From 54c784556e3579c24de9cc79e435e8bbaa4f6c81 Mon Sep 17 00:00:00 2001 From: Daniel Stenberg Date: Mon, 8 Apr 2019 19:43:48 +0200 Subject: [PATCH] test: make tests and test scripts use socksd for SOCKS Make all SOCKS tests use socksd instead of ssh. --- tests/data/Makefile.inc | 2 +- tests/data/test702 | 4 ++ tests/data/test703 | 4 ++ tests/data/test711 | 3 +- tests/data/test716 | 44 +++++++++++++ tests/data/test717 | 65 ++++++++++++++++++ tests/getpart.pm | 2 +- tests/runtests.pl | 142 +++++++--------------------------------- tests/sshserver.pl | 25 ++----- 9 files changed, 149 insertions(+), 142 deletions(-) create mode 100644 tests/data/test716 create mode 100644 tests/data/test717 diff --git a/tests/data/Makefile.inc b/tests/data/Makefile.inc index a8c211191..35eaccef9 100644 --- a/tests/data/Makefile.inc +++ b/tests/data/Makefile.inc @@ -86,7 +86,7 @@ test643 test644 test645 test646 test647 test648 test649 test650 test651 \ test652 test653 test654 test655 test656 test658 test659 \ \ test700 test701 test702 test703 test704 test705 test706 test707 test708 \ -test709 test710 test711 test712 test713 test714 test715 \ +test709 test710 test711 test712 test713 test714 test715 test716 test717 \ \ test800 test801 test802 test803 test804 test805 test806 test807 test808 \ test809 test810 test811 test812 test813 test814 test815 test816 test817 \ diff --git a/tests/data/test702 b/tests/data/test702 index 36af71328..9fc954a02 100644 --- a/tests/data/test702 +++ b/tests/data/test702 @@ -12,6 +12,10 @@ FAILURE +# 91 is socks4 failure + +response 91 + # Client-side diff --git a/tests/data/test703 b/tests/data/test703 index 4aa89b46a..3c0fb314d 100644 --- a/tests/data/test703 +++ b/tests/data/test703 @@ -12,6 +12,10 @@ FAILURE +# 1 is socks5 failure + +response 1 + # Client-side diff --git a/tests/data/test711 b/tests/data/test711 index 6e9a2a262..3efbb7977 100644 --- a/tests/data/test711 +++ b/tests/data/test711 @@ -16,7 +16,6 @@ all_proxy silly content -backendport passthru @@ -28,7 +27,7 @@ ftp socks5 -all_proxy=socks5://%HOSTIP:%SOCKSPORT +all_proxy=socks5://%HOSTIP:%SOCKSPORT FTP fetch with all_proxy set to socks5 diff --git a/tests/data/test716 b/tests/data/test716 new file mode 100644 index 000000000..db61dcb39 --- /dev/null +++ b/tests/data/test716 @@ -0,0 +1,44 @@ + + + +HTTP +SOCKS5 +all_proxy + + +# +# Server-side + +# method 2 is SOCKS5 asking for user+password + +method 2 + + + +# +# Client-side + + +socks5 + + +http + + +SOCKS5 proxy with too long user name + + +# it should never connect to the target server + +http://hohoho.example.com:99/716 -x socks5://AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA:b@%HOSTIP:%SOCKSPORT + + + +# +# Verify data after the test has been "shot" + + +43 + + + diff --git a/tests/data/test717 b/tests/data/test717 new file mode 100644 index 000000000..35392443e --- /dev/null +++ b/tests/data/test717 @@ -0,0 +1,65 @@ + + + +HTTP +SOCKS5 +all_proxy + + +# +# Server-side + + +HTTP/1.1 200 OK +Date: Thu, 09 Nov 2010 14:49:00 GMT +Server: test-server/fake +Last-Modified: Tue, 13 Jun 2000 12:10:00 GMT +ETag: "21025-dc7-39462498" +Accept-Ranges: bytes +Content-Length: 6 +Connection: close +Content-Type: text/html +Funny-head: yesyes + +-foo- + +# method 2 is SOCKS5 asking for user+password + +method 2 +user uz3r +password p4ssworm +backendport %HTTPPORT + + + +# +# Client-side + + +socks5 +http + + +SOCKS5 proxy auth + + +# target a port that won't work without the SOCKS magic + +http://%HOSTIP:1/717 -x socks5://uz3r:p4ssworm@%HOSTIP:%SOCKSPORT + + + +# +# Verify data after the test has been "shot" + + +^User-Agent:.