mirror of https://github.com/moparisthebest/curl
Daniel Black's test suite fixes and initial test cases for SOCKS4/5 using
openssh
This commit is contained in:
parent
48064f8dee
commit
a466b31574
|
@ -5,8 +5,11 @@ log
|
||||||
*.pid
|
*.pid
|
||||||
*.pdf
|
*.pdf
|
||||||
*.html
|
*.html
|
||||||
|
curl_client_knownhosts
|
||||||
curl_client_key
|
curl_client_key
|
||||||
curl_client_key.pub
|
curl_client_key.pub
|
||||||
curl_host_dsa_key
|
curl_host_dsa_key
|
||||||
curl_host_dsa_key.pub
|
curl_host_dsa_key.pub
|
||||||
|
curl_sshd_config
|
||||||
|
curl_ssh_config
|
||||||
stunnel.conf
|
stunnel.conf
|
||||||
|
|
|
@ -133,6 +133,8 @@ https
|
||||||
none
|
none
|
||||||
scp
|
scp
|
||||||
sftp
|
sftp
|
||||||
|
socks4
|
||||||
|
socks5
|
||||||
|
|
||||||
Give only one per line. This subsection is mandatory.
|
Give only one per line. This subsection is mandatory.
|
||||||
</server>
|
</server>
|
||||||
|
@ -227,6 +229,7 @@ Available substitute variables include:
|
||||||
%TFTPPORT - Port number of the TFTP server
|
%TFTPPORT - Port number of the TFTP server
|
||||||
%TFTP6PORT - IPv6 port number of the TFTP server
|
%TFTP6PORT - IPv6 port number of the TFTP server
|
||||||
%SSHPORT - Port number of the SCP/SFTP server
|
%SSHPORT - Port number of the SCP/SFTP server
|
||||||
|
%SOCKSPORT - Port number of the SOCKS4/5 server
|
||||||
%SRCDIR - Full path to the source dir
|
%SRCDIR - Full path to the source dir
|
||||||
%PWD - Current directory
|
%PWD - Current directory
|
||||||
%CURL - Path to the curl executable
|
%CURL - Path to the curl executable
|
||||||
|
|
11
tests/README
11
tests/README
|
@ -11,6 +11,8 @@ Requires:
|
||||||
diff (when a test fail, a diff is shown)
|
diff (when a test fail, a diff is shown)
|
||||||
stunnel (for HTTPS and FTPS tests)
|
stunnel (for HTTPS and FTPS tests)
|
||||||
sshd (for SCP and SFTP tests; OpenSSH ver. 3.8 is known to work)
|
sshd (for SCP and SFTP tests; OpenSSH ver. 3.8 is known to work)
|
||||||
|
ssh (for SOCKS4 and SOCK5 tests; OpenSSH ver. 4.5 is known to work.
|
||||||
|
OpenSSH version 3.7 or greater is needed for SOCKS5)
|
||||||
|
|
||||||
TCP ports used by default:
|
TCP ports used by default:
|
||||||
|
|
||||||
|
@ -23,11 +25,13 @@ TCP ports used by default:
|
||||||
- 8996 on localhost for FTP IPv6 tests
|
- 8996 on localhost for FTP IPv6 tests
|
||||||
- 8997 on localhost for TFTP tests
|
- 8997 on localhost for TFTP tests
|
||||||
- 8999 on localhost for SCP/SFTP tests
|
- 8999 on localhost for SCP/SFTP tests
|
||||||
|
- 9000 on localhost for SOCKS tests
|
||||||
|
|
||||||
The test suite runs simple FTP, HTTP and TFTP servers on these ports to
|
The test suite runs simple FTP, HTTP and TFTP servers on these ports to
|
||||||
which it makes requests. For SSL tests, it runs stunnel to handle
|
which it makes requests. For SSL tests, it runs stunnel to handle
|
||||||
encryption to the regular servers. For SSH, it runs a standard OpenSSH
|
encryption to the regular servers. For SSH, it runs a standard OpenSSH
|
||||||
server.
|
server. For SOCKS4/5 tests SSH is used to perform the SOCKS functionality
|
||||||
|
and requires a SSH client and server.
|
||||||
|
|
||||||
The base port number shown above can be changed using runtests' -b option
|
The base port number shown above can be changed using runtests' -b option
|
||||||
to allow running more than one instance of the test suite simultaneously
|
to allow running more than one instance of the test suite simultaneously
|
||||||
|
@ -92,7 +96,8 @@ TEST CASE NUMBERS
|
||||||
400 - 499 FTPS
|
400 - 499 FTPS
|
||||||
500 - 599 libcurl source code tests, not using the curl command tool
|
500 - 599 libcurl source code tests, not using the curl command tool
|
||||||
600 - 699 SCP/SFTP
|
600 - 699 SCP/SFTP
|
||||||
700 - 799 miscellanous*
|
700 - 799 SOCKS4 (even numbers) and SOCK5 (odd numbers)
|
||||||
|
1000 - x miscellanous*
|
||||||
|
|
||||||
Since 30-apr-2003, there's nothing in the system that requires us to keep
|
Since 30-apr-2003, there's nothing in the system that requires us to keep
|
||||||
within these number series, and those sections marked with * actually
|
within these number series, and those sections marked with * actually
|
||||||
|
@ -102,3 +107,5 @@ TEST CASE NUMBERS
|
||||||
TODO:
|
TODO:
|
||||||
|
|
||||||
* Add tests for TELNET, LDAP, DICT...
|
* Add tests for TELNET, LDAP, DICT...
