Hi All. Attached is a patch (against OpenSSH Portable -current) to portablize the regression tests. It will also apply to OpenBSD's (with a couple of rejects). They are based on work by Roumen Petrov and myself, with contributions from Corinna Vinschen and David M Williams. My goal is to have the tests work out of the box on as many of our supported platforms as possible so running the tests can be a routine part of an install. This patch has been tested on Solaris 8, HP-UX 11.00, Redhat 8. Previous versions have been tested by me or others on AIX (4.2.1, 4.3.3 5.1), NetBSD, OpenBSD, Cygwin, earlier Solarises (2.6, 7) and Mac OS X. If anyone wants to try this patch, you will need to apply it to an up to date CVS tree or a recent snapshot (ie the last day or so): $ cd openssh $ patch -p0 </tmp/openssh-regress3.patch $ ./configure && make tests -Daz. Changes made and the reasons: General: grep -q -> grep >/dev/null echo -n -> echon Use $EXEEXT where /bin/ls is used as a data file. top-level Makefile: Hooks to run from top-level make. Makefile: HP-UX, AIX don't have /dev/stdin or /dev/stdout. General replacement for BSD make specific stuff. agent-getpeereid.sh HP-UX doesn't have getpeereid(). Skip if HAVE_GETPEEREID is not defined. agent-ptrace.sh: Doesn't work on some platforms. Skip those. reconfigure.sh: sshd is not always in /usr/sbin. rekey.sh: HP-UX does not have /dev/zero. The sparse file will take less disk space too. sftp-cmds.sh: Solaris has unreadable files in /bin (eg /bin/lp). HP-UX, AIX don't have /dev/stdin or /dev/stdout. Some echo's don't understand "\n". sftp.sh, ssh-com-sftp.sh, ssh-com.sh: HP-UX, AIX don't have /dev/stdin or /dev/stdout. stderr-after-eof.sh: Find a usable checksum program... test-exec.sh: Solaris' "id" does not understand -n. Echoing without newline is wonderfully inconsistent across platforms. Startup delay of 5 was not enough for some slower machines. Use StrictModes no because some platforms by default have directory perms that sshd doesn't like (eg AIX's root dir is by default owned by bin.bin). -- Darren Tucker (dtucker at zip.com.au) GPG key 8FF4FA69 / D9A3 86E9 7EEE AF4B B2D4 37C9 C982 80C7 8FF4 FA69 Good judgement comes with experience. Unfortunately, the experience usually comes from bad judgement. -------------- next part -------------- Index: Makefile.in ==================================================================RCS file: /usr/local/src/security/openssh/cvs/openssh_cvs/Makefile.in,v retrieving revision 1.238 diff -u -r1.238 Makefile.in --- Makefile.in 5 Jun 2003 08:53:43 -0000 1.238 +++ Makefile.in 20 Jun 2003 13:04:41 -0000 @@ -190,6 +190,7 @@ rm -f *.o *.a $(TARGETS) logintest config.cache config.log rm -f *.out core (cd openbsd-compat && $(MAKE) clean) + (cd $(srcdir)/regress && $(MAKE) $@) distclean: rm -f *.o *.a $(TARGETS) logintest config.cache config.log @@ -361,3 +362,30 @@ -rm -f $(DESTDIR)$(mandir)/$(mansubdir)8/sftp-server.8 -rm -f $(DESTDIR)$(mandir)/$(mansubdir)8/ssh-keysign.8 -rm -f $(DESTDIR)$(mandir)/$(mansubdir)1/slogin.1 + +tests: $(TARGETS) + BUILDDIR=`pwd`; \ + TEST_SSH_SSH="$${BUILDDIR}/ssh"; \ + TEST_SSH_SSHD="$${BUILDDIR}/sshd"; \ + TEST_SSH_SSHAGENT="$${BUILDDIR}/ssh-agent"; \ + TEST_SSH_SSHADD="$${BUILDDIR}/ssh-add"; \ + TEST_SSH_SSHKEYGEN="$${BUILDDIR}/ssh-keygen"; \ + TEST_SSH_SSHKEYSCAN="$${BUILDDIR}/ssh-keyscan"; \ + TEST_SSH_SFTP="$${BUILDDIR}/sftp"; \ + TEST_SSH_SFTPSERVER="$${BUILDDIR}/sftp-server"; \ + cd $(srcdir)/regress || exit $$?; \ + $(MAKE) \ + .OBJDIR="$${BUILDDIR}" \ + .CURDIR="`pwd`" \ + OBJ="$${BUILDDIR}" \ + PATH="$${BUILDDIR}:$${PATH}" \ + TEST_SSH_SSH="$${TEST_SSH_SSH}" \ + TEST_SSH_SSHD="$${TEST_SSH_SSHD}" \ + TEST_SSH_SSHAGENT="$${TEST_SSH_SSHAGENT}" \ + TEST_SSH_SSHADD="$${TEST_SSH_SSHADD}" \ + TEST_SSH_SSHKEYGEN="$${TEST_SSH_SSHKEYGEN}" \ + TEST_SSH_SSHKEYSCAN="$${TEST_SSH_SSHKEYSCAN}" \ + TEST_SSH_SFTP="$${TEST_SSH_SFTP}" \ + TEST_SSH_SFTPSERVER="$${TEST_SSH_SFTPSERVER}" \ + EXEEXT="$${EXEEXT}" \ + $@ Index: regress/Makefile ==================================================================RCS file: /usr/local/src/security/openssh/cvs/openssh_cvs/regress/Makefile,v retrieving revision 1.5 diff -u -r1.5 Makefile --- regress/Makefile 18 Jun 2003 12:45:34 -0000 1.5 +++ regress/Makefile 20 Jun 2003 09:52:42 -0000 @@ -1,8 +1,11 @@ # $OpenBSD: Makefile,v 1.23 2003/06/12 15:43:32 markus Exp $ -REGRESS_TARGETS= t1 t2 t3 t4 t5 t6 t7 +REGRESS_TARGETS= t1 t2 t3 t4 t5 t6 t7 t-exec +tests: $(REGRESS_TARGETS) CLEANFILES+= t2.out t6.out1 t6.out2 t7.out t7.out.pub copy.1 copy.2 +clean: + @for F in $(CLEANFILES); do rm -f $(OBJ)/$${F}; done LTESTS= connect \ proxy-connect \ @@ -30,7 +33,6 @@ reconfigure \ forwarding -USER!= id -un CLEANFILES+= authorized_keys_${USER} known_hosts pidfile \ ssh_config ssh_proxy sshd_config sshd_proxy \ rsa.pub rsa rsa1.pub rsa1 host.rsa host.rsa1 \ @@ -48,9 +50,9 @@ ssh-keygen -yf t2.out | diff - ${.CURDIR}/rsa_openssh.pub t3: - ssh-keygen -ef ${.CURDIR}/rsa_openssh.pub |\ - ssh-keygen -if /dev/stdin |\ - diff - ${.CURDIR}/rsa_openssh.pub + ssh-keygen -ef ${.CURDIR}/rsa_openssh.pub >$(OBJ)/rsa_secsh.pub + ssh-keygen -if $(OBJ)/rsa_secsh.pub | diff - ${.CURDIR}/rsa_openssh.pub + rm -f ${.CURDIR}/rsa_secsh.pub t4: ssh-keygen -lf ${.CURDIR}/rsa_openssh.pub |\ @@ -73,10 +75,9 @@ ssh-keygen -lf t7.out > /dev/null ssh-keygen -Bf t7.out > /dev/null -.for t in ${LTESTS} -REGRESS_TARGETS+=t-${t} -t-${t}: - sh ${.CURDIR}/test-exec.sh ${.OBJDIR} ${.CURDIR}/${t}.sh -.endfor - -.include "bsd.regress.mk" +t-exec: ${LTESTS:=.sh} + @if [ "x$?" = "x" ]; then exit 0; fi; \ + for TEST in ""$?; do \ + echo "run test $${TEST}" ... 1>&2; \ + (sh ${.CURDIR}/test-exec.sh ${.OBJDIR} ${.CURDIR}/$${TEST}) || exit $$?; \ + done Index: regress/agent-getpeereid.sh ==================================================================RCS file: /usr/local/src/security/openssh/cvs/openssh_cvs/regress/agent-getpeereid.sh,v retrieving revision 1.1 diff -u -r1.1 agent-getpeereid.sh --- regress/agent-getpeereid.sh 22 Jan 2003 06:53:17 -0000 1.1 +++ regress/agent-getpeereid.sh 20 Jun 2003 13:18:59 -0000 @@ -7,6 +7,12 @@ ASOCK=${OBJ}/agent SSH_AUTH_SOCK=/nonexistant +if grep "#undef.