* + + +GET /717 HTTP/1.1 +Host: %HOSTIP:1 +Accept: */* + + + + diff --git a/tests/getpart.pm b/tests/getpart.pm index 5198b5fa3..7080bf4b7 100644 --- a/tests/getpart.pm +++ b/tests/getpart.pm @@ -5,7 +5,7 @@ # | (__| |_| | _ <| |___ # \___|\___/|_| \_\_____| # -# Copyright (C) 1998 - 2012, Daniel Stenberg, , et al. +# Copyright (C) 1998 - 2019, Daniel Stenberg, , et al. # # This software is licensed as described in the file COPYING, which # you should have received as part of this distribution. The terms diff --git a/tests/runtests.pl b/tests/runtests.pl index 1fb7354ec..e52239def 100755 --- a/tests/runtests.pl +++ b/tests/runtests.pl @@ -276,7 +276,7 @@ my $sshdvernum; # for socks server, ssh daemon version number my $sshdverstr; # for socks server, ssh daemon version string my $sshderror; # for socks server, ssh daemon version error -my $defserverlogslocktimeout = 20; # timeout to await server logs lock removal +my $defserverlogslocktimeout = 2; # timeout to await server logs lock removal my $defpostcommanddelay = 0; # delay between command and postcheck sections my $timestats; # time stamping and stats generation @@ -2012,7 +2012,6 @@ sub runsshserver { my ($id, $verbose, $ipv6) = @_; my $ip=$HOSTIP; my $port = $SSHPORT; - my $socksport = $SOCKSPORT; my $proto = 'ssh'; my $ipvnum = 4; my $idnum = ($id && ($id =~ /^(\d+)$/) && ($id > 1)) ? $id : 1; @@ -2046,7 +2045,7 @@ sub runsshserver { $flags .= "--pidfile \"$pidfile\" "; $flags .= "--id $idnum " if($idnum > 1); $flags .= "--ipv$ipvnum --addr \"$ip\" "; - $flags .= "--sshport $port --socksport $socksport "; + $flags .= "--sshport $port "; $flags .= "--user \"$USER\""; my $cmd = "$perl $srcdir/sshserver.pl $flags"; @@ -2139,108 +2138,27 @@ sub runsocksserver { $logfile = server_logfilename($LOGDIR, $proto, $ipvnum, $idnum); - # The ssh server must be already running - if(!$run{'ssh'}) { - logmsg "RUN: SOCKS server cannot find running SSH server\n"; - $doesntrun{$pidfile} = 1; - return (0,0); - } + # start our socks server, get commands from the FTP cmd file + my $cmd="$srcdir/server/socksd". + " --port $port ". + " --pidfile $pidfile". + " --backend $HOSTIP". + " --config $FTPDCMD"; + my ($sockspid, $pid2) = startnew($cmd, $pidfile, 30, 0); - # Find out ssh daemon canonical file name - my $sshd = find_sshd(); - if(!$sshd) { - logmsg "RUN: SOCKS server cannot find $sshdexe\n"; - $doesntrun{$pidfile} = 1; - return (0,0); - } - - # Find out ssh daemon version info - ($sshdid, $sshdvernum, $sshdverstr, $sshderror) = sshversioninfo($sshd); - if(!$sshdid) { - # Not an OpenSSH or SunSSH ssh daemon - logmsg "$sshderror\n" if($verbose); - logmsg "SCP, SFTP and SOCKS tests require OpenSSH 2.9.9 or later\n"; - $doesntrun{$pidfile} = 1; - return (0,0); - } - logmsg "ssh server found $sshd is $sshdverstr\n" if($verbose); - - # Find out ssh client canonical file name - my $ssh = find_ssh(); - if(!$ssh) { - logmsg "RUN: SOCKS server cannot find $sshexe\n"; - $doesntrun{$pidfile} = 1; - return (0,0); - } - - # Find out ssh client version info - my ($sshid, $sshvernum, $sshverstr, $ssherror) = sshversioninfo($ssh); - if(!$sshid) { - # Not an OpenSSH or SunSSH ssh client - logmsg "$ssherror\n" if($verbose); - logmsg "SCP, SFTP and SOCKS tests require OpenSSH 2.9.9 or later\n"; - $doesntrun{$pidfile} = 1; - return (0,0); - } - - # Verify minimum ssh client version - if((($sshid =~ /OpenSSH/) && ($sshvernum < 299)) || - (($sshid =~ /SunSSH/) && ($sshvernum < 100))) { - logmsg "ssh client found $ssh is $sshverstr\n"; - logmsg "SCP, SFTP and SOCKS tests require OpenSSH 2.9.9 or later\n"; - $doesntrun{$pidfile} = 1; - return (0,0); - } - logmsg "ssh client found $ssh is $sshverstr\n" if($verbose); - - # Verify if ssh