From 37b875d2ad842846dfb277e895434ec8db2c945d Mon Sep 17 00:00:00 2001 From: djm Date: Thu, 21 May 2015 06:40:02 +0000 Subject: [PATCH] regress test for AuthorizedKeysCommand arguments --- regress/usr.bin/ssh/keys-command.sh | 59 +++++++++++++++++++++++------ 1 file changed, 48 insertions(+), 11 deletions(-) diff --git a/regress/usr.bin/ssh/keys-command.sh b/regress/usr.bin/ssh/keys-command.sh index e41de55ad9a..21aded10d64 100644 --- a/regress/usr.bin/ssh/keys-command.sh +++ b/regress/usr.bin/ssh/keys-command.sh @@ -1,4 +1,4 @@ -# $OpenBSD: keys-command.sh,v 1.2 2012/12/06 06:06:54 dtucker Exp $ +# $OpenBSD: keys-command.sh,v 1.3 2015/05/21 06:40:02 djm Exp $ # Placed in the Public Domain. tid="authorized keys from command" @@ -7,26 +7,63 @@ if [ -z "$SUDO" ]; then fatal "need SUDO to create file in /var/run, test won't work without" fi +rm -f $OBJ/keys-command-args + +touch $OBJ/keys-command-args +chmod a+rw $OBJ/keys-command-args + +expected_key_text=`awk '{ print $2 }' < $OBJ/rsa.pub` +expected_key_fp=`$SSHKEYGEN -lf $OBJ/rsa.pub | awk '{ print $2 }'` + # Establish a AuthorizedKeysCommand in /var/run where it will have # acceptable directory permissions. KEY_COMMAND="/var/run/keycommand_${LOGNAME}" -cat << _EOF | $SUDO sh -c "cat > '$KEY_COMMAND'" +cat << _EOF | $SUDO sh -c "rm -f '$KEY_COMMAND' ; cat > '$KEY_COMMAND'" #!/bin/sh +echo args: "\$@" >> $OBJ/keys-command-args +echo "$PATH" | grep -q mekmitasdigoat && exit 7 test "x\$1" != "x${LOGNAME}" && exit 1 +if test $# -eq 6 ; then + test "x\$2" != "xblah" && exit 2 + test "x\$3" != "x${expected_key_text}" && exit 3 + test "x\$4" != "xssh-rsa" && exit 4 + test "x\$5" != "x${expected_key_fp}" && exit 5 + test "x\$6" != "xblah" && exit 6 +fi exec cat "$OBJ/authorized_keys_${LOGNAME}" _EOF $SUDO chmod 0755 "$KEY_COMMAND" -cp $OBJ/sshd_proxy $OBJ/sshd_proxy.bak -( - grep -vi AuthorizedKeysFile $OBJ/sshd_proxy.bak - echo AuthorizedKeysFile none - echo AuthorizedKeysCommand $KEY_COMMAND - echo AuthorizedKeysCommandUser ${LOGNAME} -) > $OBJ/sshd_proxy - if [ -x $KEY_COMMAND ]; then - ${SSH} -F $OBJ/ssh_proxy somehost true + cp $OBJ/sshd_proxy $OBJ/sshd_proxy.bak + + verbose "AuthorizedKeysCommand with arguments" + ( + grep -vi AuthorizedKeysFile $OBJ/sshd_proxy.bak + echo AuthorizedKeysFile none + echo AuthorizedKeysCommand $KEY_COMMAND %u blah %k %t %f blah + echo AuthorizedKeysCommandUser ${LOGNAME} + ) > $OBJ/sshd_proxy + + # Ensure that $PATH is sanitised in sshd + env PATH=$PATH:/sbin/mekmitasdigoat \ + ${SSH} -F $OBJ/ssh_proxy somehost true + if [ $? -ne 0 ]; then + fail "connect failed" + fi + + verbose "AuthorizedKeysCommand without arguments" + # Check legacy behavior of no-args resulting in username being passed. + ( + grep -vi AuthorizedKeysFile $OBJ/sshd_proxy.bak + echo AuthorizedKeysFile none + echo AuthorizedKeysCommand $KEY_COMMAND + echo AuthorizedKeysCommandUser ${LOGNAME} + ) > $OBJ/sshd_proxy + + # Ensure that $PATH is sanitised in sshd + env PATH=$PATH:/sbin/mekmitasdigoat \ + ${SSH} -F $OBJ/ssh_proxy somehost true if [ $? -ne 0 ]; then fail "connect failed" fi -- 2.20.1