diff options
author | Daniel Baumann <daniel.baumann@progress-linux.org> | 2024-04-07 14:40:04 +0000 |
---|---|---|
committer | Daniel Baumann <daniel.baumann@progress-linux.org> | 2024-04-07 14:40:04 +0000 |
commit | 25505898530a333011f4fd5cbc841ad6b26c089c (patch) | |
tree | 333a33fdd60930bcccc3f177ed9467d535e9bac6 /regress/allow-deny-users.sh | |
parent | Initial commit. (diff) | |
download | openssh-25505898530a333011f4fd5cbc841ad6b26c089c.tar.xz openssh-25505898530a333011f4fd5cbc841ad6b26c089c.zip |
Adding upstream version 1:9.2p1.upstream/1%9.2p1upstream
Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
Diffstat (limited to '')
-rw-r--r-- | regress/allow-deny-users.sh | 43 |
1 files changed, 43 insertions, 0 deletions
diff --git a/regress/allow-deny-users.sh b/regress/allow-deny-users.sh new file mode 100644 index 0000000..6c053ee --- /dev/null +++ b/regress/allow-deny-users.sh @@ -0,0 +1,43 @@ +# Public Domain +# Zev Weiss, 2016 +# $OpenBSD: allow-deny-users.sh,v 1.6 2021/06/07 00:00:50 djm Exp $ + +tid="AllowUsers/DenyUsers" + +me="$LOGNAME" +if [ "x$me" = "x" ]; then + me=`whoami` +fi +other="nobody" + +cp $OBJ/sshd_proxy $OBJ/sshd_proxy.orig + +test_auth() +{ + deny="$1" + allow="$2" + should_succeed="$3" + failmsg="$4" + + cp $OBJ/sshd_proxy.orig $OBJ/sshd_proxy + test -z "$deny" || echo DenyUsers="$deny" >> $OBJ/sshd_proxy + test -z "$allow" || echo AllowUsers="$allow" >> $OBJ/sshd_proxy + + ${SSH} -F $OBJ/ssh_proxy "$me@somehost" true + status=$? + + if (test $status -eq 0 && ! $should_succeed) \ + || (test $status -ne 0 && $should_succeed); then + fail "$failmsg" + fi +} + +# DenyUsers AllowUsers should_succeed failure_message +test_auth "" "" true "user in neither DenyUsers nor AllowUsers denied" +test_auth "$other $me" "" false "user in DenyUsers allowed" +test_auth "$me $other" "" false "user in DenyUsers allowed" +test_auth "" "$other" false "user not in AllowUsers allowed" +test_auth "" "$other $me" true "user in AllowUsers denied" +test_auth "" "$me $other" true "user in AllowUsers denied" +test_auth "$me $other" "$me $other" false "user in both DenyUsers and AllowUsers allowed" +test_auth "$other $me" "$other $me" false "user in both DenyUsers and AllowUsers allowed" |