client and ssh daemon versions match - if(($sshdid ne $sshid) || ($sshdvernum != $sshvernum)) { - # Our test harness might work with slightly mismatched versions - logmsg "Warning: version mismatch: sshd $sshdverstr - ssh $sshverstr\n" - if($verbose); - } - - # Config file options for ssh client are previously set from sshserver.pl - if(! -e $sshconfig) { - logmsg "RUN: SOCKS server cannot find $sshconfig\n"; - $doesntrun{$pidfile} = 1; - return (0,0); - } - - $sshlog = server_logfilename($LOGDIR, 'socks', $ipvnum, $idnum); - - # start our socks server - my $cmd="\"$ssh\" -N -F $sshconfig $ip > $sshlog 2>&1"; - my ($sshpid, $pid2) = startnew($cmd, $pidfile, 30, 1); # fake pidfile - - if($sshpid <= 0 || !pidexists($sshpid)) { + if($sockspid <= 0 || !pidexists($sockspid)) { # it is NOT alive logmsg "RUN: failed to start the $srvrname server\n"; - display_sshlog(); - display_sshconfig(); - display_sshdlog(); - display_sshdconfig(); stopserver($server, "$pid2"); $doesntrun{$pidfile} = 1; return (0,0); } - # Ugly hack but ssh doesn't support pid files. PID is from fake pidfile. - my $pid3 = verifyserver($proto, $ipvnum, $idnum, $ip, $port); - if(!$pid3) { - logmsg "RUN: $srvrname server failed verification\n"; - # failed to talk to it properly. Kill the server and return failure - stopserver($server, "$sshpid $pid2"); - $doesntrun{$pidfile} = 1; - return (0,0); - } - $pid2 = $pid3; - if($verbose) { logmsg "RUN: $srvrname server is now running PID $pid2\n"; } - return ($pid2, $sshpid); + return ($pid2, $sockspid); } ####################################################################### @@ -3642,6 +3560,7 @@ sub singletest { } } $ENV{$var} = "$content"; + print "setenv $var = $content\n" if($verbose); } } } @@ -3757,7 +3676,7 @@ sub singletest { } # if this section exists, it might be FTP server instructions: - my @ftpservercmd = getpart("reply", "servercmd"); + my @ftpservercmd = fixarray ( getpart("reply", "servercmd") ); my $CURLOUT="$LOGDIR/curl$testnum.out"; # curl output if not stdout @@ -4974,7 +4893,7 @@ sub startservers { $run{'tftp-ipv6'}="$pid $pid2"; } } - elsif($what eq "sftp" || $what eq "scp" || $what eq "socks4" || $what eq "socks5" ) { + elsif($what eq "sftp" || $what eq "scp") { if(!$run{'ssh'}) { ($pid, $pid2) = runsshserver("", $verbose); if($pid <= 0) { @@ -4983,32 +4902,15 @@ sub startservers { printf ("* pid ssh => %d %d\n", $pid, $pid2) if($verbose); $run{'ssh'}="$pid $pid2"; } - if($what eq "socks4" || $what eq "socks5") { - if(!$run{'socks'}) { - ($pid, $pid2) = runsocksserver("", $verbose); - if($pid <= 0) { - return "failed starting socks server"; - } - printf ("* pid socks => %d %d\n", $pid, $pid2) if($verbose); - $run{'socks'}="$pid $pid2"; - } - } - if($what eq "socks5") { - if(!$sshdid) { - # Not an OpenSSH or SunSSH ssh daemon - logmsg "Not OpenSSH or SunSSH; socks5 tests need at least OpenSSH 3.7\n"; - return "failed starting socks5 server"; - } - elsif(($sshdid =~ /OpenSSH/) && ($sshdvernum < 370)) { - # Need OpenSSH 3.7 for socks5 - https://www.openssh.com/txt/release-3.7 - logmsg "$sshdverstr insufficient; socks5 tests need at least OpenSSH 3.7\n"; - return "failed starting socks5 server"; - } - elsif(($sshdid =~ /SunSSH/) && ($sshdvernum < 100)) { - # Need SunSSH 1.0 for socks5 - logmsg "$sshdverstr insufficient; socks5 tests need at least SunSSH 1.0\n"; - return "failed starting socks5 server"; + } + elsif($what eq "socks4" || $what eq "socks5" ) { + if(!