mirror of
https://github.com/curl/curl.git
synced 2025-01-18 14:04:30 +08:00
Daniel Black's test suite fixes and initial test cases for SOCKS4/5 using
openssh
This commit is contained in:
parent
48064f8dee
commit
a466b31574
@ -5,8 +5,11 @@ log
|
||||
*.pid
|
||||
*.pdf
|
||||
*.html
|
||||
curl_client_knownhosts
|
||||
curl_client_key
|
||||
curl_client_key.pub
|
||||
curl_host_dsa_key
|
||||
curl_host_dsa_key.pub
|
||||
curl_sshd_config
|
||||
curl_ssh_config
|
||||
stunnel.conf
|
||||
|
@ -133,6 +133,8 @@ https
|
||||
none
|
||||
scp
|
||||
sftp
|
||||
socks4
|
||||
socks5
|
||||
|
||||
Give only one per line. This subsection is mandatory.
|
||||
</server>
|
||||
@ -227,6 +229,7 @@ Available substitute variables include:
|
||||
%TFTPPORT - Port number of the TFTP server
|
||||
%TFTP6PORT - IPv6 port number of the TFTP server
|
||||
%SSHPORT - Port number of the SCP/SFTP server
|
||||
%SOCKSPORT - Port number of the SOCKS4/5 server
|
||||
%SRCDIR - Full path to the source dir
|
||||
%PWD - Current directory
|
||||
%CURL - Path to the curl executable
|
||||
|
11
tests/README
11
tests/README
@ -11,6 +11,8 @@ Requires:
|
||||
diff (when a test fail, a diff is shown)
|
||||
stunnel (for HTTPS and FTPS tests)
|
||||
sshd (for SCP and SFTP tests; OpenSSH ver. 3.8 is known to work)
|
||||
ssh (for SOCKS4 and SOCK5 tests; OpenSSH ver. 4.5 is known to work.
|
||||
OpenSSH version 3.7 or greater is needed for SOCKS5)
|
||||
|
||||
TCP ports used by default:
|
||||
|
||||
@ -23,11 +25,13 @@ TCP ports used by default:
|
||||
- 8996 on localhost for FTP IPv6 tests
|
||||
- 8997 on localhost for TFTP tests
|
||||
- 8999 on localhost for SCP/SFTP tests
|
||||
- 9000 on localhost for SOCKS tests
|
||||
|
||||
The test suite runs simple FTP, HTTP and TFTP servers on these ports to
|
||||
which it makes requests. For SSL tests, it runs stunnel to handle
|
||||
encryption to the regular servers. For SSH, it runs a standard OpenSSH
|
||||
server.
|
||||
server. For SOCKS4/5 tests SSH is used to perform the SOCKS functionality
|
||||
and requires a SSH client and server.
|
||||
|
||||
The base port number shown above can be changed using runtests' -b option
|
||||
to allow running more than one instance of the test suite simultaneously
|
||||
@ -92,7 +96,8 @@ TEST CASE NUMBERS
|
||||
400 - 499 FTPS
|
||||
500 - 599 libcurl source code tests, not using the curl command tool
|
||||
600 - 699 SCP/SFTP
|
||||
700 - 799 miscellanous*
|
||||
700 - 799 SOCKS4 (even numbers) and SOCK5 (odd numbers)
|
||||
1000 - x miscellanous*
|
||||
|
||||
Since 30-apr-2003, there's nothing in the system that requires us to keep
|
||||
within these number series, and those sections marked with * actually
|
||||
@ -102,3 +107,5 @@ TEST CASE NUMBERS
|
||||
TODO:
|
||||
|
||||
* Add tests for TELNET, LDAP, DICT...