*HAVE_GETPEEREID" ${OBJ}/config.h >/dev/null 2>&1 +then + echo "skipped (not supported on this platform)" + exit 0 +fi + trace "start agent" eval `${SSHAGENT} -s -a ${ASOCK}` > /dev/null r=$? Index: regress/agent-ptrace.sh ==================================================================RCS file: /usr/local/src/security/openssh/cvs/openssh_cvs/regress/agent-ptrace.sh,v retrieving revision 1.1 diff -u -r1.1 agent-ptrace.sh --- regress/agent-ptrace.sh 22 Jan 2003 06:53:17 -0000 1.1 +++ regress/agent-ptrace.sh 20 Jun 2003 12:30:07 -0000 @@ -3,6 +3,20 @@ tid="disallow agent ptrace attach" +if [ -x `which uname` ]; then + case `uname` in + Linux|HP-UX|SunOS) + echo "skipped (not supported)" + exit 0 + ;; + esac +fi + +if [ ! -x `which gdb` ]; then + echo "skipped (gdb not found)" + exit 0 +fi + trace "start agent" eval `${SSHAGENT} -s` > /dev/null r=$? @@ -16,7 +30,7 @@ if [ $? -ne 0 ]; then fail "gdb failed: exit code $?" fi - grep -q 'ptrace: Operation not permitted.' ${OBJ}/gdb.out + grep 'ptrace: Operation not permitted.' >/dev/null ${OBJ}/gdb.out r=$? rm -f ${OBJ}/gdb.out if [ $r -ne 0 ]; then Index: regress/agent-timeout.sh ==================================================================RCS file: /usr/local/src/security/openssh/cvs/openssh_cvs/regress/agent-timeout.sh,v retrieving revision 1.1 diff -u -r1.1 agent-timeout.sh --- regress/agent-timeout.sh 22 Jan 2003 06:53:17 -0000 1.1 +++ regress/agent-timeout.sh 20 Jun 2003 08:53:23 -0000 @@ -26,7 +26,7 @@ trace "sleeping 2*${TIMEOUT} seconds" sleep ${TIMEOUT} sleep ${TIMEOUT} - ${SSHADD} -l 2> /dev/null | grep -q 'The agent has no identities.' + ${SSHADD} -l 2> /dev/null | grep 'The agent has no identities.' >/dev/null if [ $? -ne 0 ]; then fail "ssh-add -l still returns keys after timeout" fi Index: regress/agent.sh ==================================================================RCS file: /usr/local/src/security/openssh/cvs/openssh_cvs/regress/agent.sh,v retrieving revision 1.1 diff -u -r1.1 agent.sh --- regress/agent.sh 1 May 2002 03:17:34 -0000 1.1 +++ regress/agent.sh 20 Jun 2003 08:54:16 -0000 @@ -19,7 +19,7 @@ fail "ssh-add -l did not fail with exit code 1" fi trace "overwrite authorized keys" - echo -n > $OBJ/authorized_keys_$USER + echon > $OBJ/authorized_keys_$USER for t in rsa rsa1; do # generate user key for agent rm -f $OBJ/$t-agent Index: regress/proto-version.sh ==================================================================RCS file: /usr/local/src/security/openssh/cvs/openssh_cvs/regress/proto-version.sh,v retrieving revision 1.1 diff -u -r1.1 proto-version.sh --- regress/proto-version.sh 1 May 2002 03:17:34 -0000 1.1 +++ regress/proto-version.sh 20 Jun 2003 08:55:35 -0000 @@ -8,7 +8,7 @@ { version=$1 expect=$2 - banner=`echo -n | ${SSHD} -o "Protocol=${version}" -i -f ${OBJ}/sshd_proxy` + banner=`echon | ${SSHD} -o "Protocol=${version}" -i -f ${OBJ}/sshd_proxy` case ${banner} in SSH-1.99-*) proto=199 Index: regress/reconfigure.sh ==================================================================RCS file: /usr/local/src/security/openssh/cvs/openssh_cvs/regress/reconfigure.sh,v retrieving revision 1.1 diff -u -r1.1 reconfigure.sh --- regress/reconfigure.sh 18 Jun 2003 12:18:57 -0000 1.1 +++ regress/reconfigure.sh 20 Jun 2003 08:57:17 -0000 @@ -4,7 +4,14 @@ tid="simple connect after reconfigure" # we need the full path to sshd for -HUP -SSHD=/usr/sbin/sshd +case $SSHD in +/*) + # full path is OK + ;; +*) + # otherwise make fully qualified + SSHD=$OBJ/$SSHD +esac start_sshd Index: regress/rekey.sh ==================================================================RCS file: /usr/local/src/security/openssh/cvs/openssh_cvs/regress/rekey.sh,v retrieving revision 1.1 diff -u -r1.1 rekey.sh --- regress/rekey.sh 18 Jun 2003 12:18:57 -0000 1.1 +++ regress/rekey.sh 20 Jun 2003 11:36:58 -0000 @@ -8,7 +8,7 @@ LOG=${OBJ}/log rm -f ${COPY} ${LOG} ${DATA} -dd if=/dev/zero of=${DATA} bs=1k count=512 > /dev/null 2>&1 +dd if=/bin/ls${EXEEXT} of=${DATA} bs=1k seek=511 count=1 > /dev/null 2>&1 for s in 16 1k 128k 256k; do trace "rekeylimit ${s}" Index: regress/sftp-badcmds.sh ==================================================================RCS file: /usr/local/src/security/openssh/cvs/openssh_cvs/regress/sftp-badcmds.sh,v retrieving revision 1.1 diff -u -r1.1 sftp-badcmds.sh --- regress/sftp-badcmds.sh 18 Jun 2003 12:18:57 -0000 1.1 +++ regress/sftp-badcmds.sh 20 Jun 2003 11:27:51 -0000 @@ -3,8 +3,8 @@ tid="sftp invalid commands" -DATA=/bin/ls -DATA2=/bin/cat +DATA=/bin/ls${EXEEXT} +DATA2=/bin/cat${EXEEXT} NONEXIST=/NONEXIST.$$ COPY=${OBJ}/copy GLOBFILES=`(cd /bin;echo l*)` Index: regress/sftp-batch.sh ==================================================================RCS file: /usr/local/src/security/openssh/cvs/openssh_cvs/regress/sftp-batch.sh,v retrieving revision 1.1 diff -u -r1.1 sftp-batch.sh --- regress/sftp-batch.sh 22 Jan 2003 06:53:17 -0000 1.1 +++ regress/sftp-batch.sh 20 Jun 2003 11:28:05 -0000 @@ -3,7 +3,7 @@ tid="sftp batchfile" -DATA=/bin/ls +DATA=/bin/ls${EXEEXT} COPY=${OBJ}/copy BATCH=${OBJ}/sftp-batch Index: regress/sftp-cmds.sh ==================================================================RCS file: /usr/local/src/security/openssh/cvs/openssh_cvs/regress/sftp-cmds.sh,v retrieving revision 1.3 diff -u -r1.3 sftp-cmds.sh --- regress/sftp-cmds.sh 18 Jun 2003 12:41:41 -0000 1.3 +++ regress/sftp-cmds.sh 20 Jun 2003 11:33:53 -0000 @@ -7,9 +7,15 @@ tid="sftp commands" -DATA=/bin/ls +DATA=/bin/ls${EXEEXT} COPY=${OBJ}/copy -GLOBFILES=`(cd /bin;echo l*)` +# test that these files are readable! +for i in `(cd /bin;echo l*)` +do + if [ -r $i ]; then + GLOBFILES="$GLOBFILES $i" + fi +done rm -rf ${COPY} ${COPY}.1 ${COPY}.2 ${COPY}.dd ${COPY}.dd2 ${BATCH}.