$run{'socks'}) { + ($pid, $pid2) = runsocksserver("", $verbose); + if($pid <= 0) { + return "failed starting socks server"; } + printf ("* pid socks => %d %d\n", $pid, $pid2) if($verbose); + $run{'socks'}="$pid $pid2"; } } elsif($what eq "http-unix") { diff --git a/tests/sshserver.pl b/tests/sshserver.pl index 9b3d122fd..428535ece 100755 --- a/tests/sshserver.pl +++ b/tests/sshserver.pl @@ -6,7 +6,7 @@ # | (__| |_| | _ <| |___ # \___|\___/|_| \_\_____| # -# Copyright (C) 1998 - 2014, Daniel Stenberg, , et al. +# Copyright (C) 1998 - 2019, Daniel Stenberg, , et al. # # This software is licensed as described in the file COPYING, which # you should have received as part of this distribution. The terms @@ -21,7 +21,7 @@ # #*************************************************************************** -# Starts sshd for use in the SCP, SFTP and SOCKS curl test harness tests. +# Starts sshd for use in the SCP and SFTP curl test harness tests. # Also creates the ssh configuration files needed for these tests. use strict; @@ -81,7 +81,6 @@ use pathhelp; my $verbose = 0; # set to 1 for debugging my $debugprotocol = 0; # set to 1 for protocol debugging my $port = 8999; # our default SCP/SFTP server port -my $socksport = $port + 1; # our default SOCKS4/5 server port my $listenaddr = '127.0.0.1'; # default address on which to listen my $ipvnum = 4; # default IP version of listener address my $idnum = 1; # default ssh daemon instance number @@ -157,14 +156,6 @@ while(@ARGV) { } } } - elsif($ARGV[0] eq '--socksport') { - if($ARGV[1]) { - if($ARGV[1] =~ /^(\d+)$/) { - $socksport = $1; - shift @ARGV; - } - } - } else { print STDERR "\nWarning: sshserver.pl unknown parameter: $ARGV[0]\n"; } @@ -181,11 +172,10 @@ if(!$pidfile) { #*************************************************************************** -# ssh, socks and sftp server log file names +# ssh and sftp server log file names # $sshdlog = server_logfilename($logdir, 'ssh', $ipvnum, $idnum); $sftplog = server_logfilename($logdir, 'sftp', $ipvnum, $idnum); -$sshlog = server_logfilename($logdir, 'socks', $ipvnum, $idnum); #*************************************************************************** @@ -226,7 +216,7 @@ my ($sshdid, $sshdvernum, $sshdverstr, $sshderror) = sshversioninfo($sshd); if(!$sshdid) { # Not an OpenSSH or SunSSH ssh daemon logmsg $sshderror if($verbose); - logmsg 'SCP, SFTP and SOCKS tests require OpenSSH 2.9.9 or later'; + logmsg 'SCP and SFTP tests require OpenSSH 2.9.9 or later'; exit 1; } logmsg "ssh server found $sshd is $sshdverstr" if($verbose); @@ -255,7 +245,7 @@ logmsg "ssh server found $sshd is $sshdverstr" if($verbose); # if((($sshdid =~ /OpenSSH/) && ($sshdvernum < 299)) || (($sshdid =~ /SunSSH/) && ($sshdvernum < 100))) { - logmsg 'SCP, SFTP and SOCKS tests require OpenSSH 2.9.9 or later'; + logmsg 'SCP and SFTP tests require OpenSSH 2.9.9 or later'; exit 1; } @@ -310,7 +300,7 @@ my ($sshid, $sshvernum, $sshverstr, $ssherror) = sshversioninfo($ssh); if(!$sshid) { # Not an OpenSSH or SunSSH ssh client logmsg $ssherror if($verbose); - logmsg 'SCP, SFTP and SOCKS tests require OpenSSH 2.9.9 or later'; + logmsg 'SCP and SFTP tests require OpenSSH 2.9.9 or later'; exit 1; } logmsg "ssh client found $ssh is $sshverstr" if($verbose); @@ -341,7 +331,7 @@ logmsg "ssh client found $ssh is $sshverstr" if($verbose); # if((($sshid =~ /OpenSSH/) && ($sshvernum < 299)) || (($sshid =~ /SunSSH/) && ($sshvernum < 100))) { - logmsg 'SCP, SFTP and SOCKS tests require OpenSSH 2.9.9 or later'; + logmsg 'SCP and SFTP tests require OpenSSH 2.9.9 or later'; exit 1; } @@ -864,7 +854,6 @@ push @cfgarr, "User $username"; push @cfgarr, 'Protocol 2'; push @cfgarr, '#'; push @cfgarr, "BindAddress $listenaddr"; -push @cfgarr, "DynamicForward $socksport"; push @cfgarr, '#'; push @cfgarr, "IdentityFile $identity_config"; push @cfgarr, "UserKnownHostsFile $knownhosts_config";