|
||||
* SOCKS4/5 test deficiencies - no proxy authentication tests as SSH (the
|
||||
test mechanism) doesn't support them
|
||||
|
@ -28,8 +28,8 @@ EXTRA_DIST = test1 test108 test117 test127 test20 test27 test34 test46 \
|
||||
test194 test195 test196 test197 test198 test515 test516 test517 test518 \
|
||||
test210 test211 test212 test220 test221 test222 test223 test224 test206 \
|
||||
test207 test208 test209 test213 test240 test241 test242 test519 test214 \
|
||||
test215 test216 test217 test218 test199 test225 test226 test227 \
|
||||
test228 test229 test233 test234 test235 test236 test520 \
|
||||
test215 test216 test217 test218 test199 test225 test226 test227 \
|
||||
test228 test229 test233 test234 test235 test236 test520 \
|
||||
test237 test238 test239 test243 test245 test246 test247 test248 test249 \
|
||||
test250 test251 test252 test253 test254 test255 test521 test522 test523 \
|
||||
test256 test257 test258 test259 test260 test261 test262 test263 test264 \
|
||||
@ -41,4 +41,4 @@ EXTRA_DIST = test1 test108 test117 test127 test20 test27 test34 test46 \
|
||||
test603 test401 test402 test290 test291 test292 test293 test403 test404 \
|
||||
test405 test604 test605 test606 test607 test608 test609 test294 test295 \
|
||||
test296 test297 test298 test610 test611 test612 test406 test407 test408 \
|
||||
test409 test613 test614
|
||||
test409 test613 test614 test700 test701 test702 test704 test705
|
||||
|
57
tests/data/test700
Normal file
57
tests/data/test700
Normal file
@ -0,0 +1,57 @@
|
||||
<testcase>
|
||||
<info>
|
||||
<keywords>
|
||||
HTTP
|
||||
HTTP GET
|
||||
SOCKS4
|
||||
</keywords>
|
||||
</info>
|
||||
|
||||
#
|
||||
# Server-side
|
||||
<reply name="1">
|
||||
<data>
|
||||
HTTP/1.1 200 OK
|
||||
Date: Thu, 09 Nov 2010 14:49:00 GMT
|
||||
Server: test-server/fake
|
||||
Last-Modified: Tue, 13 Jun 2000 12:10:00 GMT
|
||||
ETag: "21025-dc7-39462498"
|
||||
Accept-Ranges: bytes
|
||||
Content-Length: 6
|
||||
Connection: close
|
||||
Content-Type: text/html
|
||||
Funny-head: yesyes
|
||||
|
||||
-foo-
|
||||
</data>
|
||||
</reply>
|
||||
|
||||
#
|
||||
# Client-side
|
||||
<client>
|
||||
<server>
|
||||
http
|
||||
socks4
|
||||
</server>
|
||||
<name>
|
||||
HTTP GET via SOCK4 proxy
|
||||
</name>
|
||||
<command>
|
||||
--socks4 %HOSTIP:%SOCKSPORT http://%HOSTIP:%HTTPPORT/700
|
||||
</command>
|
||||
</client>
|
||||
|
||||
#
|
||||
# Verify data after the test has been "shot"
|
||||
<verify>
|
||||
<strip>
|
||||
^User-Agent:.*
|
||||
</strip>
|
||||
<protocol>
|
||||
GET /700 HTTP/1.1
|
||||
Host: 127.0.0.1:%HTTPPORT
|
||||
Accept: */*
|
||||
|
||||
</protocol>
|
||||
</verify>
|
||||
</testcase>
|
57
tests/data/test701
Normal file
57
tests/data/test701
Normal file
@ -0,0 +1,57 @@
|
||||
<testcase>
|
||||
<info>
|
||||
<keywords>
|
||||
HTTP
|
||||
HTTP GET
|
||||
SOCKS5
|
||||
</keywords>
|
||||
</info>
|
||||
|
||||
#
|
||||
# Server-side
|
||||
<reply name="1">
|
||||
<data>
|
||||
HTTP/1.1 200 OK
|
||||
