summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--regress/Makefile8
-rw-r--r--regress/cfginclude.sh290
2 files changed, 295 insertions, 3 deletions
diff --git a/regress/Makefile b/regress/Makefile
index 839fb8eca..4e32eab8a 100644
--- a/regress/Makefile
+++ b/regress/Makefile
@@ -1,4 +1,4 @@
-# $OpenBSD: Makefile,v 1.84 2016/03/04 02:30:36 djm Exp $
+# $OpenBSD: Makefile,v 1.85 2016/04/15 00:31:10 djm Exp $
REGRESS_TARGETS= unit t1 t2 t3 t4 t5 t6 t7 t8 t9 t10 t11 t12 t-exec
tests: prep $(REGRESS_TARGETS)
@@ -75,7 +75,8 @@ LTESTS= connect \
keygen-knownhosts \
hostkey-rotate \
principals-command \
- cert-file
+ cert-file \
+ cfginclude
# dhgex \
@@ -106,7 +107,8 @@ CLEANFILES= t2.out t3.out t6.out1 t6.out2 t7.out t7.out.pub copy.1 copy.2 \
sftp-server.sh sftp-server.log sftp.log setuid-allowed \
data ed25519-agent ed25519-agent.pub key.ed25519-512 \
key.ed25519-512.pub netcat host_krl_* host_revoked_* \
- kh.* user_*key* agent-key.* known_hosts.* hkr.*
+ kh.* user_*key* agent-key.* known_hosts.* hkr.* \
+ scp-ssh-wrapper.scp ssh_proxy_bak ssh_config.*
SUDO_CLEAN+= /var/run/testdata_${USER} /var/run/keycommand_${USER}
diff --git a/regress/cfginclude.sh b/regress/cfginclude.sh
new file mode 100644
index 000000000..3232fa9f0
--- /dev/null
+++ b/regress/cfginclude.sh
@@ -0,0 +1,290 @@
+# $OpenBSD: cfginclude.sh,v 1.1 2016/04/15 00:31:10 djm Exp $
+# Placed in the Public Domain.
+
+tid="config include"
+
+cat > $OBJ/ssh_config.i << _EOF
+Match host a
+ Hostname aa
+
+Match host b
+ Hostname bb
+ Include $OBJ/ssh_config.i.*
+
+Match host c
+ Include $OBJ/ssh_config.i.*
+ Hostname cc
+
+Match host m
+ Include $OBJ/ssh_config.i.*
+
+Host d
+ Hostname dd
+
+Host e
+ Hostname ee
+ Include $OBJ/ssh_config.i.*
+
+Host f
+ Include $OBJ/ssh_config.i.*
+ Hostname ff
+
+Host n
+ Include $OBJ/ssh_config.i.*
+_EOF
+
+cat > $OBJ/ssh_config.i.0 << _EOF
+Match host xxxxxx
+_EOF
+
+cat > $OBJ/ssh_config.i.1 << _EOF
+Match host a
+ Hostname aaa
+
+Match host b
+ Hostname bbb
+
+Match host c
+ Hostname ccc
+
+Host d
+ Hostname ddd
+
+Host e
+ Hostname eee
+
+Host f
+ Hostname fff
+_EOF
+
+cat > $OBJ/ssh_config.i.2 << _EOF
+Match host a
+ Hostname aaaa
+
+Match host b
+ Hostname bbbb
+
+Match host c
+ Hostname cccc
+
+Host d
+ Hostname dddd
+
+Host e
+ Hostname eeee
+
+Host f
+ Hostname ffff
+
+Match all
+ Hostname xxxx
+_EOF
+
+trial() {
+ _host="$1"
+ _exp="$2"
+ ${REAL_SSH} -F $OBJ/ssh_config.i -G "$_host" > $OBJ/ssh_config.out ||
+ fatal "ssh config parse failed"
+ _got=`grep -i '^hostname ' $OBJ/ssh_config.out | awk '{print $2}'`
+ if test "x$_exp" != "x$_got" ; then
+ fail "host $_host include fail: expected $_exp got $_got"
+ fi
+}
+
+trial a aa
+trial b bb
+trial c ccc
+trial d dd
+trial e ee
+trial f fff
+trial m xxxx
+trial n xxxx
+trial x x
+
+# Prepare an included config with an error.
+
+cat > $OBJ/ssh_config.i.3 << _EOF
+Hostname xxxx
+ Junk
+_EOF
+
+${REAL_SSH} -F $OBJ/ssh_config.i -G a 2>/dev/null && \
+ fail "ssh include allowed invalid config"
+
+${REAL_SSH} -F $OBJ/ssh_config.i -G x 2>/dev/null && \
+ fail "ssh include allowed invalid config"
+
+rm -f $OBJ/ssh_config.i.*
+
+# Ensure that a missing include is not fatal.