* mkdir ${COPY}.dd @@ -59,7 +65,7 @@ verbose "$tid: get to directory" echo "get $DATA ${COPY}.dd" | ${SFTP} -P ${SFTPSERVER} >/dev/null 2>&1 \ || fail "get failed" -cmp $DATA ${COPY}.dd/ls || fail "corrupted copy after get" +cmp $DATA ${COPY}.dd/`basename $DATA` || fail "corrupted copy after get" rm -f ${COPY}.dd/* verbose "$tid: glob get to directory" @@ -71,13 +77,13 @@ rm -f ${COPY}.dd/* verbose "$tid: get to local dir" -echo "lcd ${COPY}.dd\nget $DATA" | ${SFTP} -P ${SFTPSERVER} >/dev/null 2>&1 \ +(echo "lcd ${COPY}.dd"; echo "get $DATA" ) | ${SFTP} -P ${SFTPSERVER} >/dev/null 2>&1 \ || fail "get failed" -cmp $DATA ${COPY}.dd/ls || fail "corrupted copy after get" +cmp $DATA ${COPY}.dd/`basename $DATA` || fail "corrupted copy after get" rm -f ${COPY}.dd/* verbose "$tid: glob get to local dir" -echo "lcd ${COPY}.dd\nget /bin/l*" | ${SFTP} -P ${SFTPSERVER} >/dev/null 2>&1 \ +(echo "lcd ${COPY}.dd"; echo "get /bin/l*") | ${SFTP} -P ${SFTPSERVER} >/dev/null 2>&1 \ || fail "get failed" for x in $GLOBFILES; do cmp /bin/$x ${COPY}.dd/$x || fail "corrupted copy after get" @@ -93,7 +99,7 @@ verbose "$tid: put to directory" echo "put $DATA ${COPY}.dd" | ${SFTP} -P ${SFTPSERVER} >/dev/null 2>&1 \ || fail "put failed" -cmp $DATA ${COPY}.dd/ls || fail "corrupted copy after put" +cmp $DATA ${COPY}.dd/`basename $DATA` || fail "corrupted copy after put" rm -f ${COPY}.dd/* verbose "$tid: glob put to directory" @@ -105,13 +111,13 @@ rm -f ${COPY}.dd/* verbose "$tid: put to local dir" -echo "cd ${COPY}.dd\nput $DATA" | ${SFTP} -P ${SFTPSERVER} >/dev/null 2>&1 \ +(echo "cd ${COPY}.dd"; echo "put $DATA") | ${SFTP} -P ${SFTPSERVER} >/dev/null 2>&1 \ || fail "put failed" -cmp $DATA ${COPY}.dd/ls || fail "corrupted copy after put" +cmp $DATA ${COPY}.dd/`basename $DATA` || fail "corrupted copy after put" rm -f ${COPY}.dd/* verbose "$tid: glob put to local dir" -echo "cd ${COPY}.dd\nput /bin/l*" | ${SFTP} -P ${SFTPSERVER} >/dev/null 2>&1 \ +(echo "cd ${COPY}.dd"; echo "put /bin/l*") | ${SFTP} -P ${SFTPSERVER} >/dev/null 2>&1 \ || fail "put failed" for x in $GLOBFILES; do cmp /bin/$x ${COPY}.dd/$x || fail "corrupted copy after put" @@ -131,7 +137,7 @@ verbose "$tid: ln" echo "ln ${COPY}.1 ${COPY}.2" | ${SFTP} -P ${SFTPSERVER} >/dev/null 2>&1 || fail "ln failed" -test -L ${COPY}.2 || fail "missing file after ln" +test -h ${COPY}.2 || fail "missing file after ln" verbose "$tid: mkdir" echo "mkdir ${COPY}.dd" | ${SFTP} -P ${SFTPSERVER} >/dev/null 2>&1 \ Index: regress/sftp.sh ==================================================================RCS file: /usr/local/src/security/openssh/cvs/openssh_cvs/regress/sftp.sh,v retrieving revision 1.1 diff -u -r1.1 sftp.sh --- regress/sftp.sh 1 May 2002 03:17:35 -0000 1.1 +++ regress/sftp.sh 20 Jun 2003 11:34:57 -0000 @@ -3,8 +3,15 @@ tid="basic sftp put/get" -DATA=/bin/ls +DATA=/bin/ls${EXEEXT} COPY=${OBJ}/copy +SFTPCMDFILE=${OBJ}/batch + +cat >$SFTPCMDFILE <<EOF +version +get $DATA ${COPY}.1 +put $DATA ${COPY}.2 +EOF BUFFERSIZE="5 1000 32000 64000" REQUESTS="1 2 10" @@ -12,18 +19,17 @@ for B in ${BUFFERSIZE}; do for R in ${REQUESTS}; do verbose "test $tid: buffer_size $B num_requests $R" - rm -f ${COPY}.1 ${COPY}.2 - ${SFTP} -P ${SFTPSERVER} -B $B -R $R -b /dev/stdin \ - > /dev/null 2>&1 << EOF - version - get $DATA ${COPY}.1 - put $DATA ${COPY}.2 -EOF + rm -f ${COPY}.1 ${COPY}.2 + ${SFTP} -P ${SFTPSERVER} -B $B -R $R -b $SFTPCMDFILE \ + > /dev/null 2>&1 r=$? if [ $r -ne 0 ]; then fail "sftp failed with $r" + else + cmp $DATA ${COPY}.1 || fail "corrupted copy after get" + cmp $DATA ${COPY}.2 || fail "corrupted copy after put" fi - cmp $DATA ${COPY}.1 || fail "corrupted copy after get" - cmp $DATA ${COPY}.2 || fail "corrupted copy after put" done done +rm -f ${COPY}.1 ${COPY}.2 +rm -f $SFTPCMDFILE Index: regress/ssh-com-client.sh ==================================================================RCS file: /usr/local/src/security/openssh/cvs/openssh_cvs/regress/ssh-com-client.sh,v retrieving revision 1.3 diff -u -r1.3 ssh-com-client.sh --- regress/ssh-com-client.sh 18 Jun 2003 12:36:48 -0000 1.3 +++ regress/ssh-com-client.sh 20 Jun 2003 11:35:13 -0000 @@ -64,7 +64,7 @@ # we need a real server (no ProxyConnect option) start_sshd -DATA=/bin/ls +DATA=/bin/ls${EXEEXT} COPY=${OBJ}/copy rm -f ${COPY} Index: regress/ssh-com-sftp.sh ==================================================================RCS file: /usr/local/src/security/openssh/cvs/openssh_cvs/regress/ssh-com-sftp.sh,v retrieving revision 1.3 diff -u -r1.3 ssh-com-sftp.sh --- regress/ssh-com-sftp.sh 18 Jun 2003 12:36:49 -0000 1.3 +++ regress/ssh-com-sftp.sh 20 Jun 2003 11:35:27 -0000 @@ -3,8 +3,15 @@ tid="basic sftp put/get with ssh.com server" -DATA=/bin/ls +DATA=/bin/ls${EXEEXT} COPY=${OBJ}/copy +SFTPCMDFILE=${OBJ}/batch + +cat >$SFTPCMDFILE <<EOF +version +get $DATA ${COPY}.1 +put $DATA ${COPY}.2 +EOF BUFFERSIZE="5 1000 32000 64000" REQUESTS="1 2 10" @@ -41,18 +48,17 @@ for R in ${REQUESTS}; do verbose "test $tid: buffer_size $B num_requests $R" rm -f ${COPY}.1 ${COPY}.2 - ${SFTP} -P ${server} -B $B -R $R -b /dev/stdin \ - > /dev/null 2>&1 << EOF - version - get $DATA ${COPY}.1 - put $DATA ${COPY}.2 -EOF + ${SFTP} -P ${server} -B $B -R $R -b $SFTPCMDFILE \ + > /dev/null 2>&1 r=$? if [ $r -ne 0 ]; then fail "sftp failed with $r" + else + cmp $DATA ${COPY}.1 || fail "corrupted copy after get" + cmp $DATA ${COPY}.2 || fail "corrupted copy after put" fi - cmp $DATA ${COPY}.1 || fail "corrupted copy after get" - cmp $DATA ${COPY}.2 || fail "corrupted copy after put" done done done +rm -f ${COPY}.1 ${COPY}.2 +rm -f $SFTPCMDFILE Index: regress/ssh-com.sh ==================================================================RCS file: /usr/local/src/security/openssh/cvs/openssh_cvs/regress/ssh-com.sh,v retrieving revision 1.3 diff -u -r1.3 ssh-com.sh --- regress/ssh-com.sh 18 Jun 2003 12:36:49 -0000 1.3 +++ regress/ssh-com.sh 20 Jun 2003 09:09:00 -0000 @@ -67,7 +67,7 @@ # convert and append DSA hostkey ( - echo -n 'ssh2-localhost-with-alias,127.0.0.1,::1 ' + echon 'ssh2-localhost-with-alias,127.0.0.1,::1 ' ${SSHKEYGEN} -if ${SRC}/dsa_ssh2.pub ) >> $OBJ/known_hosts Index: regress/stderr-after-eof.sh ==================================================================RCS file: /usr/local/src/security/openssh/cvs/openssh_cvs/regress/stderr-after-eof.sh,v retrieving revision 1.1 diff -u -r1.1 stderr-after-eof.sh --- regress/stderr-after-eof.sh 1 May 2002 