summaryrefslogtreecommitdiffstats
path: root/regress/key-options.sh
blob: 2f3d66e2e9eacd3f5e5e6e88d509502faf9fd852 (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
#	$OpenBSD: key-options.sh,v 1.9 2018/07/03 13:53:26 djm Exp $
#	Placed in the Public Domain.

tid="key options"

origkeys="$OBJ/authkeys_orig"
authkeys="$OBJ/authorized_keys_${USER}"
cp $authkeys $origkeys

# Allocating ptys can require privileges on some platforms.
skip_pty=""
if ! config_defined HAVE_OPENPTY && [ "x$SUDO" = "x" ]; then
	skip_pty="no openpty(3) and SUDO not set"
fi

# Test command= forced command
for c in 'command="echo bar"' 'no-pty,command="echo bar"'; do
	sed "s/.*/$c &/" $origkeys >$authkeys
	verbose "key option $c"
	r=`${SSH} -q -F $OBJ/ssh_proxy somehost echo foo`
	if [ "$r" = "foo" ]; then
		fail "key option forced command not restricted"
	fi
	if [ "$r" != "bar" ]; then
		fail "key option forced command not executed"
	fi
done

# Test no-pty
expect_pty_succeed() {
	which=$1
	opts=$2
	rm -f $OBJ/data
	sed "s/.*/$opts &/" $origkeys >$authkeys
	verbose "key option pty $which"
	[ "x$skip_pty" != "x" ] && verbose "skipped because $skip_pty" && return
	${SSH} -ttq -F $OBJ/ssh_proxy somehost "tty > $OBJ/data; exit 0"
	if [ $? -ne 0 ] ; then
		fail "key option failed $which"
	else
		r=`cat $OBJ/data`
		case "$r" in
		/dev/*) ;;
		*)	fail "key option failed $which (pty $r)" ;;
		esac
	fi
}
expect_pty_fail() {
	which=$1
	opts=$2
	rm -f $OBJ/data
	sed "s/.*/$opts &/" $origkeys >$authkeys
	verbose "key option pty $which"
	[ "x$skip_pty" != "x" ] && verbose "skipped because $skip_pty" && return
	${SSH} -ttq -F $OBJ/ssh_proxy somehost "tty > $OBJ/data; exit 0"
	if [ $? -eq 0 ]; then
		r=`cat $OBJ/data`
		if [ -e "$r" ]; then
			fail "key option failed $which (pty $r)"
		fi
		case "$r" in
		/dev/*)	fail "key option failed $which (pty $r)" ;;
		*)	;;
		esac
	fi
}
# First ensure that we can allocate a pty by default.
expect_pty_succeed "default" ""
expect_pty_fail "no-pty" "no-pty"
expect_pty_fail "restrict" "restrict"
expect_pty_succeed "restrict,pty" "restrict,pty"

# Test environment=
# XXX this can fail if ~/.ssh/environment exists for the user running the test
echo 'PermitUserEnvironment yes' >> $OBJ/sshd_proxy
sed 's/.*/environment="FOO=bar" &/' $origkeys >$authkeys
verbose "key option environment"
r=`${SSH} -q -F $OBJ/ssh_proxy somehost 'echo $FOO'`
if [ "$r" != "bar" ]; then
	fail "key option environment not set"
fi

# Test from= restriction
start_sshd
for f in 127.0.0.1 '127.0.0.0\/8'; do
	cat  $origkeys >$authkeys
	${SSH} -q -F $OBJ/ssh_proxy somehost true
	if [ $? -ne 0 ]; then
		fail "key option failed without restriction"
	fi

	sed 's/.*/from="'"$f"'" &/' $origkeys >$authkeys
	from=`head -1 $authkeys | cut -f1 -d ' '`
	verbose "key option $from"
	r=`${SSH} -q -F $OBJ/ssh_proxy somehost 'echo true'`
	if [ "$r" = "true" ]; then
		fail "key option $from not restricted"
	fi

	r=`${SSH} -q -F $OBJ/ssh_config somehost 'echo true'`
	if [ "$r" != "true" ]; then
		fail "key option $from not allowed but should be"
	fi
done

check_valid_before() {
	which=$1
	opts=$2
	expect=$3
	sed "s/.*/$opts &/" $origkeys >$authkeys
	verbose "key option expiry-time $which"
	${SSH} -q -F $OBJ/ssh_proxy somehost true
	r=$?
	case "$expect" in
	fail)	test $r -eq 0 && fail "key option succeeded $which" ;;
	pass)	test $r -ne 0 && fail "key option failed $which" ;;
	*)	fatal "unknown expectation $expect" ;;
	esac
}
check_valid_before "default"	""				"pass"
check_valid_before "invalid"	'expiry-time="INVALID"'		"fail"
check_valid_before "expired"	'expiry-time="19990101"'	"fail"
check_valid_before "valid"	'expiry-time="20380101"'	"pass"