|
||||||
|
* SOCKS4/5 test deficiencies - no proxy authentication tests as SSH (the
|
||||||
|
test mechanism) doesn't support them
|
||||||
|
|
|
@ -28,8 +28,8 @@ EXTRA_DIST = test1 test108 test117 test127 test20 test27 test34 test46 \
|
||||||
test194 test195 test196 test197 test198 test515 test516 test517 test518 \
|
test194 test195 test196 test197 test198 test515 test516 test517 test518 \
|
||||||
test210 test211 test212 test220 test221 test222 test223 test224 test206 \
|
test210 test211 test212 test220 test221 test222 test223 test224 test206 \
|
||||||
test207 test208 test209 test213 test240 test241 test242 test519 test214 \
|
test207 test208 test209 test213 test240 test241 test242 test519 test214 \
|
||||||
test215 test216 test217 test218 test199 test225 test226 test227 \
|
test215 test216 test217 test218 test199 test225 test226 test227 \
|
||||||
test228 test229 test233 test234 test235 test236 test520 \
|
test228 test229 test233 test234 test235 test236 test520 \
|
||||||
test237 test238 test239 test243 test245 test246 test247 test248 test249 \
|
test237 test238 test239 test243 test245 test246 test247 test248 test249 \
|
||||||
test250 test251 test252 test253 test254 test255 test521 test522 test523 \
|
test250 test251 test252 test253 test254 test255 test521 test522 test523 \
|
||||||
test256 test257 test258 test259 test260 test261 test262 test263 test264 \
|
test256 test257 test258 test259 test260 test261 test262 test263 test264 \
|
||||||
|
@ -41,4 +41,4 @@ EXTRA_DIST = test1 test108 test117 test127 test20 test27 test34 test46 \
|
||||||
test603 test401 test402 test290 test291 test292 test293 test403 test404 \
|
test603 test401 test402 test290 test291 test292 test293 test403 test404 \
|
||||||
test405 test604 test605 test606 test607 test608 test609 test294 test295 \
|
test405 test604 test605 test606 test607 test608 test609 test294 test295 \
|
||||||
test296 test297 test298 test610 test611 test612 test406 test407 test408 \
|
test296 test297 test298 test610 test611 test612 test406 test407 test408 \
|
||||||
test409 test613 test614
|
test409 test613 test614 test700 test701 test702 test704 test705
|
||||||
|
|
|
@ -0,0 +1,57 @@
|
||||||
|
<testcase>
|
||||||
|
<info>
|
||||||
|
<keywords>
|
||||||
|
HTTP
|
||||||
|
HTTP GET
|
||||||
|
SOCKS4
|
||||||
|
</keywords>
|
||||||
|
</info>
|
||||||
|
|
||||||
|
#
|
||||||
|
# Server-side
|
||||||
|
<reply name="1">
|
||||||
|
<data>
|
||||||
|
HTTP/1.1 200 OK
|
||||||
|
Date: Thu, 09 Nov 2010 14:49:00 GMT
|
||||||
|
Server: test-server/fake
|
||||||
|
Last-Modified: Tue, 13 Jun 2000 12:10:00 GMT
|
||||||
|
ETag: "21025-dc7-39462498"
|
||||||
|
Accept-Ranges: bytes
|
||||||
|
Content-Length: 6
|
||||||
|
Connection: close
|
||||||
|
Content-Type: text/html
|
||||||
|
Funny-head: yesyes
|
||||||
|
|
||||||
|
-foo-
|
||||||
|
</data>
|
||||||
|
</reply>
|
||||||
|
|
||||||
|
#
|
||||||
|
# Client-side
|
||||||
|
<client>
|
||||||
|
<server>
|
||||||
|
http
|
||||||
|
socks4
|
||||||
|
</server>
|
||||||
|
<name>
|
||||||
|
HTTP GET via SOCK4 proxy
|
||||||
|
</name>
|
||||||
|
<command>
|
||||||
|
--socks4 %HOSTIP:%SOCKSPORT http://%HOSTIP:%HTTPPORT/700
|
||||||
|
</command>
|
||||||
|
</client>
|
||||||
|
|
||||||
|
#
|
||||||
|
# Verify data after the test has been "shot"
|
||||||
|
<verify>
|
||||||
|
<strip>
|
||||||
|
^User-Agent:.*
|
||||||
|
</strip>
|
||||||
|
<protocol>
|
||||||
|
GET /700 HTTP/1.1
|
||||||
|
Host: 127.0.0.1:%HTTPPORT
|
||||||
|
Accept: */*
|
||||||
|
|
||||||
|
</protocol>
|
||||||
|
</verify>
|
||||||
|
</testcase>
|
|
@ -0,0 +1,57 @@
|
||||||
|
<testcase>
|
||||||
|
<info>
|
||||||
|
<keywords>
|
||||||
|
HTTP
|
||||||
|
HTTP GET
|
||||||
|
SOCKS5
|
||||||
|
</keywords>
|
||||||
|
</info>
|
||||||
|
|
||||||
|
#
|
||||||
|
# Server-side
|
||||||
|
<reply name="1">
|
||||||
|
<data>
|
||||||
|
HTTP/1.1 200 OK
|
||||||
|
Date: Thu, 09 Nov 2010 14:49:00 GMT
|
||||||
|
Server: test-server/fake
|
||||||
|
Last-Modified: Tue, 13 Jun 2000 12:10:00 GMT
|
||||||
|
ETag: "21025-dc7-39462498"
|
||||||
|
Accept-Ranges: bytes
|
||||||
|
Content-Length: 6
|
||||||
|
Connection: close
|
||||||
|
Content-Type: text/html
|
||||||
|
Funny-head: yesyes
|
||||||
|
|
||||||
|
-foo-
|
||||||
|
</data>
|
||||||
|
</reply>
|
||||||
|
|
||||||
|
#
|
||||||
|
# Client-side
|
||||||
|
<client>
|
||||||
|
<server>
|
||||||
|
http
|
||||||
|
socks5
|
||||||
|
</server>
|
||||||
|
<name>
|
||||||
|
HTTP GET via SOCK5 proxy
|
||||||
|
</name>
|
||||||
|
<command>
|
||||||
|
--socks5 %HOSTIP:%SOCKSPORT http://%HOSTIP:%HTTPPORT/701
|
||||||
|
</command>
|
||||||
|
</client>
|
||||||
|
|
||||||
|
#
|
||||||
|
# Verify data after the test has been "shot"
|
||||||
|
<verify>
|
||||||
|
<strip>
|
||||||
|
^User-Agent:.*
|
||||||
|
</strip>
|
||||||
|
<protocol>
|
||||||
|
GET /701 HTTP/1.1
|
||||||
|
Host: 127.0.0.1:%HTTPPORT
|
||||||
|
Accept: */*
|
||||||
|
|
||||||
|
</protocol>
|
||||||
|
</verify>
|
||||||
|
</testcase>
|
|
@ -0,0 +1,39 @@
|
||||||
|
#based off 19