Date: Thu, 09 Nov 2010 14:49:00 GMT
|
||||
Server: test-server/fake
|
||||
Last-Modified: Tue, 13 Jun 2000 12:10:00 GMT
|
||||
ETag: "21025-dc7-39462498"
|
||||
Accept-Ranges: bytes
|
||||
Content-Length: 6
|
||||
Connection: close
|
||||
Content-Type: text/html
|
||||
Funny-head: yesyes
|
||||
|
||||
-foo-
|
||||
</data>
|
||||
</reply>
|
||||
|
||||
#
|
||||
# Client-side
|
||||
<client>
|
||||
<server>
|
||||
http
|
||||
socks5
|
||||
</server>
|
||||
<name>
|
||||
HTTP GET via SOCK5 proxy
|
||||
</name>
|
||||
<command>
|
||||
--socks5 %HOSTIP:%SOCKSPORT http://%HOSTIP:%HTTPPORT/701
|
||||
</command>
|
||||
</client>
|
||||
|
||||
#
|
||||
# Verify data after the test has been "shot"
|
||||
<verify>
|
||||
<strip>
|
||||
^User-Agent:.*
|
||||
</strip>
|
||||
<protocol>
|
||||
GET /701 HTTP/1.1
|
||||
Host: 127.0.0.1:%HTTPPORT
|
||||
Accept: */*
|
||||
|
||||
</protocol>
|
||||
</verify>
|
||||
</testcase>
|
39
tests/data/test702
Normal file
39
tests/data/test702
Normal file
@ -0,0 +1,39 @@
|
||||
#based off 19
|
||||
<testcase>
|
||||
<info>
|
||||
<keywords>
|
||||
HTTP
|
||||
SOCKS4
|
||||
connect to non-listen
|
||||
FAILURE
|
||||
</keywords>
|
||||
</info>
|
||||
# Server-side
|
||||
<reply>
|
||||
<data>
|
||||
</data>
|
||||
</reply>
|
||||
|
||||
# Client-side
|
||||
<client>
|
||||
<server>
|
||||
socks4
|
||||
</server>
|
||||
<features>
|
||||
http
|
||||
</features>
|
||||
<name>
|
||||
attempt connect to non-listening socket via sock4 proxy
|
||||
</name>
|
||||
<command>
|
||||
--socks4 %HOSTIP:%SOCKSPORT %HOSTIP:60000
|
||||
</command>
|
||||
</client>
|
||||
|
||||
# Verify data after the test has been "shot"
|
||||
<verify>
|
||||
<errorcode>
|
||||
7
|
||||
</errorcode>
|
||||
</verify>
|
||||
</testcase>
|
42
tests/data/test704
Normal file
42
tests/data/test704
Normal file
@ -0,0 +1,42 @@
|
||||
#based off 19
|
||||
<testcase>
|
||||
<info>
|
||||
<keywords>
|
||||
HTTP
|
||||
SOCKS4 fail
|
||||
connect to non-listen
|
||||
FAILURE
|
||||
</keywords>
|
||||
</info>
|
||||
# Server-side
|
||||
<reply>
|
||||
<data>
|
||||
</data>
|
||||
</reply>
|
||||
|
||||
# Client-side
|
||||
<client>
|
||||
<server>
|
||||
http
|
||||
</server>
|
||||
<killserver>
|
||||
socks4
|
||||
</killserver>
|
||||
<features>
|
||||
http
|
||||
</features>
|
||||
<name>
|
||||
attempt connect to non-listening sock4 proxy
|
||||
</name>
|
||||
<command>
|
||||
--socks4 %HOSTIP:%SOCKSPORT %HOSTIP:60000
|
||||
</command>
|
||||
</client>
|
||||
|
||||
# Verify data after the test has been "shot"
|
||||
<verify>
|
||||
<errorcode>
|
||||
7
|
||||
</errorcode>
|
||||
</verify>
|
||||
</testcase>
|
43
tests/data/test705
Normal file
43
tests/data/test705
Normal file
@ -0,0 +1,43 @@
|
||||
#based off 19
|
||||
<testcase>
|
||||
<info>
|
||||
<keywords>
|
||||
HTTP
|
||||
SOCKS5 fail
|
||||
connect to non-listen
|
||||
FAILURE
|
||||
</keywords>
|
||||
</info>
|
||||
# Server-side
|
||||
<reply>
|
||||
<data>
|
||||
</data>
|
||||
</reply>
|
||||
|
