mirror of git://anongit.mindrot.org/openssh.git
15bfafc1db
expect. This script was written before OpenSSH switched to new-format private keys by default and was never updated to the change (until now) From Michael Forney OpenBSD-Regress-ID: 38cf354715c96852e5b71c2393fb6e7ad28b7ca7 |
||
---|---|---|
.. | ||
misc | ||
unittests | ||
Makefile | ||
README.regress | ||
addrmatch.sh | ||
agent-getpeereid.sh | ||
agent-pkcs11.sh | ||
agent-ptrace.sh | ||
agent-timeout.sh | ||
agent.sh | ||
allow-deny-users.sh | ||
authinfo.sh | ||
banner.sh | ||
broken-pipe.sh | ||
brokenkeys.sh | ||
cert-file.sh | ||
cert-hostkey.sh | ||
cert-userkey.sh | ||
cfginclude.sh | ||
cfgmatch.sh | ||
cfgmatchlisten.sh | ||
cfgparse.sh | ||
check-perm.c | ||
cipher-speed.sh | ||
conch-ciphers.sh | ||
connect-privsep.sh | ||
connect-uri.sh | ||
connect.sh | ||
dhgex.sh | ||
dsa_ssh2.prv | ||
dsa_ssh2.pub | ||
dynamic-forward.sh | ||
envpass.sh | ||
exit-status.sh | ||
forcecommand.sh | ||
forward-control.sh | ||
forwarding.sh | ||
host-expand.sh | ||
hostkey-agent.sh | ||
hostkey-rotate.sh | ||
integrity.sh | ||
kextype.sh | ||
key-options.sh | ||
keygen-change.sh | ||
keygen-comment.sh | ||
keygen-convert.sh | ||
keygen-knownhosts.sh | ||
keygen-moduli.sh | ||
keys-command.sh | ||
keyscan.sh | ||
keytype.sh | ||
krl.sh | ||
limit-keytype.sh | ||
localcommand.sh | ||
login-timeout.sh | ||
mkdtemp.c | ||
modpipe.c | ||
moduli.in | ||
multiplex.sh | ||
multipubkey.sh | ||
netcat.c | ||
percent.sh | ||
portnum.sh | ||
principals-command.sh | ||
proto-mismatch.sh | ||
proto-version.sh | ||
proxy-connect.sh | ||
putty-ciphers.sh | ||
putty-kex.sh | ||
putty-transfer.sh | ||
reconfigure.sh | ||
reexec.sh | ||
rekey.sh | ||
rsa_openssh.prv | ||
rsa_openssh.pub | ||
rsa_ssh2.prv | ||
scp-ssh-wrapper.sh | ||
scp-uri.sh | ||
scp.sh | ||
servcfginclude.sh | ||
setuid-allowed.c | ||
sftp-badcmds.sh | ||
sftp-batch.sh | ||
sftp-chroot.sh | ||
sftp-cmds.sh | ||
sftp-glob.sh | ||
sftp-perm.sh | ||
sftp-uri.sh | ||
sftp.sh | ||
ssh-com-client.sh | ||
ssh-com-keygen.sh | ||
ssh-com-sftp.sh | ||
ssh-com.sh | ||
ssh2putty.sh | ||
sshcfgparse.sh | ||
sshd-log-wrapper.sh | ||
sshsig.sh | ||
stderr-after-eof.sh | ||
stderr-data.sh | ||
t4.ok | ||
t5.ok | ||
t11.ok | ||
test-exec.sh | ||
transfer.sh | ||
try-ciphers.sh | ||
valgrind-unit.sh | ||
yes-head.sh |
README.regress
Overview. $ ./configure && make tests You'll see some progress info. A failure will cause either the make to abort or the driver script to report a "FATAL" failure. The test consists of 2 parts. The first is the file-based tests which is driven by the Makefile, and the second is a set of network or proxycommand based tests, which are driven by a driver script (test-exec.sh) which is called multiple times by the Makefile. Failures in the first part will cause the Makefile to return an error. Failures in the second part will print a "FATAL" message for the failed test and continue. OpenBSD has a system-wide regression test suite. OpenSSH Portable's test suite is based on OpenBSD's with modifications. Environment variables. SKIP_UNIT: Skip unit tests. SUDO: path to sudo/doas command, if desired. Note that some systems (notably systems using PAM) require sudo to execute some tests. LTESTS: Whitespace separated list of tests (filenames without the .sh extension) to run. SKIP_LTESTS: Whitespace separated list of tests to skip. OBJ: used by test scripts to access build dir. TEST_SHELL: shell used for running the test scripts. TEST_SSH_FAIL_FATAL: set to "yes" to make any failure abort the test currently in progress. TEST_SSH_PORT: TCP port to be used for the listening tests. TEST_SSH_QUIET: set to "yes" to suppress non-fatal output. TEST_SSH_SSHD_CONFOPTS: Configuration directives to be added to sshd_config before running each test. TEST_SSH_SSH_CONFOPTS: Configuration directives to be added to ssh_config before running each test. TEST_SSH_TRACE: set to "yes" for verbose output from tests TEST_SSH_x: path to "ssh" command under test, where x is one of