summaryrefslogtreecommitdiffstats
path: root/regress/connect-privsep.sh
diff options
context:
space:
mode:
authorDaniel Baumann <daniel.baumann@progress-linux.org>2024-04-27 11:13:18 +0000
committerDaniel Baumann <daniel.baumann@progress-linux.org>2024-04-27 11:13:18 +0000
commit9e7e4ab6617fef1d1681fc2d3e02554264ccc954 (patch)
tree336445493163aa0370cb7830d97ebd8819b2e2c5 /regress/connect-privsep.sh
parentInitial commit. (diff)
downloadopenssh-9e7e4ab6617fef1d1681fc2d3e02554264ccc954.tar.xz
openssh-9e7e4ab6617fef1d1681fc2d3e02554264ccc954.zip
Adding upstream version 1:8.4p1.upstream/1%8.4p1upstream
Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
Diffstat (limited to '')
-rw-r--r--regress/connect-privsep.sh35
1 files changed, 35 insertions, 0 deletions
diff --git a/regress/connect-privsep.sh b/regress/connect-privsep.sh
new file mode 100644
index 0000000..b6abb65
--- /dev/null
+++ b/regress/connect-privsep.sh
@@ -0,0 +1,35 @@
+# $OpenBSD: connect-privsep.sh,v 1.9 2017/04/30 23:34:55 djm Exp $
+# Placed in the Public Domain.
+
+tid="proxy connect with privsep"
+
+cp $OBJ/sshd_proxy $OBJ/sshd_proxy.orig
+echo 'UsePrivilegeSeparation yes' >> $OBJ/sshd_proxy
+
+${SSH} -F $OBJ/ssh_proxy 999.999.999.999 true
+if [ $? -ne 0 ]; then
+ fail "ssh privsep+proxyconnect failed"
+fi
+
+cp $OBJ/sshd_proxy.orig $OBJ/sshd_proxy
+echo 'UsePrivilegeSeparation sandbox' >> $OBJ/sshd_proxy
+
+${SSH} -F $OBJ/ssh_proxy 999.999.999.999 true
+if [ $? -ne 0 ]; then
+ # XXX replace this with fail once sandbox has stabilised
+ warn "ssh privsep/sandbox+proxyconnect failed"
+fi
+
+# Because sandbox is sensitive to changes in libc, especially malloc, retest
+# with every malloc.conf option (and none).
+if [ -z "TEST_MALLOC_OPTIONS" ]; then
+ mopts="C F G J R S U X < >"
+else
+ mopts=`echo $TEST_MALLOC_OPTIONS | sed 's/./& /g'`
+fi
+for m in '' $mopts ; do
+ env MALLOC_OPTIONS="$m" ${SSH} -F $OBJ/ssh_proxy 999.999.999.999 true
+ if [ $? -ne 0 ]; then
+ fail "ssh privsep/sandbox+proxyconnect mopt '$m' failed"
+ fi
+done