|
||||||
|
<testcase>
|
||||||
|
<info>
|
||||||
|
<keywords>
|
||||||
|
HTTP
|
||||||
|
SOCKS4
|
||||||
|
connect to non-listen
|
||||||
|
FAILURE
|
||||||
|
</keywords>
|
||||||
|
</info>
|
||||||
|
# Server-side
|
||||||
|
<reply>
|
||||||
|
<data>
|
||||||
|
</data>
|
||||||
|
</reply>
|
||||||
|
|
||||||
|
# Client-side
|
||||||
|
<client>
|
||||||
|
<server>
|
||||||
|
socks4
|
||||||
|
</server>
|
||||||
|
<features>
|
||||||
|
http
|
||||||
|
</features>
|
||||||
|
<name>
|
||||||
|
attempt connect to non-listening socket via sock4 proxy
|
||||||
|
</name>
|
||||||
|
<command>
|
||||||
|
--socks4 %HOSTIP:%SOCKSPORT %HOSTIP:60000
|
||||||
|
</command>
|
||||||
|
</client>
|
||||||
|
|
||||||
|
# Verify data after the test has been "shot"
|
||||||
|
<verify>
|
||||||
|
<errorcode>
|
||||||
|
7
|
||||||
|
</errorcode>
|
||||||
|
</verify>
|
||||||
|
</testcase>
|
|
@ -0,0 +1,42 @@
|
||||||
|
#based off 19
|
||||||
|
<testcase>
|
||||||
|
<info>
|
||||||
|
<keywords>
|
||||||
|
HTTP
|
||||||
|
SOCKS4 fail
|
||||||
|
connect to non-listen
|
||||||
|
FAILURE
|
||||||
|
</keywords>
|
||||||
|
</info>
|
||||||
|
# Server-side
|
||||||
|
<reply>
|
||||||
|
<data>
|
||||||
|
</data>
|
||||||
|
</reply>
|
||||||
|
|
||||||
|
# Client-side
|
||||||
|
<client>
|
||||||
|
<server>
|
||||||
|
http
|
||||||
|
</server>
|
||||||
|
<killserver>
|
||||||
|
socks4
|
||||||
|
</killserver>
|
||||||
|
<features>
|
||||||
|
http
|
||||||
|
</features>
|
||||||
|
<name>
|
||||||
|
attempt connect to non-listening sock4 proxy
|
||||||
|
</name>
|
||||||
|
<command>
|
||||||
|
--socks4 %HOSTIP:%SOCKSPORT %HOSTIP:60000
|
||||||
|
</command>
|
||||||
|
</client>
|
||||||
|
|
||||||
|
# Verify data after the test has been "shot"
|
||||||
|
<verify>
|
||||||
|
<errorcode>
|
||||||
|
7
|
||||||
|
</errorcode>
|
||||||
|
</verify>
|
||||||
|
</testcase>
|
|
@ -0,0 +1,43 @@
|
||||||
|
#based off 19
|
||||||
|
<testcase>
|
||||||
|
<info>
|
||||||
|
<keywords>
|
||||||
|
HTTP
|
||||||
|
SOCKS5 fail
|
||||||
|
connect to non-listen
|
||||||
|
FAILURE
|
||||||
|
</keywords>
|
||||||
|
</info>
|
||||||
|
# Server-side
|
||||||
|
<reply>
|
||||||
|
<data>
|
||||||
|
</data>
|
||||||
|
</reply>
|
||||||
|
|
||||||
|
# Client-side
|
||||||
|
<client>
|
||||||
|
<server>
|
||||||
|
http
|
||||||
|
</server>
|
||||||
|
<features>
|
||||||
|
http
|
||||||
|
</features>
|
||||||
|
<name>
|
||||||
|
attempt connect to non-listening sock5 proxy
|
||||||
|
</name>
|
||||||
|
<command>
|
||||||
|
--socks5 %HOSTIP:%SOCKSPORT %HOSTIP:60000
|
||||||
|
</command>
|
||||||
|
</client>
|
||||||
|
|
||||||
|
<killserver>
|
||||||
|
sock5
|
||||||
|
</killserver>
|
||||||
|
|
||||||
|
# Verify data after the test has been "shot"
|
||||||
|
<verify>
|
||||||
|
<errorcode>
|
||||||
|
7
|
||||||
|
</errorcode>
|
||||||
|
</verify>
|
||||||
|
</testcase>
|
|
@ -49,6 +49,7 @@ my $FTP6PORT; # FTP IPv6 server port
|
||||||
my $TFTPPORT; # TFTP
|
my $TFTPPORT; # TFTP
|
||||||
my $TFTP6PORT; # TFTP
|
my $TFTP6PORT; # TFTP
|
||||||
my $SSHPORT; # SCP/SFTP
|
my $SSHPORT; # SCP/SFTP
|
||||||
|
my $SOCKSPORT; # SOCKS4/5 port
|
||||||
|
|
||||||
my $CURL="../src/curl"; # what curl executable to run on the tests
|
my $CURL="../src/curl"; # what curl executable to run on the tests
|
||||||
my $DBGCURL=$CURL; #"../src/.libs/curl"; # alternative for debugging
|
my $DBGCURL=$CURL; #"../src/.libs/curl"; # alternative for debugging
|
||||||
|
@ -81,6 +82,7 @@ my $FTPSPIDFILE=".ftps.pid";
|
||||||
my $TFTPPIDFILE=".tftpd.pid";
|
my $TFTPPIDFILE=".tftpd.pid";
|
||||||
my $TFTP6PIDFILE=".tftp6.pid";
|
my $TFTP6PIDFILE=".tftp6.pid";
|
||||||
my $SSHPIDFILE=".ssh.pid";
|
my $SSHPIDFILE=".ssh.pid";
|
||||||
|
my $SOCKSPIDFILE=".socks.pid";
|
||||||
|
|
||||||
# invoke perl like this:
|
# invoke perl like this:
|
||||||
my $perl="perl -I$srcdir";
|
my $perl="perl -I$srcdir";
|
||||||
|
@ -111,15 +113,15 @@ if($valgrind) {
|
||||||
if (($? >> 8)==0) {
|
if (($? >> 8)==0) {
|
||||||
$valgrind_tool="--tool=memcheck ";
|
$valgrind_tool="--tool=memcheck ";
|
||||||
}
|
}
|
||||||
open(C, "<$CURL");
|
open( my $C, "<", $CURL);
|
||||||
my $l = <C>;
|
my $l = <$C>;
|
||||||
if($l =~ /^\#\!/) {
|
if($l =~ /^\#\!/) {
|
||||||
# The first line starts with "#!" which implies a shell-script.
|
# The first line starts with "#!" which implies a shell-script.
|
||||||
# This means libcurl is built shared and curl is a wrapper-script
|
# This means libcurl is built shared and curl is a wrapper-script
|
||||||
# Disable valgrind in this setup
|
# Disable valgrind in this setup
|
||||||
$valgrind=0;
|
$valgrind=0;
|
||||||
}
|
}
|
||||||
close(C);
|
close($C);
|
||||||
|
|
||||||
# valgrind 3 renamed the --logfile option to --log-file!!!
|
# valgrind 3 renamed the --logfile option to --log-file!!!
|
||||||
my $ver=`valgrind --version`;
|
my $ver=`valgrind --version`;
|
||||||
|
@ -181,6 +183,8 @@ my $torture;
|
||||||
my $tortnum;
|
my $tortnum;
|
||||||
my $tortalloc;
|
my $tortalloc;