+cat > $OBJ/ssh_config.i << _EOF
+Include $OBJ/ssh_config.i.*
+Hostname aa
+_EOF
+
+trial a aa
+
+# Ensure that Match/Host in an included config does not affect parent.
+cat > $OBJ/ssh_config.i.x << _EOF
+Match host x
+_EOF
+
+trial a aa
+
+cat > $OBJ/ssh_config.i.x << _EOF
+Host x
+_EOF
+
+trial a aa
+
+# cleanup
+rm -f $OBJ/ssh_config.i $OBJ/ssh_config.i.* $OBJ/ssh_config.out
+# $OpenBSD: cfginclude.sh,v 1.1 2016/04/15 00:31:10 djm Exp $
+# Placed in the Public Domain.
+
+tid="config include"
+
+cat > $OBJ/ssh_config.i << _EOF
+Match host a
+ Hostname aa
+
+Match host b
+ Hostname bb
+ Include $OBJ/ssh_config.i.*
+
+Match host c
+ Include $OBJ/ssh_config.i.*
+ Hostname cc
+
+Match host m
+ Include $OBJ/ssh_config.i.*
+
+Host d
+ Hostname dd
+
+Host e
+ Hostname ee
+ Include $OBJ/ssh_config.i.*
+
+Host f
+ Include $OBJ/ssh_config.i.*
+ Hostname ff
+
+Host n
+ Include $OBJ/ssh_config.i.*
+_EOF
+
+cat > $OBJ/ssh_config.i.0 << _EOF
+Match host xxxxxx
+_EOF
+
+cat > $OBJ/ssh_config.i.1 << _EOF
+Match host a
+ Hostname aaa
+
+Match host b
+ Hostname bbb
+
+Match host c
+ Hostname ccc
+
+Host d
+ Hostname ddd
+
+Host e
+ Hostname eee
+
+Host f
+ Hostname fff
+_EOF
+
+cat > $OBJ/ssh_config.i.2 << _EOF
+Match host a
+ Hostname aaaa
+
+Match host b
+ Hostname bbbb
+
+Match host c
+ Hostname cccc
+
+Host d
+ Hostname dddd
+
+Host e
+ Hostname eeee
+
+Host f
+ Hostname ffff
+
+Match all
+ Hostname xxxx
+_EOF
+
+trial() {
+ _host="$1"
+ _exp="$2"
+ ${REAL_SSH} -F $OBJ/ssh_config.i -G "$_host" > $OBJ/ssh_config.out ||
+ fatal "ssh config parse failed"
+ _got=`grep -i '^hostname ' $OBJ/ssh_config.out | awk '{print $2}'`
+ if test "x$_exp" != "x$_got" ; then
+ fail "host $_host include fail: expected $_exp got $_got"
+ fi
+}
+
+trial a aa
+trial b bb
+trial c ccc
+trial d dd
+trial e ee
+trial f fff
+trial m xxxx
+trial n xxxx
+trial x x
+
+# Prepare an included config with an error.
+
+cat > $OBJ/ssh_config.i.3 << _EOF
+Hostname xxxx
+ Junk
+_EOF
+
+${REAL_SSH} -F $OBJ/ssh_config.i -G a 2>/dev/null && \
+ fail "ssh include allowed invalid config"
+
+${REAL_SSH} -F $OBJ/ssh_config.i -G x 2>/dev/null && \
+ fail "ssh include allowed invalid config"
+
+rm -f $OBJ/ssh_config.i.*
+
+# Ensure that a missing include is not fatal.
+cat > $OBJ/ssh_config.i << _EOF
+Include $OBJ/ssh_config.i.*
+Hostname aa
+_EOF
+
+trial a aa
+
+# Ensure that Match/Host in an included config does not affect parent.
+cat > $OBJ/ssh_config.i.x << _EOF
+Match host x
+_EOF
+
+trial a aa
+
+cat > $OBJ/ssh_config.i.x << _EOF
+Host x
+_EOF
+
+trial a aa
+
+# Ensure that recursive includes are bounded.
+cat > $OBJ/ssh_config.i << _EOF
+Include $OBJ/ssh_config.i
+_EOF
+
+${REAL_SSH} -F $OBJ/ssh_config.i -G a 2>/dev/null && \
+ fail "ssh include allowed infinite recursion?" # or hang...
+
+# cleanup
+rm -f $OBJ/ssh_config.i $OBJ/ssh_config.i.* $OBJ/ssh_config.out