diff options
| author | djm@openbsd.org <djm@openbsd.org> | 2024-09-27 03:05:54 +0200 |
|---|---|---|
| committer | Damien Miller <djm@mindrot.org> | 2024-10-14 05:02:34 +0200 |
| commit | 461741083d7254595fecea274e60fe3ebf3ce3f9 (patch) | |
| tree | 5bb31035ef72c34c44f8125303e2440eb6ed76d7 | |
| parent | upstream: Split per-connection sshd-session binary (diff) | |
| download | openssh-461741083d7254595fecea274e60fe3ebf3ce3f9.tar.xz openssh-461741083d7254595fecea274e60fe3ebf3ce3f9.zip | |
upstream: test some more Match syntax, including criteria=arg and
negations
OpenBSD-Regress-ID: 67476baccc60bf1a255fd4e329ada950047b8b8d
| -rw-r--r-- | regress/cfginclude.sh | 14 | ||||
| -rw-r--r-- | regress/cfgmatch.sh | 70 | ||||
| -rw-r--r-- | regress/servcfginclude.sh | 14 |
3 files changed, 50 insertions, 48 deletions
diff --git a/regress/cfginclude.sh b/regress/cfginclude.sh index d442cdd6e..97fd816f9 100644 --- a/regress/cfginclude.sh +++ b/regress/cfginclude.sh @@ -1,4 +1,4 @@ -# $OpenBSD: cfginclude.sh,v 1.4 2024/09/03 05:58:56 djm Exp $ +# $OpenBSD: cfginclude.sh,v 1.5 2024/09/27 01:05:54 djm Exp $ # Placed in the Public Domain. tid="config include" @@ -10,7 +10,7 @@ cat > $OBJ/ssh_config.i << _EOF Match host a Hostname aa -Match host b # comment +Match host=b # comment Hostname bb Include $OBJ/ssh_config.i.* @@ -18,7 +18,7 @@ Match host c Include $OBJ/ssh_config.i.* Hostname cc -Match host m +Match host=m !user xxxyfake Include $OBJ/ssh_config.i.* # comment Host d @@ -41,7 +41,7 @@ Match host xxxxxx _EOF cat > $OBJ/ssh_config.i.1 << _EOF -Match host a +Match host=a Hostname aaa Match host b @@ -64,10 +64,10 @@ cat > $OBJ/ssh_config.i.2 << _EOF Match host a Hostname aaaa -Match host b +Match host=b !user blahblahfake Hostname bbbb -Match host c +Match host=c Hostname cccc Host d @@ -142,7 +142,7 @@ trial a aa # cleanup rm -f $OBJ/ssh_config.i $OBJ/ssh_config.i.* $OBJ/ssh_config.out -# $OpenBSD: cfginclude.sh,v 1.4 2024/09/03 05:58:56 djm Exp $ +# $OpenBSD: cfginclude.sh,v 1.5 2024/09/27 01:05:54 djm Exp $ # Placed in the Public Domain. tid="config include" diff --git a/regress/cfgmatch.sh b/regress/cfgmatch.sh index 05a666855..2737a5f97 100644 --- a/regress/cfgmatch.sh +++ b/regress/cfgmatch.sh @@ -1,4 +1,4 @@ -# $OpenBSD: cfgmatch.sh,v 1.13 2021/06/08 06:52:43 djm Exp $ +# $OpenBSD: cfgmatch.sh,v 1.14 2024/09/27 01:05:54 djm Exp $ # Placed in the Public Domain. tid="sshd_config match" @@ -26,7 +26,7 @@ start_client() kill $client_pid fatal "timeout waiting for background ssh" fi - done + done } stop_client() @@ -119,40 +119,42 @@ stop_client # requires knowledge of actual group memberships user running the test). params="user:user:u1 host:host:h1 address:addr:1.2.3.4 \ localaddress:laddr:5.6.7.8 rdomain:rdomain:rdom1" -cp $OBJ/sshd_proxy_bak $OBJ/sshd_config -echo 'Banner /nomatch' >>$OBJ/sshd_config -for i in $params; do - config=`echo $i | cut -f1 -d:` - criteria=`echo $i | cut -f2 -d:` - value=`echo $i | cut -f3 -d:` - cat >>$OBJ/sshd_config <<EOD - Match $config $value - Banner /$value +for separator in " " "=" ; do + cp $OBJ/sshd_proxy_bak $OBJ/sshd_config + echo 'Banner /nomatch' >>$OBJ/sshd_config + for i in $params; do + config=`echo $i | cut -f1 -d:` + criteria=`echo $i | cut -f2 -d:` + value=`echo $i | cut -f3 -d:` + cat >>$OBJ/sshd_config <<EOD + Match ${config}${separator}${value} + Banner /$value EOD -done + done -${SUDO} ${SSHD} -f $OBJ/sshd_config -T >/dev/null || \ - fail "validate config for w/out spec" - -# Test matching each criteria. -for i in $params; do - testcriteria=`echo $i | cut -f2 -d:` - expected=/`echo $i | cut -f3 -d:` - spec="" - for j in $params; do - config=`echo $j | cut -f1 -d:` - criteria=`echo $j | cut -f2 -d:` - value=`echo $j | cut -f3 -d:` - if [ "$criteria" = "$testcriteria" ]; then - spec="$criteria=$value,$spec" - else - spec="$criteria=1$value,$spec" + ${SUDO} ${SSHD} -f $OBJ/sshd_config -T >/dev/null || \ + fail "validate config for w/out spec" + + # Test matching each criteria. + for i in $params; do + testcriteria=`echo $i | cut -f2 -d:` + expected=/`echo $i | cut -f3 -d:` + spec="" + for j in $params; do + config=`echo $j | cut -f1 -d:` + criteria=`echo $j | cut -f2 -d:` + value=`echo $j | cut -f3 -d:` + if [ "$criteria" = "$testcriteria" ]; then + spec="$criteria=$value,$spec" + else + spec="$criteria=1$value,$spec" + fi + done + trace "test spec $spec" + result=`${SUDO} ${SSHD} -f $OBJ/sshd_config -T -C "$spec" | \ + awk '$1=="banner"{print $2}'` + if [ "$result" != "$expected" ]; then + fail "match $config expected $expected got $result" fi done - trace "test spec $spec" - result=`${SUDO} ${SSHD} -f $OBJ/sshd_config -T -C "$spec" | \ - awk '$1=="banner"{print $2}'` - if [ "$result" != "$expected" ]; then - fail "match $config expected $expected got $result" - fi done diff --git a/regress/servcfginclude.sh b/regress/servcfginclude.sh index 518a703d1..f67c3caac 100644 --- a/regress/servcfginclude.sh +++ b/regress/servcfginclude.sh @@ -4,14 +4,14 @@ tid="server config include" cat > $OBJ/sshd_config.i << _EOF HostKey $OBJ/host.ssh-ed25519 -Match host a +Match host=a Banner /aa Match host b Banner /bb Include $OBJ/sshd_config.i.* # comment -Match host c +Match host=c Include $OBJ/sshd_config.i.* # comment Banner /cc @@ -25,7 +25,7 @@ Match Host e Banner /ee Include $OBJ/sshd_config.i.* -Match Host f +Match Host=f Include $OBJ/sshd_config.i.* Banner /ff @@ -47,13 +47,13 @@ Match host b Match host c Banner /ccc -Match Host d +Match Host=d Banner /ddd Match Host e Banner /eee -Match Host f +Match Host=f Banner /fff _EOF @@ -61,13 +61,13 @@ cat > $OBJ/sshd_config.i.2 << _EOF Match host a Banner /aaaa -Match host b +Match host=b Banner /bbbb Match host c # comment Banner /cccc -Match Host d +Match Host=d Banner /dddd Match Host e |