|
||||||
|
|
||||||
|
my $CMDLOG; #log filehandle
|
||||||
|
|
||||||
# open and close each time to allow removal at any time
|
# open and close each time to allow removal at any time
|
||||||
sub logmsg {
|
sub logmsg {
|
||||||
# uncomment the Time::HiRes usage for this
|
# uncomment the Time::HiRes usage for this
|
||||||
|
@ -256,7 +260,7 @@ sub checkdied {
|
||||||
# Return the pids (yes plural) of the new child process to the parent.
|
# Return the pids (yes plural) of the new child process to the parent.
|
||||||
#
|
#
|
||||||
sub startnew {
|
sub startnew {
|
||||||
my ($cmd, $pidfile)=@_;
|
my ($cmd, $pidfile,$fake)=@_;
|
||||||
|
|
||||||
logmsg "startnew: $cmd\n" if ($verbose);
|
logmsg "startnew: $cmd\n" if ($verbose);
|
||||||
|
|
||||||
|
@ -285,12 +289,22 @@ sub startnew {
|
||||||
die "error: exec() has returned";
|
die "error: exec() has returned";
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
|
# Ugly hack but ssh doesn't support pid files
|
||||||
|
if ($fake) {
|
||||||
|
logmsg "$pidfile faked with pid=$child\n";
|
||||||
|
open(my $OUT, ">", $pidfile);
|
||||||
|
print $OUT $child;
|
||||||
|
close $OUT;
|
||||||
|
# could/should do a while connect fails sleep a bit and loop
|
||||||
|
sleep 1;
|
||||||
|
}
|
||||||
my $count=12;
|
my $count=12;
|
||||||
while($count--) {
|
while($count--) {
|
||||||
if(-f $pidfile) {
|
if(-f $pidfile) {
|
||||||
open(PID, "<$pidfile");
|
open(my $PID, "<", $pidfile);
|
||||||
$pid2 = 0 + <PID>;
|
$pid2 = 0 + <$PID>;
|
||||||
close(PID);
|
close($PID);
|
||||||
if($pid2 && kill(0, $pid2)) {
|
if($pid2 && kill(0, $pid2)) {
|
||||||
# if $pid2 is valid, then make sure this pid is alive, as
|
# if $pid2 is valid, then make sure this pid is alive, as
|
||||||
# otherwise it is just likely to be the _previous_ pidfile or
|
# otherwise it is just likely to be the _previous_ pidfile or
|
||||||
|
@ -505,9 +519,9 @@ sub verifyhttp {
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
open(FILE, "<log/verifiedserver");
|
open(my $FILE, "<", "log/verifiedserver");
|
||||||
my @file=<FILE>;
|
my @file=<$FILE>;
|
||||||
close(FILE);
|
close($FILE);
|
||||||
$data=$file[0]; # first line
|
$data=$file[0]; # first line
|
||||||
|
|
||||||
if ( $data =~ /WE ROOLZ: (\d+)/ ) {
|
if ( $data =~ /WE ROOLZ: (\d+)/ ) {
|
||||||
|
@ -574,9 +588,20 @@ sub verifyftp {
|
||||||
|
|
||||||
sub verifyssh {
|
sub verifyssh {
|
||||||
my ($proto, $ip, $port) = @_;
|
my ($proto, $ip, $port) = @_;
|
||||||
open(FILE, "<" . $SSHPIDFILE);
|
open(my $FILE, "<" . $SSHPIDFILE);
|
||||||
my $pid=0+<FILE>;
|
my $pid=0+<$FILE>;
|
||||||
close(FILE);
|
close($FILE);
|
||||||
|
return $pid;
|
||||||
|
}
|
||||||
|
|
||||||
|
#######################################################################
|
||||||
|
# STUB for verifying socks
|
||||||
|
|
||||||
|
sub verifysocks {
|
||||||
|
my ($proto, $ip, $port) = @_;
|
||||||
|
open(my $FILE, "<" . $SOCKSPIDFILE);
|
||||||
|
my $pid=0+<$FILE>;
|
||||||
|
close($FILE);
|
||||||
return $pid;
|
return $pid;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -590,7 +615,8 @@ my %protofunc = ('http' => \&verifyhttp,
|
||||||
'ftp' => \&verifyftp,
|
'ftp' => \&verifyftp,
|
||||||
'ftps' => \&verifyftp,
|
'ftps' => \&verifyftp,
|
||||||
'tftp' => \&verifyftp,
|
'tftp' => \&verifyftp,
|
||||||
'ssh' => \&verifyssh);
|
'ssh' => \&verifyssh,
|
||||||
|
'socks' => \&verifysocks);
|
||||||
|
|
||||||
sub verifyserver {
|
sub verifyserver {
|
||||||
my ($proto, $ip, $port) = @_;
|
my ($proto, $ip, $port) = @_;
|
||||||
|
@ -648,7 +674,7 @@ sub runhttpserver {
|
||||||
|
|
||||||
my $cmd="$perl $srcdir/httpserver.pl -p $pidfile $fork$flag $port $ipv6";
|
my $cmd="$perl $srcdir/httpserver.pl -p $pidfile $fork$flag $port $ipv6";
|
||||||
my ($httppid, $pid2) =
|
my ($httppid, $pid2) =
|
||||||
startnew($cmd, $pidfile); # start the server in a new process
|
startnew($cmd, $pidfile,0); # start the server in a new process
|
||||||
|
|
||||||
if(!kill(0, $httppid)) {
|
if(!kill(0, $httppid)) {
|
||||||
# it is NOT alive
|
# it is NOT alive
|
||||||
|
@ -702,7 +728,7 @@ sub runhttpsserver {
|
||||||
my $flag=$debugprotocol?"-v ":"";
|
my $flag=$debugprotocol?"-v ":"";
|
||||||
my $cmd="$perl $srcdir/httpsserver.pl $flag -p https -s \"$stunnel\" -d $srcdir -r $HTTPPORT $HTTPSPORT";
|
my $cmd="$perl $srcdir/httpsserver.pl $flag -p https -s \"$stunnel\" -d $srcdir -r $HTTPPORT $HTTPSPORT";
|
||||||
|
|
||||||
my ($httpspid, $pid2) = startnew($cmd, $HTTPSPIDFILE);
|
my ($httpspid, $pid2) = startnew($cmd, $HTTPSPIDFILE,0);
|
||||||
|
|
||||||
if(!kill(0, $httpspid)) {
|
if(!kill(0, $httpspid)) {
|
||||||
# it is NOT alive
|
# it is NOT alive
|
||||||
|
@ -768,7 +794,7 @@ sub runftpserver {
|
||||||
|
|
||||||
unlink($pidfile);
|
unlink($pidfile);
|
||||||
|
|
||||||
my ($ftppid, $pid2) = startnew($cmd, $pidfile);
|
my ($ftppid, $pid2) = startnew($cmd, $pidfile,0);
|
||||||
|
|
