summaryrefslogtreecommitdiffstats
path: root/regress/integrity.sh
diff options
context:
space:
mode:
authorDaniel Baumann <daniel.baumann@progress-linux.org>2024-04-10 19:49:46 +0000
committerDaniel Baumann <daniel.baumann@progress-linux.org>2024-04-10 19:49:46 +0000
commit0b6b94e6b6152f15cf4c2247c5974f539aae28cd (patch)
treea7698198a1f527ede17a929af46e456e03d50600 /regress/integrity.sh
parentInitial commit. (diff)
downloadopenssh-0b6b94e6b6152f15cf4c2247c5974f539aae28cd.tar.xz
openssh-0b6b94e6b6152f15cf4c2247c5974f539aae28cd.zip
Adding upstream version 1:9.6p1.upstream/1%9.6p1
Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
Diffstat (limited to 'regress/integrity.sh')
-rw-r--r--regress/integrity.sh76
1 files changed, 76 insertions, 0 deletions
diff --git a/regress/integrity.sh b/regress/integrity.sh
new file mode 100644
index 0000000..202483c
--- /dev/null
+++ b/regress/integrity.sh
@@ -0,0 +1,76 @@
+# $OpenBSD: integrity.sh,v 1.25 2023/03/01 09:29:32 dtucker Exp $
+# Placed in the Public Domain.
+
+tid="integrity"
+cp $OBJ/sshd_proxy $OBJ/sshd_proxy_bak
+
+# start at byte 2900 (i.e. after kex) and corrupt at different offsets
+tries=10
+startoffset=2900
+macs=`${SSH} -Q mac`
+# The following are not MACs, but ciphers with integrated integrity. They are
+# handled specially below.
+macs="$macs `${SSH} -Q cipher-auth`"
+
+# avoid DH group exchange as the extra traffic makes it harder to get the
+# offset into the stream right.
+#echo "KexAlgorithms -diffie-hellman-group*" \
+# >> $OBJ/ssh_proxy
+
+# sshd-command for proxy (see test-exec.sh)
+cmd="$SUDO env SSH_SK_HELPER="$SSH_SK_HELPER" sh ${OBJ}/sshd-log-wrapper.sh -i -f $OBJ/sshd_proxy"
+
+for m in $macs; do
+ trace "test $tid: mac $m"
+ elen=0
+ epad=0
+ emac=0
+ etmo=0
+ ecnt=0
+ skip=0
+ for off in `jot $tries $startoffset`; do
+ skip=`expr $skip - 1`
+ if [ $skip -gt 0 ]; then
+ # avoid modifying the high bytes of the length
+ continue
+ fi
+ cp $OBJ/sshd_proxy_bak $OBJ/sshd_proxy
+ # modify output from sshd at offset $off
+ pxy="proxycommand=$cmd | $OBJ/modpipe -wm xor:$off:1"
+ if ${SSH} -Q cipher-auth | grep "^${m}\$" >/dev/null 2>&1 ; then
+ echo "Ciphers=$m" >> $OBJ/sshd_proxy
+ macopt="-c $m"
+ else
+ echo "Ciphers=aes128-ctr" >> $OBJ/sshd_proxy
+ echo "MACs=$m" >> $OBJ/sshd_proxy
+ macopt="-m $m -c aes128-ctr"
+ fi
+ verbose "test $tid: $m @$off"
+ ${SSH} $macopt -F $OBJ/ssh_proxy -o "$pxy" \
+ -oServerAliveInterval=1 -oServerAliveCountMax=30 \
+ 999.999.999.999 'printf "%4096s" " "' >/dev/null
+ if [ $? -eq 0 ]; then
+ fail "ssh -m $m succeeds with bit-flip at $off"
+ fi
+ ecnt=`expr $ecnt + 1`
+ out=$(egrep -v "^debug" $TEST_SSH_LOGFILE | tail -2 | \
+ tr -s '\r\n' '.')
+ case "$out" in
+ Bad?packet*) elen=`expr $elen + 1`; skip=3;;
+ Corrupted?MAC* | *message?authentication?code?incorrect*)
+ emac=`expr $emac + 1`; skip=0;;
+ padding*) epad=`expr $epad + 1`; skip=0;;
+ *Timeout,?server*)
+ etmo=`expr $etmo + 1`; skip=0;;
+ *) fail "unexpected error mac $m at $off: $out";;
+ esac
+ done
+ verbose "test $tid: $ecnt errors: mac $emac padding $epad length $elen timeout $etmo"
+ if [ $emac -eq 0 ]; then
+ fail "$m: no mac errors"
+ fi
+ expect=`expr $ecnt - $epad - $elen - $etmo`
+ if [ $emac -ne $expect ]; then
+ fail "$m: expected $expect mac errors, got $emac"
+ fi
+done