diff options
| author | Daniel Baumann <daniel.baumann@progress-linux.org> | 2024-04-10 19:49:46 +0000 |
|---|---|---|
| committer | Daniel Baumann <daniel.baumann@progress-linux.org> | 2024-04-10 19:49:46 +0000 |
| commit | 0b6b94e6b6152f15cf4c2247c5974f539aae28cd (patch) | |
| tree | a7698198a1f527ede17a929af46e456e03d50600 /regress/match-subsystem.sh | |
| parent | Initial commit. (diff) | |
| download | openssh-0b6b94e6b6152f15cf4c2247c5974f539aae28cd.tar.xz openssh-0b6b94e6b6152f15cf4c2247c5974f539aae28cd.zip | |
Adding upstream version 1:9.6p1.upstream/1%9.6p1
Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
Diffstat (limited to 'regress/match-subsystem.sh')
| -rw-r--r-- | regress/match-subsystem.sh | 90 |
1 files changed, 90 insertions, 0 deletions
diff --git a/regress/match-subsystem.sh b/regress/match-subsystem.sh new file mode 100644 index 0000000..0b691d8 --- /dev/null +++ b/regress/match-subsystem.sh @@ -0,0 +1,90 @@ +# $OpenBSD: match-subsystem.sh,v 1.1 2023/09/06 23:36:09 djm Exp $ +# Placed in the Public Domain. + +tid="sshd_config match subsystem" + +cp $OBJ/sshd_proxy $OBJ/sshd_proxy_bak + +try_subsystem() { + _id=$1 + _subsystem=$2 + _expect=$3 + ${SSHD} -tf $OBJ/sshd_proxy || fatal "$_id: bad config" + ${SSH} -sF $OBJ/ssh_proxy somehost $_subsystem + _exit=$? + trace "$_id subsystem $_subsystem" + if [ $_exit -ne $_expect ] ; then + fail "$_id: subsystem $_subsystem exit $_exit expected $_expect" + fi + return $? +} + +# Simple case: subsystem in main config. +cp $OBJ/sshd_proxy_bak $OBJ/sshd_proxy +cat >> $OBJ/sshd_proxy << _EOF +Subsystem xxx /bin/sh -c "exit 23" +_EOF +try_subsystem "main config" xxx 23 + +# No clobber in main config. +cp $OBJ/sshd_proxy_bak $OBJ/sshd_proxy +cat >> $OBJ/sshd_proxy << _EOF +Subsystem xxx /bin/sh -c "exit 23" +Subsystem xxx /bin/sh -c "exit 24" +_EOF +try_subsystem "main config no clobber" xxx 23 + +# Subsystem in match all block +cp $OBJ/sshd_proxy_bak $OBJ/sshd_proxy +cat >> $OBJ/sshd_proxy << _EOF +Match all +Subsystem xxx /bin/sh -c "exit 21" +_EOF +try_subsystem "match all" xxx 21 + +# No clobber in match all block +cp $OBJ/sshd_proxy_bak $OBJ/sshd_proxy +cat >> $OBJ/sshd_proxy << _EOF +Match all +Subsystem xxx /bin/sh -c "exit 21" +Subsystem xxx /bin/sh -c "exit 24" +_EOF +try_subsystem "match all no clobber" xxx 21 + +# Subsystem in match user block +cp $OBJ/sshd_proxy_bak $OBJ/sshd_proxy +cat >> $OBJ/sshd_proxy << _EOF +Match user * +Subsystem xxx /bin/sh -c "exit 20" +_EOF +try_subsystem "match user" xxx 20 + +# No clobber in match user block +cp $OBJ/sshd_proxy_bak $OBJ/sshd_proxy +cat >> $OBJ/sshd_proxy << _EOF +Match user * +Subsystem xxx /bin/sh -c "exit 20" +Subsystem xxx /bin/sh -c "exit 24" +Match all +Subsystem xxx /bin/sh -c "exit 24" +_EOF +try_subsystem "match user no clobber" xxx 20 + +# Override main with match all +cp $OBJ/sshd_proxy_bak $OBJ/sshd_proxy +cat >> $OBJ/sshd_proxy << _EOF +Subsystem xxx /bin/sh -c "exit 23" +Match all +Subsystem xxx /bin/sh -c "exit 19" +_EOF +try_subsystem "match all override" xxx 19 + +# Override main with match user +cp $OBJ/sshd_proxy_bak $OBJ/sshd_proxy +cat >> $OBJ/sshd_proxy << _EOF +Subsystem xxx /bin/sh -c "exit 23" +Match user * +Subsystem xxx /bin/sh -c "exit 18" +_EOF +try_subsystem "match user override" xxx 18 + |