||||||
if(!$ftppid || !kill(0, $ftppid)) {
|
if(!$ftppid || !kill(0, $ftppid)) {
|
||||||
# it is NOT alive
|
# it is NOT alive
|
||||||
|
@ -821,7 +847,7 @@ sub runftpsserver {
|
||||||
my $flag=$debugprotocol?"-v ":"";
|
my $flag=$debugprotocol?"-v ":"";
|
||||||
my $cmd="$perl $srcdir/httpsserver.pl $flag -p ftps -s \"$stunnel\" -d $srcdir -r $FTPPORT $FTPSPORT";
|
my $cmd="$perl $srcdir/httpsserver.pl $flag -p ftps -s \"$stunnel\" -d $srcdir -r $FTPPORT $FTPSPORT";
|
||||||
|
|
||||||
my ($ftpspid, $pid2) = startnew($cmd, $FTPSPIDFILE);
|
my ($ftpspid, $pid2) = startnew($cmd, $FTPSPIDFILE,0);
|
||||||
|
|
||||||
if(!kill(0, $ftpspid)) {
|
if(!kill(0, $ftpspid)) {
|
||||||
# it is NOT alive
|
# it is NOT alive
|
||||||
|
@ -887,7 +913,7 @@ sub runtftpserver {
|
||||||
|
|
||||||
unlink($pidfile);
|
unlink($pidfile);
|
||||||
|
|
||||||
my ($tftppid, $pid2) = startnew($cmd, $pidfile);
|
my ($tftppid, $pid2) = startnew($cmd, $pidfile,0);
|
||||||
|
|
||||||
if(!$tftppid || !kill(0, $tftppid)) {
|
if(!$tftppid || !kill(0, $tftppid)) {
|
||||||
# it is NOT alive
|
# it is NOT alive
|
||||||
|
@ -930,7 +956,7 @@ sub runsshserver {
|
||||||
my $flag=$debugprotocol?"-v ":"";
|
my $flag=$debugprotocol?"-v ":"";
|
||||||
my $cmd="$perl $srcdir/sshserver.pl $flag-u $USER -d $srcdir $port";
|
my $cmd="$perl $srcdir/sshserver.pl $flag-u $USER -d $srcdir $port";
|
||||||
my ($sshpid, $pid2) =
|
my ($sshpid, $pid2) =
|
||||||
startnew($cmd, $pidfile); # start the server in a new process
|
startnew($cmd, $pidfile,0); # start the server in a new process
|
||||||
|
|
||||||
if(!$sshpid || !kill(0, $sshpid)) {
|
if(!$sshpid || !kill(0, $sshpid)) {
|
||||||
# it is NOT alive
|
# it is NOT alive
|
||||||
|
@ -951,6 +977,40 @@ sub runsshserver {
|
||||||
return ($pid2, $sshpid);
|
return ($pid2, $sshpid);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
#######################################################################
|
||||||
|
# Start the socks server
|
||||||
|
#
|
||||||
|
sub runsocksserver {
|
||||||
|
my ($id, $verbose, $ipv6) = @_;
|
||||||
|
my $ip=$HOSTIP;
|
||||||
|
my $port = $SOCKSPORT;
|
||||||
|
my $pidfile = $SOCKSPIDFILE;
|
||||||
|
|
||||||
|
my $flag=$debugprotocol?"-v ":"";
|
||||||
|
my $cmd="ssh -D ${HOSTIP}:$SOCKSPORT -N -F curl_ssh_config ${USER}\@${HOSTIP} -p ${SSHPORT}";
|
||||||
|
my ($sshpid, $pid2) =
|
||||||
|
startnew($cmd, $pidfile,1); # start the server in a new process
|
||||||
|
|
||||||
|
if(!$sshpid || !kill(0, $sshpid)) {
|
||||||
|
# it is NOT alive
|
||||||
|
logmsg "RUN: failed to start the SOCKS server\n";
|
||||||
|
# failed to talk to it properly. Kill the server and return failure
|
||||||
|
stopserver("$sshpid $pid2");
|
||||||
|
return (0,0);
|
||||||
|
}
|
||||||
|
|
||||||
|
# Ugly hack but ssh doesn't support pid files
|
||||||
|
if (!verifyserver('socks',$ip,$port)) {
|
||||||
|
logmsg "RUN: SOCKS server failed verification\n";
|
||||||
|
return (0,0);
|
||||||
|
}
|
||||||
|
if($verbose) {
|
||||||
|
logmsg "RUN: SOCKS server is now running PID $sshpid\n";
|
||||||
|
}
|
||||||
|
|
||||||
|
return ($pid2, $sshpid);
|
||||||
|
}
|
||||||
|
|
||||||
#######################################################################
|
#######################################################################
|
||||||
# Remove all files in the specified directory
|
# Remove all files in the specified directory
|
||||||
#
|
#
|
||||||
|
@ -981,20 +1041,20 @@ sub filteroff {
|
||||||
my $filter=$_[1];
|
my $filter=$_[1];
|
||||||
my $ofile=$_[2];
|
my $ofile=$_[2];
|
||||||
|
|
||||||
open(IN, "<$infile")
|
open(my $IN, "<", $infile)
|
||||||
|| return 1;
|
|| return 1;
|
||||||
|
|
||||||
open(OUT, ">$ofile")
|
open(my $OUT, ">", $ofile)
|
||||||
|| return 1;
|
|| return 1;
|
||||||
|
|
||||||
# logmsg "FILTER: off $filter from $infile to $ofile\n";
|
# logmsg "FILTER: off $filter from $infile to $ofile\n";
|
||||||
|
|
||||||
while(<IN>) {
|
while(<$IN>) {
|
||||||
$_ =~ s/$filter//;
|
$_ =~ s/$filter//;
|
||||||
print OUT $_;
|
print $OUT $_;
|
||||||
}
|
}
|
||||||
close(IN);
|
close($IN);
|
||||||
close(OUT);
|
close($OUT);
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -1045,9 +1105,9 @@ sub checksystem {
|
||||||
$versretval = system($versioncmd);
|
$versretval = system($versioncmd);
|
||||||
$versnoexec = $!;
|
$versnoexec = $!;
|
||||||
|
|
||||||
open(VERSOUT, $curlverout);
|
open(my $VERSOUT, "<", $curlverout);
|
||||||
@version = <VERSOUT>;
|
@version = <$VERSOUT>;
|
||||||
close(VERSOUT);
|
close($VERSOUT);
|
||||||
|
|
||||||
for(@version) {
|
for(@version) {
|
||||||
chomp;
|
chomp;
|
||||||
|
@ -1197,13 +1257,13 @@ sub checksystem {
|
||||||
}
|
}
|
||||||
|
|
||||||
if(-r "../lib/config.h") {
|
if(-r "../lib/config.h") {
|
||||||
open(CONF, "<../lib/config.h");
|
open(my $CONF, "<", "../lib/config.h");
|
||||||
while(<CONF>) {
|
while(<$CONF>) {
|
||||||
if($_ =~ /^\#define HAVE_GETRLIMIT/) {