||||
# Client-side
|
||||
<client>
|
||||
<server>
|
||||
http
|
||||
</server>
|
||||
<features>
|
||||
http
|
||||
</features>
|
||||
<name>
|
||||
attempt connect to non-listening sock5 proxy
|
||||
</name>
|
||||
<command>
|
||||
--socks5 %HOSTIP:%SOCKSPORT %HOSTIP:60000
|
||||
</command>
|
||||
</client>
|
||||
|
||||
<killserver>
|
||||
sock5
|
||||
</killserver>
|
||||
|
||||
# Verify data after the test has been "shot"
|
||||
<verify>
|
||||
<errorcode>
|
||||
7
|
||||
</errorcode>
|
||||
</verify>
|
||||
</testcase>
|
@ -49,6 +49,7 @@ my $FTP6PORT; # FTP IPv6 server port
|
||||
my $TFTPPORT; # TFTP
|
||||
my $TFTP6PORT; # TFTP
|
||||
my $SSHPORT; # SCP/SFTP
|
||||
my $SOCKSPORT; # SOCKS4/5 port
|
||||
|
||||
my $CURL="../src/curl"; # what curl executable to run on the tests
|
||||
my $DBGCURL=$CURL; #"../src/.libs/curl"; # alternative for debugging
|
||||
@ -81,6 +82,7 @@ my $FTPSPIDFILE=".ftps.pid";
|
||||
my $TFTPPIDFILE=".tftpd.pid";
|
||||
my $TFTP6PIDFILE=".tftp6.pid";
|
||||
my $SSHPIDFILE=".ssh.pid";
|
||||
my $SOCKSPIDFILE=".socks.pid";
|
||||
|
||||
# invoke perl like this:
|
||||
my $perl="perl -I$srcdir";
|
||||
@ -111,15 +113,15 @@ if($valgrind) {
|
||||
if (($? >> 8)==0) {
|
||||
$valgrind_tool="--tool=memcheck ";
|
||||
}
|
||||
open(C, "<$CURL");
|
||||
my $l = <C>;
|
||||
open( my $C, "<", $CURL);
|
||||
my $l = <$C>;
|
||||
if($l =~ /^\#\!/) {
|
||||
# The first line starts with "#!" which implies a shell-script.
|
||||
# This means libcurl is built shared and curl is a wrapper-script
|
||||
# Disable valgrind in this setup
|
||||
$valgrind=0;
|
||||
}
|
||||
close(C);
|
||||
close($C);
|
||||
|
||||
# valgrind 3 renamed the --logfile option to --log-file!!!
|
||||
my $ver=`valgrind --version`;
|
||||
@ -181,6 +183,8 @@ my $torture;
|
||||
my $tortnum;
|
||||
my $tortalloc;
|
||||
|
||||
my $CMDLOG; #log filehandle
|
||||
|
||||
# open and close each time to allow removal at any time
|
||||
sub logmsg {
|
||||
# uncomment the Time::HiRes usage for this
|
||||
@ -256,7 +260,7 @@ sub checkdied {
|
||||
# Return the pids (yes plural) of the new child process to the parent.
|
||||
#
|
||||
sub startnew {
|
||||
my ($cmd, $pidfile)=@_;
|
||||
my ($cmd, $pidfile,$fake)=@_;
|
||||
|
||||
logmsg "startnew: $cmd\n" if ($verbose);
|
||||
|
||||
@ -285,12 +289,22 @@ sub startnew {
|
||||
die "error: exec() has returned";
|
||||
}
|
||||
|
||||
|
||||
# Ugly hack but ssh doesn't support pid files
|
||||
if ($fake) {
|
||||
logmsg "$pidfile faked with pid=$child\n";
|
||||
open(my $OUT, ">", $pidfile);
|
||||
print $OUT $child;
|
||||
close $OUT;
|
||||
# could/should do a while connect fails sleep a bit and loop
|
||||
sleep 1;
|
||||
}
|
||||
my $count=12;
|
||||
while($count--) {
|
||||
if(-f $pidfile) {
|
||||
open(PID, "<$pidfile");
|
||||
$pid2 = 0 + <PID>;
|
||||
close(PID);
|
||||
open(my $PID, "<", $pidfile);
|
||||
$pid2 = 0 + <$PID>;
|
||||
close($PID);
|
||||
if($pid2 && kill(0, $pid2)) {
|
||||