SSH, SSHD, SSHAGENT, SSHADD, SSHKEYGEN, SSHKEYSCAN, SFTP or SFTPSERVER USE_VALGRIND: Run the tests under valgrind memory checker. Individual tests. You can run an individual test from the top-level Makefile, eg: $ make tests LTESTS=agent-timeout If you need to manipulate the environment more you can invoke test-exec.sh directly if you set up the path to find the binaries under test and the test scripts themselves, for example: $ cd regress $ PATH=`pwd`/..:$PATH:. TEST_SHELL=/bin/sh sh test-exec.sh `pwd` \ agent-timeout.sh ok agent timeout test Files. test-exec.sh: the main test driver. Sets environment, creates config files and keys and runs the specified test. At the time of writing, the individual tests are: connect.sh: simple connect proxy-connect.sh: proxy connect connect-privsep.sh: proxy connect with privsep connect-uri.sh: uri connect proto-version.sh: sshd version with different protocol combinations proto-mismatch.sh: protocol version mismatch exit-status.sh: remote exit status envpass.sh: environment passing transfer.sh: transfer data banner.sh: banner rekey.sh: rekey stderr-data.sh: stderr data transfer stderr-after-eof.sh: stderr data after eof broken-pipe.sh: broken pipe test try-ciphers.sh: try ciphers yes-head.sh: yes pipe head login-timeout.sh: connect after login grace timeout agent.sh: simple connect via agent agent-getpeereid.sh: disallow agent attach from other uid agent-timeout.sh: agent timeout test agent-ptrace.sh: disallow agent ptrace attach keyscan.sh: keyscan keygen-change.sh: change passphrase for key keygen-convert.sh: convert keys keygen-moduli.sh: keygen moduli key-options.sh: key options scp.sh: scp scp-uri.sh: scp-uri sftp.sh: basic sftp put/get sftp-chroot.sh: sftp in chroot sftp-cmds.sh: sftp command sftp-badcmds.sh: sftp invalid commands sftp-batch.sh: sftp batchfile sftp-glob.sh: sftp glob sftp-perm.sh: sftp permissions sftp-uri.sh: sftp-uri ssh-com-client.sh: connect with ssh.com client ssh-com-keygen.sh: ssh.com key import ssh-com-sftp.sh: basic sftp put/get with ssh.com server ssh-com.sh: connect to ssh.com server reconfigure.sh: simple connect after reconfigure dynamic-forward.sh: dynamic forwarding forwarding.sh: local and remote forwarding multiplex.sh: connection multiplexing reexec.sh: reexec tests brokenkeys.sh: broken keys sshcfgparse.sh: ssh config parse cfgparse.sh: sshd config parse cfgmatch.sh: sshd_config match cfgmatchlisten.sh: sshd_config matchlisten addrmatch.sh: address match localcommand.sh: localcommand forcecommand.sh: forced command portnum.sh: port number parsing keytype.sh: login with different key types kextype.sh: login with different key exchange algorithms cert-hostkey.sh certified host keys cert-userkey.sh: certified user keys host-expand.sh: expand %h and %n keys-command.sh: authorized keys from command forward-control.sh: sshd control of local and remote forwarding integrity.sh: integrity krl.sh: key revocation lists multipubkey.sh: multiple pubkey limit-keytype.sh: restrict pubkey type hostkey-agent.sh: hostkey agent keygen-knownhosts.sh: ssh-keygen known_hosts hostkey-rotate.sh: hostkey rotate principals-command.sh: authorized principals command cert-file.sh: ssh with certificates cfginclude.sh: config include allow-deny-users.sh: AllowUsers/DenyUsers authinfo.sh: authinfo Problems? Run the failing test with shell tracing (-x) turned on: $ PATH=`pwd`/..:$PATH:. sh -x test-exec.sh `pwd` agent-timeout.sh Failed tests can be difficult to diagnose. Suggestions: - run the individual test via ./test-exec.sh `pwd` [testname] - set LogLevel to VERBOSE in test-exec.sh and enable syslogging of auth.debug (eg to /var/log/authlog). Known Issues. - Similarly, if you do not have "scp" in your system's $PATH then the multiplex scp tests will fail (since the system's shell startup scripts will determine where the shell started by sshd will look for scp). - Recent GNU coreutils deprecate "head -[n]": this will cause the yes-head test to fail. The old behaviour can be restored by setting (and exporting) _POSIX2_VERSION=199209 before running the tests.