03:17:35 -0000 1.1 +++ regress/stderr-after-eof.sh 20 Jun 2003 09:10:03 -0000 @@ -7,13 +7,23 @@ DATA=${OBJ}/data COPY=${OBJ}/copy -MD5=md5sum +if [ -x "`which md5sum`" ]; then + CHECKSUM=md5sum +elif [ -x "`which openssl`" ]; then + CHECKSUM="openssl md5" +elif [ -x "`which cksum`" ]; then + CHECKSUM=cksum +elif [ -x "`which sum`" ]; then + CHECKSUM=sum +else + fatal "No checksum program available, aborting $tid test" +fi # setup data rm -f ${DATA} ${COPY} cp /dev/null ${DATA} for i in 1 2 3 4 5 6; do - (date;echo $i) | $MD5 >> ${DATA} + (date;echo $i) | $CHECKSUM >> ${DATA} done ${SSH} -2 -F $OBJ/ssh_proxy otherhost \ Index: regress/stderr-data.sh ==================================================================RCS file: /usr/local/src/security/openssh/cvs/openssh_cvs/regress/stderr-data.sh,v retrieving revision 1.1 diff -u -r1.1 stderr-data.sh --- regress/stderr-data.sh 1 May 2002 03:17:35 -0000 1.1 +++ regress/stderr-data.sh 20 Jun 2003 11:35:41 -0000 @@ -3,7 +3,7 @@ tid="stderr data transfer" -DATA=/bin/ls +DATA=/bin/ls${EXEEXT} COPY=${OBJ}/copy rm -f ${COPY} Index: regress/test-exec.sh ==================================================================RCS file: /usr/local/src/security/openssh/cvs/openssh_cvs/regress/test-exec.sh,v retrieving revision 1.1 diff -u -r1.1 test-exec.sh --- regress/test-exec.sh 1 May 2002 03:17:35 -0000 1.1 +++ regress/test-exec.sh 20 Jun 2003 09:49:53 -0000 @@ -3,9 +3,16 @@ PORT=4242 USER=`id -un` -SUDO #SUDO=sudo +if [ -x /usr/ucb/whoami ]; then + USER=`/usr/ucb/whoami` +elif [ -x "`which whoami`" ]; then + USER=`whoami` +else + USER=`id -un` +fi + OBJ=$1 if [ "x$OBJ" = "x" ]; then echo '$OBJ not defined' @@ -72,6 +79,17 @@ #echo $SSH $SSHD $SSHAGENT $SSHADD $SSHKEYGEN $SSHKEYSCAN $SFTP $SFTPSERVER # helper +echon() +{ + if [ "x`echo -n`" = "x" ]; then + echo -n "$@" + elif [ "x`echo '\c'`" = "x" ]; then + echo "$@\c" + else + fatal "Don't know how to echo without newline." + fi +} + cleanup () { if [ -f $PIDFILE ]; then @@ -111,7 +129,7 @@ fatal () { - echo -n "FATAL: " + echon "FATAL: " fail "$@" cleanup exit $RESULT @@ -130,6 +148,7 @@ PidFile $PIDFILE AuthorizedKeysFile $OBJ/authorized_keys_%u LogLevel QUIET + StrictModes no EOF # server config for proxy connects @@ -169,7 +188,7 @@ # known hosts file for client ( - echo -n 'localhost-with-alias,127.0.0.1,::1 ' + echon 'localhost-with-alias,127.0.0.1,::1 ' cat $OBJ/$t.pub ) >> $OBJ/known_hosts @@ -203,7 +222,7 @@ trace "wait for sshd" i=0; - while [ ! -f $PIDFILE -a $i -lt 5 ]; do + while [ ! -f $PIDFILE -a $i -lt 10 ]; do i=`expr $i + 1` sleep $i done Index: regress/transfer.sh ==================================================================RCS file: /usr/local/src/security/openssh/cvs/openssh_cvs/regress/transfer.sh,v retrieving revision 1.1 diff -u -r1.1 transfer.sh --- regress/transfer.sh 1 May 2002 03:17:35 -0000 1.1 +++ regress/transfer.sh 20 Jun 2003 11:36:01 -0000 @@ -3,7 +3,7 @@ tid="transfer data" -DATA=/bin/ls +DATA=/bin/ls${EXEEXT} COPY=${OBJ}/copy for p in 1 2; do --- /dev/null 2002-08-31 