diff options
| author | Darren Tucker <dtucker@cvs.openbsd.org> | 2006-07-22 01:50:01 +0000 |
|---|---|---|
| committer | Darren Tucker <dtucker@cvs.openbsd.org> | 2006-07-22 01:50:01 +0000 |
| commit | 0d45d31658db8c3c1aa2bc9e7d4d3fcf75c7d0fb (patch) | |
| tree | f859f1480d189de8135be5262fc70c2214e019f8 | |
| parent | 51893cec4a0adb9b84f0acc0257f39dfec73d11c (diff) | |
Test that PermitOpen after a Match overrides global setting; ok djm@
| -rw-r--r-- | regress/usr.bin/ssh/cfgmatch.sh | 22 |
1 files changed, 21 insertions, 1 deletions
diff --git a/regress/usr.bin/ssh/cfgmatch.sh b/regress/usr.bin/ssh/cfgmatch.sh index 899240837d5..3a789faab67 100644 --- a/regress/usr.bin/ssh/cfgmatch.sh +++ b/regress/usr.bin/ssh/cfgmatch.sh @@ -1,4 +1,4 @@ -# $OpenBSD: cfgmatch.sh,v 1.1 2006/07/17 12:08:02 dtucker Exp $ +# $OpenBSD: cfgmatch.sh,v 1.2 2006/07/22 01:50:00 dtucker Exp $ # Placed in the Public Domain. tid="sshd_config match" @@ -15,6 +15,8 @@ stop_client() fi } +cp $OBJ/sshd_proxy $OBJ/sshd_proxy_bak + echo "PermitOpen 127.0.0.1:1" >>$OBJ/sshd_config echo "Match Address 127.0.0.1" >>$OBJ/sshd_config echo "PermitOpen 127.0.0.1:$PORT" >>$OBJ/sshd_config @@ -83,3 +85,21 @@ for p in 1 2; do fail "match permitopen permit proto $p" stop_client done + +cp $OBJ/sshd_proxy_bak $OBJ/sshd_proxy +echo "PermitOpen 127.0.0.1:1 127.0.0.1:$PORT 127.0.0.2:2" >>$OBJ/sshd_proxy +echo "Match User $USER" >>$OBJ/sshd_proxy +echo "PermitOpen 127.0.0.1:1 127.0.0.1:2" >>$OBJ/sshd_proxy + +# Test that a Match overrides a PermitOpen in the global section +for p in 1 2; do + rm -f $pidfile + trace "match permitopen proxy w/key opts proto $p" + ${SSH} -q -$p $fwd -F $OBJ/ssh_proxy -f somehost \ + "echo \$\$ > $pidfile; exec sleep 100" >>$TEST_SSH_LOGFILE 2>&1 ||\ + fail "match override permitopen proto $p sshd failed" + sleep 1; + ${SSH} -q -$p -p $fwdport -F $OBJ/ssh_config somehost true && \ + fail "match override permitopen proto $p" + stop_client +done |