|
if($_ =~ /^\#define HAVE_GETRLIMIT/) {
|
||||||
$has_getrlimit = 1;
|
$has_getrlimit = 1;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
close(CONF);
|
close($CONF);
|
||||||
}
|
}
|
||||||
|
|
||||||
if($has_ipv6) {
|
if($has_ipv6) {
|
||||||
|
@ -1267,6 +1327,7 @@ sub checksystem {
|
||||||
logmsg sprintf("* TFTP IPv6 port: %d\n", $TFTP6PORT);
|
logmsg sprintf("* TFTP IPv6 port: %d\n", $TFTP6PORT);
|
||||||
}
|
}
|
||||||
logmsg sprintf("* SCP/SFTP port: %d\n", $SSHPORT);
|
logmsg sprintf("* SCP/SFTP port: %d\n", $SSHPORT);
|
||||||
|
logmsg sprintf("* SOCKS port: %d\n", $SOCKSPORT);
|
||||||
|
|
||||||
if($ssl_version) {
|
if($ssl_version) {
|
||||||
logmsg sprintf("* SSL library: %s\n", $ssllib);
|
logmsg sprintf("* SSL library: %s\n", $ssllib);
|
||||||
|
@ -1298,6 +1359,7 @@ sub subVariables {
|
||||||
$$thing =~ s/%TFTPPORT/$TFTPPORT/g;
|
$$thing =~ s/%TFTPPORT/$TFTPPORT/g;
|
||||||
$$thing =~ s/%TFTP6PORT/$TFTP6PORT/g;
|
$$thing =~ s/%TFTP6PORT/$TFTP6PORT/g;
|
||||||
$$thing =~ s/%SSHPORT/$SSHPORT/g;
|
$$thing =~ s/%SSHPORT/$SSHPORT/g;
|
||||||
|
$$thing =~ s/%SOCKSPORT/$SOCKSPORT/g;
|
||||||
$$thing =~ s/%CURL/$CURL/g;
|
$$thing =~ s/%CURL/$CURL/g;
|
||||||
$$thing =~ s/%USER/$USER/g;
|
$$thing =~ s/%USER/$USER/g;
|
||||||
|
|
||||||
|
@ -1412,6 +1474,9 @@ sub singletest {
|
||||||
next;
|
next;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
elsif($f eq "socks") {
|
||||||
|
next;
|
||||||
|
}
|
||||||
# See if this "feature" is in the list of supported protocols
|
# See if this "feature" is in the list of supported protocols
|
||||||
elsif (grep /^$f$/, @protocols) {
|
elsif (grep /^$f$/, @protocols) {
|
||||||
next;
|
next;
|
||||||
|
@ -1567,10 +1632,10 @@ sub singletest {
|
||||||
my $fileContent = join('', @inputfile);
|
my $fileContent = join('', @inputfile);
|
||||||
subVariables \$fileContent;
|
subVariables \$fileContent;
|
||||||
# logmsg "DEBUG: writing file " . $filename . "\n";
|
# logmsg "DEBUG: writing file " . $filename . "\n";
|
||||||
open OUTFILE, ">$filename";
|
open my $OUTFILE, ">", $filename;
|
||||||
binmode OUTFILE; # for crapage systems, use binary
|
binmode $OUTFILE; # for crapage systems, use binary
|
||||||
print OUTFILE $fileContent;
|
print $OUTFILE $fileContent;
|
||||||
close OUTFILE;
|
close $OUTFILE;
|
||||||
}
|
}
|
||||||
|
|
||||||
my %cmdhash = getpartattr("client", "command");
|
my %cmdhash = getpartattr("client", "command");
|
||||||
|
@ -1626,7 +1691,7 @@ sub singletest {
|
||||||
logmsg "$CMDLINE\n";
|
logmsg "$CMDLINE\n";
|
||||||
}
|
}
|
||||||
|
|
||||||
print CMDLOG "$CMDLINE\n";
|
print $CMDLOG "$CMDLINE\n";
|
||||||
|
|
||||||
unlink("core");
|
unlink("core");
|
||||||
|
|
||||||
|
@ -1648,10 +1713,10 @@ sub singletest {
|
||||||
}
|
}
|
||||||
|
|
||||||
if($gdbthis) {
|
if($gdbthis) {
|
||||||
open(GDBCMD, ">log/gdbcmd");
|
open( my $GDBCMD, ">", "log/gdbcmd");
|
||||||
print GDBCMD "set args $cmdargs\n";
|
print $GDBCMD "set args $cmdargs\n";
|
||||||
print GDBCMD "show args\n";
|
print $GDBCMD "show args\n";
|
||||||
close(GDBCMD);
|
close($GDBCMD);
|
||||||
}
|
}
|
||||||
# run the command line we built
|
# run the command line we built
|
||||||
if ($torture) {
|
if ($torture) {
|
||||||
|
@ -1685,9 +1750,9 @@ sub singletest {
|
||||||
logmsg "core dumped\n";
|
logmsg "core dumped\n";
|
||||||
if(0 && $gdb) {
|
if(0 && $gdb) {
|
||||||
logmsg "running gdb for post-mortem analysis:\n";
|
logmsg "running gdb for post-mortem analysis:\n";
|
||||||
open(GDBCMD, ">log/gdbcmd2");
|
open( my $GDBCMD, ">", "log/gdbcmd2");
|
||||||
print GDBCMD "bt\n";
|
print $GDBCMD "bt\n";
|
||||||
close(GDBCMD);
|
close($GDBCMD);
|
||||||
system("$gdb --directory libtest -x log/gdbcmd2 -batch $DBGCURL core ");
|
system("$gdb --directory libtest -x log/gdbcmd2 -batch $DBGCURL core ");
|
||||||
# unlink("log/gdbcmd2");
|
# unlink("log/gdbcmd2");
|
||||||
}
|
}
|
||||||
|
@ -1963,10 +2028,10 @@ sub singletest {
|
||||||
|
|
||||||
if($disable[0] !~ /disable/) {
|
if($disable[0] !~ /disable/) {
|
||||||
|
|
||||||
opendir(DIR, "log") ||
|
opendir( my $DIR, "log") ||
|
||||||
return 0; # can't open log dir
|
return 0; # can't open log dir
|
||||||
my @files = readdir(DIR);
|
my @files = readdir($DIR);
|
||||||
closedir DIR;
|
closedir $DIR;
|
||||||
my $f;
|
my $f;
|
||||||
my $l;
|
my $l;
|
||||||
foreach $f (@files) {
|
foreach $f (@files) {
|
||||||
|
@ -2183,7 +2248,7 @@ sub startservers {
|
||||||
$run{'tftp-ipv6'}="$pid $pid2";
|
$run{'tftp-ipv6'}="$pid $pid2";
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
elsif($what eq "sftp" || $what eq "scp") {
|
elsif($what eq "sftp" || $what eq "scp" || $what eq "socks4" || $what eq "socks5" ) {
|
||||||
if(!$run{'ssh'}) {
|
if(!$run{'ssh'}) {
|
||||||
($pid, $pid2) = runsshserver("", $verbose);
|
($pid, $pid2) = runsshserver("", $verbose);
|
||||||
if($pid <= 0) {
|
if($pid <= 0) {
|
||||||
|