09:31:37.000000000 +1000 +++ regress/README.regress 2003-06-20 22:55:06.000000000 +1000 @@ -0,0 +1,86 @@ +Overview. + +$ ./configure && make tests + +You'll see some progress info. A failure will cause either the make to +abort or the driver script to report a "FATAL" failure. + +The test consists of 2 parts. The first is the file-based tests which is +driven by the Makefile, and the second is a set of network or proxycommand +based tests, which are driven by a driver script (test-exec.sh) which is +called multiple times by the Makefile. + +Failures in the first part will cause the Makefile to return an error. +Failures in the second part will print a "FATAL" message for the failed +test and continue. + +OpenBSD has a system-wide regression test suite. OpenSSH's test suite uses +the OpenBSD test scripts unmodified, however the Makefile is different +because OpenBSD's uses BSD-specific makefile extensions. + + +Environment variables. + +SUDO: path to sudo command, if desired. Note that some systems (eg AIX, + Solaris with PAM) require sudo to execute some tests. +TEST_SSH_TRACE: set yo "yes" for verbose output from tests +TEST_SSH_QUIET: set to "yes" to suppress non-fatal output. +TEST_SSH_x: path to "ssh" command under test, where x=SSH,SSHD,SSHAGENT,SSHADD + SSHKEYGEN,SSHKEYSCAN,SFTP,SFTPSERVER +OBJ: used by test scripts to access build dir. + + +Individual tests. + +You can invoke test-exec.sh directly if you set up the path to find the +binaries under test and the test scripts themselves, for example: + +$ cd regress +$ PATH=`pwd`/..:$PATH:. sh test-exec.sh `pwd` agent-timeout.sh +ok agent timeout test + + +Files. + +test-exec.sh: the main test driver. Sets environment, creates config files +and keys and runs the specified test. + +At the time of writing, the individual tests are: +agent-timeout.sh: agent timeout test +agent.sh: simple agent test +broken-pipe.sh: broken pipe test +connect-privsep.sh: proxy connect with privsep +connect.sh: simple connect +exit-status.sh: remote exit status +forwarding.sh: local and remote forwarding +keygen-change.sh: change passphrase for key +keyscan.sh: keyscan +proto-mismatch.sh: protocol version mismatch +proto-version.sh: sshd version with different protocol combinations +proxy-connect.sh: proxy connect +sftp.sh: basic sftp put/get +ssh-com-client.sh: connect with ssh.com client +ssh-com-keygen.sh: ssh.com key import +ssh-com-sftp.sh: basic sftp put/get with ssh.com server +ssh-com.sh: connect to ssh.com server +stderr-after-eof.sh: stderr data after eof +stderr-data.sh: stderr data transfer +transfer.sh: transfer data +try-ciphers.sh: try ciphers +yes-head.sh: yes pipe head + + +Problems? + +Run the failing test with shell tracing (-x) turned on: +$ PATH=`pwd`/..:$PATH:. sh -x test-exec.sh `pwd` agent-timeout.sh + +Failed tests can be difficult to diagnose. Suggestions: +- run the individual test via ./test-exec.sh `pwd` [testname] +- set LogLevel to VERBOSE in test-exec.sh and enable syslogging of + auth.debug (eg to /var/log/authlog). + + +Known Issues. + +