# if $pid2 is valid, then make sure this pid is alive, as
|
||||
# otherwise it is just likely to be the _previous_ pidfile or
|
||||
@ -505,9 +519,9 @@ sub verifyhttp {
|
||||
}
|
||||
}
|
||||
}
|
||||
open(FILE, "<log/verifiedserver");
|
||||
my @file=<FILE>;
|
||||
close(FILE);
|
||||
open(my $FILE, "<", "log/verifiedserver");
|
||||
my @file=<$FILE>;
|
||||
close($FILE);
|
||||
$data=$file[0]; # first line
|
||||
|
||||
if ( $data =~ /WE ROOLZ: (\d+)/ ) {
|
||||
@ -574,9 +588,20 @@ sub verifyftp {
|
||||
|
||||
sub verifyssh {
|
||||
my ($proto, $ip, $port) = @_;
|
||||
open(FILE, "<" . $SSHPIDFILE);
|
||||
my $pid=0+<FILE>;
|
||||
close(FILE);
|
||||
open(my $FILE, "<" . $SSHPIDFILE);
|
||||
my $pid=0+<$FILE>;
|
||||
close($FILE);
|
||||
return $pid;
|
||||
}
|
||||
|
||||
#######################################################################
|
||||
# STUB for verifying socks
|
||||
|
||||
sub verifysocks {
|
||||
my ($proto, $ip, $port) = @_;
|
||||
open(my $FILE, "<" . $SOCKSPIDFILE);
|
||||
my $pid=0+<$FILE>;
|
||||
close($FILE);
|
||||
return $pid;
|
||||
}
|
||||
|
||||
@ -590,7 +615,8 @@ my %protofunc = ('http' => \&verifyhttp,
|
||||
'ftp' => \&verifyftp,
|
||||
'ftps' => \&verifyftp,
|
||||
'tftp' => \&verifyftp,
|
||||
'ssh' => \&verifyssh);
|
||||
'ssh' => \&verifyssh,
|
||||
'socks' => \&verifysocks);
|
||||
|
||||
sub verifyserver {
|
||||
my ($proto, $ip, $port) = @_;
|
||||
@ -648,7 +674,7 @@ sub runhttpserver {
|
||||
|
||||
my $cmd="$perl $srcdir/httpserver.pl -p $pidfile $fork$flag $port $ipv6";
|
||||
my ($httppid, $pid2) =
|
||||
startnew($cmd, $pidfile); # start the server in a new process
|
||||
startnew($cmd, $pidfile,0); # start the server in a new process
|
||||
|
||||
if(!kill(0, $httppid)) {
|
||||
# it is NOT alive
|
||||
@ -702,7 +728,7 @@ sub runhttpsserver {
|
||||
my $flag=$debugprotocol?"-v ":"";
|
||||
my $cmd="$perl $srcdir/httpsserver.pl $flag -p https -s \"$stunnel\" -d $srcdir -r $HTTPPORT $HTTPSPORT";
|
||||
|
||||
my ($httpspid, $pid2) = startnew($cmd, $HTTPSPIDFILE);
|
||||
my ($httpspid, $pid2) = startnew($cmd, $HTTPSPIDFILE,0);
|
||||
|
||||
if(!kill(0, $httpspid)) {
|
||||
# it is NOT alive
|
||||
@ -768,7 +794,7 @@ sub runftpserver {
|
||||
|
||||
unlink($pidfile);
|
||||
|
||||
my ($ftppid, $pid2) = startnew($cmd, $pidfile);
|
||||
my ($ftppid, $pid2) = startnew($cmd, $pidfile,0);
|
||||
|
||||
if(!$ftppid || !kill(0, $ftppid)) {
|
||||
# it is NOT alive
|
||||
@ -821,7 +847,7 @@ sub runftpsserver {
|
||||
my $flag=$debugprotocol?"-v ":"";
|
||||
my $cmd="$perl $srcdir/httpsserver.pl $flag -p ftps -s \"$stunnel\" -d $srcdir -r $FTPPORT $FTPSPORT";
|
||||
|
||||
my ($ftpspid, $pid2) = startnew($cmd, $FTPSPIDFILE);
|
||||
my ($ftpspid, $pid2) = startnew($cmd, $FTPSPIDFILE,0);
|
||||
|
||||
if(!kill(0, $ftpspid)) {
|
||||
# it is NOT alive
|
||||
@ -887,7 +913,7 @@ sub runtftpserver {
|
||||
|
||||
unlink($pidfile);
|
||||
|
||||
my ($tftppid, $pid2) = startnew($cmd, $pidfile);
|
||||
