openssh/regress
Jakub Jelen 342d6e5158 Adjust softhsm2 path on Fedora Linux for regress
The SoftHSM lives in Fedora in /usr/lib64/pkcs11/libsofthsm2.so
2019-03-29 22:37:15 +11:00
..
misc upstream: adapt to changes in KEX APIs and file removals 2019-01-21 23:51:29 +11:00
unittests upstream: adapt to changes in KEX API and file removals 2019-01-21 23:41:21 +11:00
Makefile upstream: add "extra:" target to run some extra tests that are not 2019-01-21 11:51:54 +11:00
README.regress document some more regress control env variables 2018-08-27 13:08:01 +10:00
addrmatch.sh
agent-getpeereid.sh space before tab in previous 2018-02-23 14:19:55 +11:00
agent-pkcs11.sh Adjust softhsm2 path on Fedora Linux for regress 2019-03-29 22:37:15 +11:00
agent-ptrace.sh Fix missed RCSID merges 2017-10-20 13:22:00 +11:00
agent-timeout.sh upstream: Count the number of key types instead of assuming there 2019-01-28 11:34:22 +11:00
agent.sh upstream: Enable ssh-dss for the agent test. Disable it for the 2019-01-28 11:34:22 +11:00
allow-deny-users.sh upstream: make this use ssh_proxy rather than starting/stopping a 2018-07-13 12:14:38 +10:00
authinfo.sh upstream: make this a bit more portable-friendly 2018-04-10 10:17:56 +10:00
banner.sh upstream commit 2017-05-01 11:59:42 +10:00
broken-pipe.sh upstream commit 2017-05-01 11:59:42 +10:00
brokenkeys.sh upstream commit 2017-05-01 11:59:42 +10:00
cert-file.sh upstream: more typos spotted by Karsten Weiss using codespell 2018-04-10 10:17:56 +10:00
cert-hostkey.sh upstream: UsePrivilegeSeparation no is deprecated 2018-11-22 16:24:20 +11:00
cert-userkey.sh upstream: UsePrivilegeSeparation no is deprecated 2018-11-22 16:24:20 +11:00
cfginclude.sh upstream commit 2016-06-08 11:42:39 +10:00
cfgmatch.sh upstream commit 2017-10-05 05:51:46 +11:00
cfgmatchlisten.sh increase timeout to match cfgmatch.sh 2018-07-13 11:41:33 +10:00
cfgparse.sh upstream: Clean up comment. 2018-06-01 14:23:22 +10:00
check-perm.c
cipher-speed.sh upstream commit 2017-05-01 11:59:42 +10:00
conch-ciphers.sh
connect-privsep.sh upstream commit 2017-05-01 11:59:42 +10:00
connect-uri.sh upstream commit 2017-10-31 09:08:51 +11:00
connect.sh upstream commit 2017-05-01 11:59:42 +10:00
dhgex.sh upstream commit 2017-05-08 11:54:17 +10:00
dsa_ssh2.prv
dsa_ssh2.pub
dynamic-forward.sh upstream commit 2017-09-26 16:56:15 +10:00
envpass.sh
exit-status.sh upstream commit 2017-05-01 11:59:42 +10:00
forcecommand.sh upstream commit 2017-05-01 11:59:42 +10:00
forward-control.sh upstream: test the correct configuration option name 2018-06-08 00:31:38 +10:00
forwarding.sh Create control sockets in clean temp directories 2018-07-20 14:55:29 +10:00
host-expand.sh upstream commit 2017-05-01 11:59:42 +10:00
hostkey-agent.sh upstream commit 2017-05-01 11:59:42 +10:00
hostkey-rotate.sh
integrity.sh upstream commit 2017-05-01 11:59:42 +10:00
kextype.sh
key-options.sh upstream: add a comment that could have saved me 45 minutes of wild 2018-07-04 23:52:50 +10:00
keygen-change.sh upstream commit 2017-05-01 11:59:42 +10:00
keygen-convert.sh
keygen-knownhosts.sh upstream: Adapt to extra default verboisity from ssh-keygen when 2018-06-01 14:24:08 +10:00
keygen-moduli.sh upstream commit 2016-09-14 11:34:59 +10:00