@ -2192,6 +2257,29 @@ sub startservers {
|
||||||
printf ("* pid ssh => %d %d\n", $pid, $pid2) if($verbose);
|
printf ("* pid ssh => %d %d\n", $pid, $pid2) if($verbose);
|
||||||
$run{'ssh'}="$pid $pid2";
|
$run{'ssh'}="$pid $pid2";
|
||||||
}
|
}
|
||||||
|
if ($what eq "socks4" || $what eq "socks5") {
|
||||||
|
if (!checkcmd("ssh")) {
|
||||||
|
return "failed to find SSH client for socks support";
|
||||||
|
}
|
||||||
|
if ($what eq "socks5") {
|
||||||
|
my $sshversion=`ssh -V 2>&1`;
|
||||||
|
if ($sshversion =~ /SSH_(\d+)\.(\d+)/i) {
|
||||||
|
if ($1*10+$2 < 37) {
|
||||||
|
# need 3.7 for socks5 - http://www.openssh.com/txt/release-3.7
|
||||||
|
return "ssh version ($1.$2) $sshversion insufficient need at least 3.7\n" if ($verbose);
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
}
|
||||||
|
if(!$run{'socks'}) {
|
||||||
|
($pid, $pid2) = runsocksserver("", $verbose);
|
||||||
|
if($pid <= 0) {
|
||||||
|
return "failed starting socks server";
|
||||||
|
}
|
||||||
|
printf ("* pid socks => %d %d\n", $pid, $pid2) if($verbose);
|
||||||
|
$run{'socks'}="$pid $pid2";
|
||||||
|
}
|
||||||
|
}
|
||||||
}
|
}
|
||||||
elsif($what eq "none") {
|
elsif($what eq "none") {
|
||||||
logmsg "* starts no server\n" if ($verbose);
|
logmsg "* starts no server\n" if ($verbose);
|
||||||
|
@ -2234,7 +2322,9 @@ sub serverfortest {
|
||||||
my $proto = lc($what[0]);
|
my $proto = lc($what[0]);
|
||||||
chomp $proto;
|
chomp $proto;
|
||||||
if (! grep /^$proto$/, @protocols) {
|
if (! grep /^$proto$/, @protocols) {
|
||||||
return "curl lacks $proto support";
|
if (substr($proto,0,5) ne "socks") {
|
||||||
|
return "curl lacks any $proto support";
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
return &startservers(@what);
|
return &startservers(@what);
|
||||||
|
@ -2373,10 +2463,10 @@ if($valgrind) {
|
||||||
}
|
}
|
||||||
|
|
||||||
# open the executable curl and read the first 4 bytes of it
|
# open the executable curl and read the first 4 bytes of it
|
||||||
open(CHECK, "<$CURL");
|
open(my $CHECK, "<", $CURL);
|
||||||
my $c;
|
my $c;
|
||||||
sysread CHECK, $c, 4;
|
sysread $CHECK, $c, 4;
|
||||||
close(CHECK);
|
close($CHECK);
|
||||||
if($c eq "#! /") {
|
if($c eq "#! /") {
|
||||||
# A shell script. This is typically when built with libtool,
|
# A shell script. This is typically when built with libtool,
|
||||||
$libtool = 1;
|
$libtool = 1;
|
||||||
|
@ -2394,6 +2484,7 @@ $FTP6PORT = $base + 6; # FTP IPv6 port
|
||||||
$TFTPPORT = $base + 7; # TFTP (UDP) port
|
$TFTPPORT = $base + 7; # TFTP (UDP) port
|
||||||
$TFTP6PORT = $base + 8; # TFTP IPv6 (UDP) port
|
$TFTP6PORT = $base + 8; # TFTP IPv6 (UDP) port
|
||||||
$SSHPORT = $base + 9; # SSH (SCP/SFTP) port
|
$SSHPORT = $base + 9; # SSH (SCP/SFTP) port
|
||||||
|
$SOCKSPORT = $base + 10; # SOCKS port
|
||||||
|
|
||||||
#######################################################################
|
#######################################################################
|
||||||
# clear and create logging directory:
|
# clear and create logging directory:
|
||||||
|
@ -2416,12 +2507,12 @@ if(!$listonly) {
|
||||||
|
|
||||||
if ( $TESTCASES eq "all") {
|
if ( $TESTCASES eq "all") {
|
||||||
# Get all commands and find out their test numbers
|
# Get all commands and find out their test numbers
|
||||||
opendir(DIR, $TESTDIR) || die "can't opendir $TESTDIR: $!";
|
opendir(my $DIR, $TESTDIR) || die "can't opendir $TESTDIR: $!";
|
||||||
my @cmds = grep { /^test([0-9]+)$/ && -f "$TESTDIR/$_" } readdir(DIR);
|
my @cmds = grep { /^test([0-9]+)$/ && -f "$TESTDIR/$_" } readdir($DIR);
|
||||||
closedir DIR;
|
closedir $DIR;
|
||||||
|
|
||||||
open(D, "$TESTDIR/DISABLED");
|
open(my $D, "$TESTDIR/DISABLED");
|
||||||
while(<D>) {
|
while(<$D>) {
|
||||||
if(/^ *\#/) {
|
if(/^ *\#/) {
|
||||||
# allow comments
|
# allow comments
|
||||||
next;
|
next;
|
||||||
|
@ -2430,7 +2521,7 @@ if ( $TESTCASES eq "all") {
|
||||||
$disabled{$1}=$1; # disable this test number
|
$disabled{$1}=$1; # disable this test number
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
close(D);
|
close($D);
|
||||||
|
|
||||||
$TESTCASES=""; # start with no test cases
|
$TESTCASES=""; # start with no test cases
|
||||||
|
|
||||||
|
@ -2455,7 +2546,7 @@ if ( $TESTCASES eq "all") {
|
||||||
#######################################################################
|
#######################################################################
|
||||||
# Start the command line log
|
# Start the command line log
|
||||||
#
|
#
|
||||||
open(CMDLOG, ">$CURLLOG") ||
|
open($CMDLOG, ">", $CURLLOG) ||
|
||||||
logmsg "can't log command lines to $CURLLOG\n";
|
logmsg "can't log command lines to $CURLLOG\n";
|
||||||
|
|
||||||
#######################################################################
|
#######################################################################
|
||||||
|
@ -2600,7 +2691,7 @@ foreach $testnum (@at) {