my ($tftppid, $pid2) = startnew($cmd, $pidfile,0);
|
||||
|
||||
if(!$tftppid || !kill(0, $tftppid)) {
|
||||
# it is NOT alive
|
||||
@ -930,7 +956,7 @@ sub runsshserver {
|
||||
my $flag=$debugprotocol?"-v ":"";
|
||||
my $cmd="$perl $srcdir/sshserver.pl $flag-u $USER -d $srcdir $port";
|
||||
my ($sshpid, $pid2) =
|
||||
startnew($cmd, $pidfile); # start the server in a new process
|
||||
startnew($cmd, $pidfile,0); # start the server in a new process
|
||||
|
||||
if(!$sshpid || !kill(0, $sshpid)) {
|
||||
# it is NOT alive
|
||||
@ -951,6 +977,40 @@ sub runsshserver {
|
||||
return ($pid2, $sshpid);
|
||||
}
|
||||
|
||||
#######################################################################
|
||||
# Start the socks server
|
||||
#
|
||||
sub runsocksserver {
|
||||
my ($id, $verbose, $ipv6) = @_;
|
||||
my $ip=$HOSTIP;
|
||||
my $port = $SOCKSPORT;
|
||||
my $pidfile = $SOCKSPIDFILE;
|
||||
|
||||
my $flag=$debugprotocol?"-v ":"";
|
||||
my $cmd="ssh -D ${HOSTIP}:$SOCKSPORT -N -F curl_ssh_config ${USER}\@${HOSTIP} -p ${SSHPORT}";
|
||||
my ($sshpid, $pid2) =
|
||||
startnew($cmd, $pidfile,1); # start the server in a new process
|
||||
|
||||
if(!$sshpid || !kill(0, $sshpid)) {
|
||||
# it is NOT alive
|
||||
logmsg "RUN: failed to start the SOCKS server\n";
|
||||
# failed to talk to it properly. Kill the server and return failure
|
||||
stopserver("$sshpid $pid2");
|
||||
return (0,0);
|
||||
}
|
||||
|
||||
# Ugly hack but ssh doesn't support pid files
|
||||
if (!verifyserver('socks',$ip,$port)) {
|
||||
logmsg "RUN: SOCKS server failed verification\n";
|
||||
return (0,0);
|
||||
}
|
||||
if($verbose) {
|
||||
logmsg "RUN: SOCKS server is now running PID $sshpid\n";
|
||||
}
|
||||
|
||||
return ($pid2, $sshpid);
|
||||
}
|
||||
|
||||
#######################################################################
|
||||
# Remove all files in the specified directory
|
||||
#
|
||||
@ -981,20 +1041,20 @@ sub filteroff {
|
||||
my $filter=$_[1];
|
||||
my $ofile=$_[2];
|
||||
|
||||
open(IN, "<$infile")
|
||||
open(my $IN, "<", $infile)
|
||||
|| return 1;
|
||||
|
||||
open(OUT, ">$ofile")
|
||||
open(my $OUT, ">", $ofile)
|
||||
|| return 1;
|
||||
|
||||
# logmsg "FILTER: off $filter from $infile to $ofile\n";
|
||||
|
||||
while(<IN>) {
|
||||
while(<$IN>) {
|
||||
$_ =~ s/$filter//;
|
||||
print OUT $_;
|
||||
print $OUT $_;
|
||||
}
|
||||
close(IN);
|
||||
close(OUT);
|
||||
close($IN);
|
||||
close($OUT);
|
||||
return 0;
|
||||
}
|
||||
|
||||
@ -1045,9 +1105,9 @@ sub checksystem {
|
||||
$versretval = system($versioncmd);
|
||||
$versnoexec = $!;
|
||||
|
||||
open(VERSOUT, $curlverout);
|
||||
@version = <VERSOUT>;
|
||||
close(VERSOUT);
|
||||
open(my $VERSOUT, "<", $curlverout);
|
||||
@version = <$VERSOUT>;
|
||||
close($VERSOUT);
|
||||
|
||||
for(@version) {
|
||||
chomp;
|
||||
@ -1197,13 +1257,13 @@ sub checksystem {
|
||||
}
|
||||
|
||||
if(-r "../lib/config.h") {
|
||||
open(CONF, "<../lib/config.h");
|
||||
while(<CONF>) {
|
||||
