diff options
author | Daniel Baumann <daniel.baumann@progress-linux.org> | 2024-04-27 11:13:18 +0000 |
---|---|---|
committer | Daniel Baumann <daniel.baumann@progress-linux.org> | 2024-04-27 11:13:18 +0000 |
commit | 9e7e4ab6617fef1d1681fc2d3e02554264ccc954 (patch) | |
tree | 336445493163aa0370cb7830d97ebd8819b2e2c5 /regress/connect-privsep.sh | |
parent | Initial commit. (diff) | |
download | openssh-9e7e4ab6617fef1d1681fc2d3e02554264ccc954.tar.xz openssh-9e7e4ab6617fef1d1681fc2d3e02554264ccc954.zip |
Adding upstream version 1:8.4p1.upstream/1%8.4p1upstream
Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
Diffstat (limited to '')
-rw-r--r-- | regress/connect-privsep.sh | 35 |
1 files changed, 35 insertions, 0 deletions
diff --git a/regress/connect-privsep.sh b/regress/connect-privsep.sh new file mode 100644 index 0000000..b6abb65 --- /dev/null +++ b/regress/connect-privsep.sh @@ -0,0 +1,35 @@ +# $OpenBSD: connect-privsep.sh,v 1.9 2017/04/30 23:34:55 djm Exp $ +# Placed in the Public Domain. + +tid="proxy connect with privsep" + +cp $OBJ/sshd_proxy $OBJ/sshd_proxy.orig +echo 'UsePrivilegeSeparation yes' >> $OBJ/sshd_proxy + +${SSH} -F $OBJ/ssh_proxy 999.999.999.999 true +if [ $? -ne 0 ]; then + fail "ssh privsep+proxyconnect failed" +fi + +cp $OBJ/sshd_proxy.orig $OBJ/sshd_proxy +echo 'UsePrivilegeSeparation sandbox' >> $OBJ/sshd_proxy + +${SSH} -F $OBJ/ssh_proxy 999.999.999.999 true +if [ $? -ne 0 ]; then + # XXX replace this with fail once sandbox has stabilised + warn "ssh privsep/sandbox+proxyconnect failed" +fi + +# Because sandbox is sensitive to changes in libc, especially malloc, retest +# with every malloc.conf option (and none). +if [ -z "TEST_MALLOC_OPTIONS" ]; then + mopts="C F G J R S U X < >" +else + mopts=`echo $TEST_MALLOC_OPTIONS | sed 's/./& /g'` +fi +for m in '' $mopts ; do + env MALLOC_OPTIONS="$m" ${SSH} -F $OBJ/ssh_proxy 999.999.999.999 true + if [ $? -ne 0 ]; then + fail "ssh privsep/sandbox+proxyconnect mopt '$m' failed" + fi +done |