAAuthentication yes + PubkeyAuthentication yes + ChallengeResponseAuthentication no + HostbasedAuthentication no + PasswordAuthentication no + RhostsAuthentication no + RhostsRSAAuthentication no + BatchMode yes + StrictHostKeyChecking yes +IdentityFile /home/dtucker/openssh/openssh-regressmerge/rsa +IdentityFile /home/dtucker/openssh/openssh-regressmerge/rsa1 diff -ru --new-file --exclude=CVS openssh-cvs/sshd_config openssh-regress/sshd_config --- openssh-cvs/sshd_config Fri Sep 27 20:22:06 2002 +++ openssh-regress/sshd_config Sat Sep 28 16:57:36 2002 @@ -1,93 +1,8 @@ -# $OpenBSD: sshd_config,v 1.59 2002/09/25 11:17:16 markus Exp $ - -# This is the sshd server system-wide configuration file. See -# sshd_config(5) for more information. - -# This sshd was compiled with PATH=/usr/bin:/bin:/usr/sbin:/sbin - -# The strategy used for options in the default sshd_config shipped with -# OpenSSH is to specify options with their default value where -# possible, but leave them commented. Uncommented options change a -# default value. - -#Port 22 -#Protocol 2,1 -#ListenAddress 0.0.0.0 -#ListenAddress :: - -# HostKey for protocol version 1 -#HostKey /etc/ssh/ssh_host_key -# HostKeys for protocol version 2 -#HostKey /etc/ssh/ssh_host_rsa_key -#HostKey /etc/ssh/ssh_host_dsa_key - -# Lifetime and size of ephemeral version 1 server key -#KeyRegenerationInterval 3600 -#ServerKeyBits 768 - -# Logging -#obsoletes QuietMode and FascistLogging -#SyslogFacility AUTH -#LogLevel INFO - -# Authentication: - -#LoginGraceTime 120 -#PermitRootLogin yes -#StrictModes yes - -#RSAAuthentication yes -#PubkeyAuthentication yes -#AuthorizedKeysFile .ssh/authorized_keys - -# rhosts authentication should not be used -#RhostsAuthentication no -# Don't read the user's ~/.rhosts and ~/.shosts files -#IgnoreRhosts yes -# For this to work you will also need host keys in /etc/ssh/ssh_known_hosts -#RhostsRSAAuthentication no -# similar for protocol version 2 -#HostbasedAuthentication no -# Change to yes if you don't trust ~/.ssh/known_hosts for -# RhostsRSAAuthentication and HostbasedAuthentication -#IgnoreUserKnownHosts no - -# To disable tunneled clear text passwords, change to no here! -#PasswordAuthentication yes -#PermitEmptyPasswords no - -# Change to no to disable s/key passwords -#ChallengeResponseAuthentication yes - -# Kerberos options -#KerberosAuthentication no -#KerberosOrLocalPasswd yes -#KerberosTicketCleanup yes - -#AFSTokenPassing no - -# Kerberos TGT Passing only works with the AFS kaserver -#KerberosTgtPassing no - -# Set this to 'yes' to enable PAM keyboard-interactive authentication -# Warning: enabling this may bypass the setting of 'PasswordAuthentication' -#PAMAuthenticationViaKbdInt no - -#X11Forwarding no -#X11DisplayOffset 10 -#X11UseLocalhost yes -#PrintMotd yes -#PrintLastLog yes -#KeepAlive yes -#UseLogin no -#UsePrivilegeSeparation yes -#PermitUserEnvironment no -#Compression yes - -#MaxStartups 10 -# no default banner path -#Banner /some/path -#VerifyReverseMapping no - -# override default of no subsystems -Subsystem sftp /usr/libexec/sftp-server + Port 4242 + ListenAddress 127.0.0.1 + #ListenAddress ::1 + PidFile /home/dtucker/openssh/openssh-regressmerge/pidfile + AuthorizedKeysFile /home/dtucker/.ssh/authorized_keys_test_dtucker + LogLevel QUIET +HostKey /home/dtucker/openssh/openssh-regressmerge/host.rsa +HostKey /home/dtucker/openssh/openssh-regressmerge/host.rsa1