keys-command.sh upstream: Append pid to temp files in /var/run and set a cleanup 2018-11-22 20:58:27 +11:00
keyscan.sh upstream: The test sshd_config in in $OBJ. 2019-01-28 19:01:01 +11:00
keytype.sh upstream: explicitly specify RSA/SHA-2 keytype here too 2018-03-14 18:55:47 +11:00
krl.sh upstream: test revocation by explicit hash and by fingerprint 2018-09-12 16:51:14 +10:00
limit-keytype.sh upstream: exlicitly include RSA/SHA-2 keytypes in 2018-03-14 18:55:47 +11:00
localcommand.sh upstream commit 2017-05-01 11:59:42 +10:00
login-timeout.sh upstream commit 2017-09-18 14:11:22 +10:00
mkdtemp.c Missing unistd.h for regress/mkdtemp.c 2018-08-20 15:57:29 +10:00
modpipe.c Remove execute bit from modpipe.c. 2018-02-15 22:33:21 +11:00
moduli.in upstream commit 2016-09-14 10:57:21 +10:00
multiplex.sh upstream: regress bits for banner processing refactor (this test was 2019-01-17 16:27:05 +11:00
multipubkey.sh upstream: UsePrivilegeSeparation no is deprecated 2018-11-22 16:24:20 +11:00
netcat.c Set SO_REUSEADDR in regression test netcat. 2018-02-08 12:42:12 +11:00
portnum.sh
principals-command.sh upstream: Append pid to temp files in /var/run and set a cleanup 2018-11-22 20:58:27 +11:00
proto-mismatch.sh upstream commit 2017-05-01 11:59:42 +10:00
proto-version.sh upstream commit 2017-06-08 13:11:11 +10:00
proxy-connect.sh upstream commit 2017-10-05 05:51:46 +11:00
putty-ciphers.sh Provide $OBJ to paths in PuTTY interop tests. 2018-03-23 13:21:14 +11:00
putty-kex.sh Provide $OBJ to paths in PuTTY interop tests. 2018-03-23 13:21:14 +11:00
putty-transfer.sh Provide $OBJ to paths in PuTTY interop tests. 2018-03-23 13:21:14 +11:00
reconfigure.sh upstream commit 2017-05-01 11:59:42 +10:00
reexec.sh upstream commit 2017-09-18 14:11:42 +10:00
rekey.sh upstream: more typos spotted by Karsten Weiss using codespell 2018-04-10 10:17:56 +10:00
rsa_openssh.prv
rsa_openssh.pub
rsa_ssh2.prv
scp-ssh-wrapper.sh
scp-uri.sh upstream commit 2017-12-19 16:19:18 +11:00
scp.sh
setuid-allowed.c Adapt portable to legacy buffer API removal 2018-07-10 19:39:52 +10:00
sftp-badcmds.sh
sftp-batch.sh
sftp-chroot.sh upstream: Append pid to temp files in /var/run and set a cleanup 2018-11-22 20:58:27 +11:00
sftp-cmds.sh drop old Cygwin considerations 2019-03-28 09:23:46 +11:00
sftp-glob.sh
sftp-perm.sh
sftp-uri.sh Replace /dev/stdin with "-". 2018-03-25 09:40:46 +11:00
sftp.sh upstream commit 2017-10-31 09:08:51 +11:00
ssh-com-client.sh
ssh-com-keygen.sh
ssh-com-sftp.sh
ssh-com.sh upstream commit 2017-05-08 11:54:17 +10:00
ssh2putty.sh
sshcfgparse.sh upstream: exercise new expansion behaviour of 2018-07-04 23:52:50 +10:00
sshd-log-wrapper.sh Fix missed RCSID merges 2017-10-20 13:22:00 +11:00
stderr-after-eof.sh upstream commit 2017-05-01 11:59:42 +10:00
stderr-data.sh upstream commit 2017-05-01 11:59:42 +10:00
t4.ok
t5.ok
t11.ok
test-exec.sh drop old Cygwin considerations 2019-03-28 09:23:46 +11:00
transfer.sh upstream commit 2017-05-01 11:59:42 +10:00
try-ciphers.sh upstream commit 2017-05-01 11:59:42 +10:00
valgrind-unit.sh Enable leak checks for unit tests with valgrind 2018-07-13 11:41:33 +10:00
yes-head.sh Fix missed RCSID merges 2017-10-20 13:22:00 +11:00

