summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorDarren Tucker <dtucker@cvs.openbsd.org>2006-07-19 13:09:29 +0000
committerDarren Tucker <dtucker@cvs.openbsd.org>2006-07-19 13:09:29 +0000
commit3cae87b558e7736f0aa981c4e9821abea795746f (patch)
treef92fe4f24fa3939ea3cbed3fd735f03a618c3c3f
parentcfa145b22b3709f5d360086de1ea4287c550b37a (diff)
Add regress test for ForceCommand
-rw-r--r--regress/usr.bin/ssh/Makefile5
-rw-r--r--regress/usr.bin/ssh/forcecommand.sh42
2 files changed, 45 insertions, 2 deletions
diff --git a/regress/usr.bin/ssh/Makefile b/regress/usr.bin/ssh/Makefile
index a0f6e952470..8ae2580d527 100644
--- a/regress/usr.bin/ssh/Makefile
+++ b/regress/usr.bin/ssh/Makefile
@@ -1,4 +1,4 @@
-# $OpenBSD: Makefile,v 1.40 2006/07/17 12:08:02 dtucker Exp $
+# $OpenBSD: Makefile,v 1.41 2006/07/19 13:09:28 dtucker Exp $
REGRESS_TARGETS= t1 t2 t3 t4 t5 t6 t7
@@ -38,7 +38,8 @@ LTESTS= connect \
multiplex \
reexec \
brokenkeys \
- cfgmatch
+ cfgmatch \
+ forcecommand
USER!= id -un
CLEANFILES+= authorized_keys_${USER} known_hosts pidfile \
diff --git a/regress/usr.bin/ssh/forcecommand.sh b/regress/usr.bin/ssh/forcecommand.sh
new file mode 100644
index 00000000000..796e7c2c094
--- /dev/null
+++ b/regress/usr.bin/ssh/forcecommand.sh
@@ -0,0 +1,42 @@
+# $OpenBSD: forcecommand.sh,v 1.1 2006/07/19 13:09:28 dtucker Exp $
+# Placed in the Public Domain.
+
+tid="forced command"
+
+cp $OBJ/sshd_proxy $OBJ/sshd_proxy_bak
+
+echo -n 'command="true" ' >$OBJ/authorized_keys_$USER
+cat $OBJ/rsa.pub >> $OBJ/authorized_keys_$USER
+echo -n 'command="true" ' >>$OBJ/authorized_keys_$USER
+cat $OBJ/rsa1.pub >> $OBJ/authorized_keys_$USER
+
+for p in 1 2; do
+ trace "forced command in key option proto $p"
+ ${SSH} -$p -F $OBJ/ssh_proxy somehost false \ ||
+ fail "forced command in key proto $p"
+done
+
+echo -n 'command="false" ' >$OBJ/authorized_keys_$USER
+cat $OBJ/rsa.pub >> $OBJ/authorized_keys_$USER
+echo -n 'command="false" ' >>$OBJ/authorized_keys_$USER
+cat $OBJ/rsa1.pub >> $OBJ/authorized_keys_$USER
+
+cp $OBJ/sshd_proxy_bak $OBJ/sshd_proxy
+echo "ForceCommand true" >> $OBJ/sshd_proxy
+
+for p in 1 2; do
+ trace "forced command in sshd_config overrides key option proto $p"
+ ${SSH} -$p -F $OBJ/ssh_proxy somehost false \ ||
+ fail "forced command in key proto $p"
+done
+
+cp $OBJ/sshd_proxy_bak $OBJ/sshd_proxy
+echo "ForceCommand false" >> $OBJ/sshd_proxy
+echo "Match User $USER" >> $OBJ/sshd_proxy
+echo " ForceCommand true" >> $OBJ/sshd_proxy
+
+for p in 1 2; do
+ trace "forced command with match proto $p"
+ ${SSH} -$p -F $OBJ/ssh_proxy somehost false \ ||
+ fail "forced command in key proto $p"
+done