|
||||||
#######################################################################
|
#######################################################################
|
||||||
# Close command log
|
# Close command log
|
||||||
#
|
#
|
||||||
close(CMDLOG);
|
close($CMDLOG);
|
||||||
|
|
||||||
# Tests done, stop the servers
|
# Tests done, stop the servers
|
||||||
stopservers($verbose);
|
stopservers($verbose);
|
||||||
|
|
|
@ -23,7 +23,7 @@ if ($^O eq 'MSWin32' || $^O eq 'cygwin' || $^O eq 'msys' || $^O eq 'dos' || $^O
|
||||||
}
|
}
|
||||||
|
|
||||||
# Where to look for sftp-server
|
# Where to look for sftp-server
|
||||||
my @sftppath=qw(/usr/lib/openssh /usr/libexec/openssh /usr/libexec /usr/local/libexec /opt/local/libexec /usr/lib/ssh /usr/libexec/ssh /usr/sbin /usr/lib /usr/lib/ssh/openssh /usr/lib64/ssh);
|
my @sftppath=qw(/usr/lib/openssh /usr/libexec/openssh /usr/libexec /usr/local/libexec /opt/local/libexec /usr/lib/ssh /usr/libexec/ssh /usr/sbin /usr/lib /usr/lib/ssh/openssh /usr/lib64/ssh /usr/lib64/misc);
|
||||||
|
|
||||||
my $username = $ENV{USER};
|
my $username = $ENV{USER};
|
||||||
|
|
||||||
|
@ -55,6 +55,8 @@ do {
|
||||||
} while(shift @ARGV);
|
} while(shift @ARGV);
|
||||||
|
|
||||||
my $conffile="curl_sshd_config"; # sshd configuration data
|
my $conffile="curl_sshd_config"; # sshd configuration data
|
||||||
|
my $conffile_ssh="curl_ssh_config"; # ssh configuration data
|
||||||
|
my $knownhostsfile="curl_client_knownhosts"; # ssh knownhosts file
|
||||||
|
|
||||||
# Searching for sshd and sftp-server will be done first
|
# Searching for sshd and sftp-server will be done first
|
||||||
# in the PATH and afterwards in other common locations.
|
# in the PATH and afterwards in other common locations.
|
||||||
|
@ -146,9 +148,21 @@ if (! -e "curl_client_key.pub") {
|
||||||
system "ssh-keygen -q -t dsa -f curl_host_dsa_key -C 'curl test server' -N ''" and die "Could not generate key";
|
system "ssh-keygen -q -t dsa -f curl_host_dsa_key -C 'curl test server' -N ''" and die "Could not generate key";
|
||||||
system "ssh-keygen -q -t dsa -f curl_client_key -C 'curl test client' -N ''" and die "Could not generate key";
|
system "ssh-keygen -q -t dsa -f curl_client_key -C 'curl test client' -N ''" and die "Could not generate key";
|
||||||
}
|
}
|
||||||
|
# setup knownhosts
|
||||||
|
open(my $DSAKEYFILE, "<", "curl_host_dsa_key.pub") || die 'Could not read curl_host_dsa_key.pub';
|
||||||
|
my @dsahostkey = do { local $/ = ' '; <$DSAKEYFILE> };
|
||||||
|
close $DSAKEYFILE || die "Could not close RSAKEYFILE";
|
||||||
|
open(my $RSAKEYFILE, "<", "curl_host_dsa_key.pub") || die 'Could not read curl_host_dsa_key.pub';
|
||||||
|
my @rsahostkey = do { local $/ = ' '; <$RSAKEYFILE> };
|
||||||
|
close $RSAKEYFILE || die "Could not close RSAKEYFILE";
|
||||||
|
open(my $KNOWNHOSTS, ">>", $knownhostsfile) || die "Could not write $knownhostsfile";
|
||||||
|
print {$KNOWNHOSTS} "[127.0.0.1]:$port ssh-dss $dsahostkey[1]\n" || die 'Could not write to KNOWNHOSTS';
|
||||||
|
print {$KNOWNHOSTS} "[127.0.0.1]:$port ssh-rsa $rsahostkey[1]\n" || die 'Could not write to KNOWNHOSTS';
|
||||||
|
close $KNOWNHOSTS || die "Could not close KNOWNHOSTS";
|
||||||
|
|
||||||
open(my $FILE, ">>$conffile") || die "Could not write $conffile";
|
|
||||||
print $FILE <<EOF
|
open(my $FILE, ">>", $conffile) || die "Could not write $conffile";
|
||||||
|
print $FILE <<EOFSSHD
|
||||||
AllowUsers $username
|
AllowUsers $username
|
||||||
DenyUsers
|
DenyUsers
|
||||||
DenyGroups
|
DenyGroups
|
||||||
|
@ -158,7 +172,7 @@ PidFile $path/.ssh.pid
|
||||||
Port $port
|
Port $port
|
||||||
ListenAddress localhost
|
ListenAddress localhost
|
||||||
Protocol 2
|
Protocol 2
|
||||||
AllowTcpForwarding no
|
AllowTcpForwarding yes
|
||||||
GatewayPorts no
|
GatewayPorts no
|
||||||
HostbasedAuthentication no
|
HostbasedAuthentication no
|
||||||
IgnoreRhosts yes
|
IgnoreRhosts yes
|
||||||
|
@ -173,12 +187,22 @@ PrintMotd no
|
||||||
StrictModes no
|
StrictModes no
|
||||||
Subsystem sftp $sftp
|
Subsystem sftp $sftp
|
||||||
UseLogin no
|
UseLogin no
|
||||||
|
PrintLastLog no
|
||||||
X11Forwarding no
|
X11Forwarding no
|
||||||
UsePrivilegeSeparation no
|
UsePrivilegeSeparation no
|
||||||
# Newer OpenSSH options
|
# Newer OpenSSH options
|
||||||
EOF
|
EOFSSHD
|
||||||
;
|
;
|
||||||
close $FILE;
|
close $FILE || die "Could not close $conffile";
|
||||||
|
|
||||||
|
open(my $SSHFILE, ">>", $conffile_ssh) || die "Could not write $conffile_ssh";
|
||||||
|
print $SSHFILE <<EOFSSH
|
||||||
|
UserKnownHostsFile $path/$knownhostsfile
|
||||||
|
IdentityFile $path/curl_client_key
|
||||||
|
EOFSSH
|
||||||
|
;
|
||||||
|
close $SSHFILE || die "Could not close $conffile_ssh";
|
||||||
|
|
||||||
|
|
||||||
sub set_sshd_option {
|
sub set_sshd_option {
|
||||||
my ($string) = @_;
|
my ($string) = @_;
|
||||||
|
|
Loading…
Reference in New Issue