README.regress

Overview.

$ ./configure && make tests

You'll see some progress info. A failure will cause either the make to
abort or the driver script to report a "FATAL" failure.

The test consists of 2 parts. The first is the file-based tests which is
driven by the Makefile, and the second is a set of network or proxycommand
based tests, which are driven by a driver script (test-exec.sh) which is
called multiple times by the Makefile.

Failures in the first part will cause the Makefile to return an error.
Failures in the second part will print a "FATAL" message for the failed
test and continue.

OpenBSD has a system-wide regression test suite. OpenSSH Portable's test
suite is based on OpenBSD's with modifications.


Environment variables.

SKIP_UNIT: Skip unit tests.
SUDO: path to sudo/doas command, if desired. Note that some systems
	(notably systems using PAM) require sudo to execute some tests.
LTESTS: Whitespace separated list of tests (filenames without the .sh
	extension) to run.
OBJ: used by test scripts to access build dir.
TEST_SHELL: shell used for running the test scripts.
TEST_SSH_FAIL_FATAL: set to "yes" to make any failure abort the test
	currently in progress.
TEST_SSH_PORT: TCP port to be used for the listening tests.
TEST_SSH_QUIET: set to "yes" to suppress non-fatal output.
TEST_SSH_SSHD_CONFOPTS: Configuration directives to be added to sshd_config
	before running each test.
TEST_SSH_SSH_CONFOPTS: Configuration directives to be added to
	ssh_config before running each test.
TEST_SSH_TRACE: set to "yes" for verbose output from tests 
TEST_SSH_x: path to "ssh" command under test, where x is one of
	SSH, SSHD, SSHAGENT, SSHADD, SSHKEYGEN, SSHKEYSCAN, SFTP or
	SFTPSERVER
USE_VALGRIND: Run the tests under valgrind memory checker.


Individual tests.

You can run an individual test from the top-level Makefile, eg:
$ make tests LTESTS=agent-timeout

If you need to manipulate the environment more you can invoke test-exec.sh
directly if you set up the path to find the binaries under test and the
test scripts themselves, for example:

$ cd regress
$ PATH=`pwd`/..:$PATH:. TEST_SHELL=/bin/sh sh test-exec.sh `pwd` \
    agent-timeout.sh
ok agent timeout test


Files.

test-exec.sh: the main test driver. Sets environment, creates config files
and keys and runs the specified test.

At the time of writing, the individual tests are:
agent-timeout.sh:	agent timeout test
agent.sh:		simple agent test
broken-pipe.sh:		broken pipe test
connect-privsep.sh:	proxy connect with privsep
connect.sh:		simple connect
exit-status.sh:		remote exit status
forwarding.sh:		local and remote forwarding
keygen-change.sh:	change passphrase for key
keyscan.sh:		keyscan
proto-mismatch.sh:	protocol version mismatch
proto-version.sh:	sshd version with different protocol combinations
proxy-connect.sh:	proxy connect
sftp.sh:		basic sftp put/get
ssh-com-client.sh:	connect with ssh.com client
ssh-com-keygen.sh:	ssh.com key import
ssh-com-sftp.sh:	basic sftp put/get with ssh.com server
ssh-com.sh:		connect to ssh.com server
stderr-after-eof.sh:	stderr data after eof
stderr-data.sh:		stderr data transfer
transfer.sh:		transfer data
try-ciphers.sh:		try ciphers
yes-head.sh:		yes pipe head


Problems?

Run the failing test with shell tracing (-x) turned on:
$ PATH=`pwd`/..:$PATH:. sh -x test-exec.sh `pwd` agent-timeout.sh

Failed tests can be difficult to diagnose. Suggestions:
- run the individual test via ./test-exec.sh `pwd` [testname]
- set LogLevel to VERBOSE in test-exec.sh and enable syslogging of
  auth.debug (eg to /var/log/authlog).


Known Issues.

- Similarly, if you do not have "scp" in your system's $PATH then the
  multiplex scp tests will fail (since the system's shell startup scripts
  will determine where the shell started by sshd will look for scp).

- Recent GNU coreutils deprecate "head -[n]": this will cause the yes-head
  test to fail.  The old behaviour can be restored by setting (and
  exporting) _POSIX2_VERSION=199209 before running the tests.