open(my $CONF, "<", "../lib/config.h");
|
||||
while(<$CONF>) {
|
||||
if($_ =~ /^\#define HAVE_GETRLIMIT/) {
|
||||
$has_getrlimit = 1;
|
||||
}
|
||||
}
|
||||
close(CONF);
|
||||
close($CONF);
|
||||
}
|
||||
|
||||
if($has_ipv6) {
|
||||
@ -1267,6 +1327,7 @@ sub checksystem {
|
||||
logmsg sprintf("* TFTP IPv6 port: %d\n", $TFTP6PORT);
|
||||
}
|
||||
logmsg sprintf("* SCP/SFTP port: %d\n", $SSHPORT);
|
||||
logmsg sprintf("* SOCKS port: %d\n", $SOCKSPORT);
|
||||
|
||||
if($ssl_version) {
|
||||
logmsg sprintf("* SSL library: %s\n", $ssllib);
|
||||
@ -1298,6 +1359,7 @@ sub subVariables {
|
||||
$$thing =~ s/%TFTPPORT/$TFTPPORT/g;
|
||||
$$thing =~ s/%TFTP6PORT/$TFTP6PORT/g;
|
||||
$$thing =~ s/%SSHPORT/$SSHPORT/g;
|
||||
$$thing =~ s/%SOCKSPORT/$SOCKSPORT/g;
|
||||
$$thing =~ s/%CURL/$CURL/g;
|
||||
$$thing =~ s/%USER/$USER/g;
|
||||
|
||||
@ -1412,6 +1474,9 @@ sub singletest {
|
||||
next;
|
||||
}
|
||||
}
|
||||
elsif($f eq "socks") {
|
||||
next;
|
||||
}
|
||||
# See if this "feature" is in the list of supported protocols
|
||||
elsif (grep /^$f$/, @protocols) {
|
||||
next;
|
||||
@ -1567,10 +1632,10 @@ sub singletest {
|
||||
my $fileContent = join('', @inputfile);
|
||||
subVariables \$fileContent;
|
||||
# logmsg "DEBUG: writing file " . $filename . "\n";
|
||||
open OUTFILE, ">$filename";
|
||||
binmode OUTFILE; # for crapage systems, use binary
|
||||
print OUTFILE $fileContent;
|
||||
close OUTFILE;
|
||||
open my $OUTFILE, ">", $filename;
|
||||
binmode $OUTFILE; # for crapage systems, use binary
|
||||
print $OUTFILE $fileContent;
|
||||
close $OUTFILE;
|
||||
}
|
||||
|
||||
my %cmdhash = getpartattr("client", "command");
|
||||
@ -1626,7 +1691,7 @@ sub singletest {
|
||||
logmsg "$CMDLINE\n";
|
||||
}
|
||||
|
||||
print CMDLOG "$CMDLINE\n";
|
||||
print $CMDLOG "$CMDLINE\n";
|
||||
|
||||
unlink("core");
|
||||
|
||||
@ -1648,10 +1713,10 @@ sub singletest {
|
||||
}
|
||||
|
||||
if($gdbthis) {
|
||||
open(GDBCMD, ">log/gdbcmd");
|
||||
print GDBCMD "set args $cmdargs\n";
|
||||
print GDBCMD "show args\n";
|
||||
close(GDBCMD);
|
||||
open( my $GDBCMD, ">", "log/gdbcmd");
|
||||
print $GDBCMD "set args $cmdargs\n";
|
||||
print $GDBCMD "show args\n";
|
||||
close($GDBCMD);
|
||||
}
|
||||
# run the command line we built
|
||||
if ($torture) {
|
||||
@ -1685,9 +1750,9 @@ sub singletest {
|
||||
logmsg "core dumped\n";
|
||||
if(0 && $gdb) {
|
||||
logmsg "running gdb for post-mortem analysis:\n";
|
||||
open(GDBCMD, ">log/gdbcmd2");
|
||||
print GDBCMD "bt\n";
|
||||
close(GDBCMD);
|
||||
open( my $GDBCMD, ">", "log/gdbcmd2");
|
||||
print $GDBCMD "bt\n";
|
||||
close($GDBCMD);
|
||||
system("$gdb --directory libtest -x log/gdbcmd2 -batch $DBGCURL core ");
|
||||
# unlink("log/gdbcmd2");
|
||||
}
|
||||
@ -1963,10 +2028,10 @@ sub singletest {
|
||||
|
||||
if($disable[0] !~ /disable/) {
|
||||
|
||||
opendir(DIR, "log") ||
|
||||
opendir( my $DIR, "log") ||
|
||||
return 0; # can't open log dir
|
||||
my @files = readdir(DIR);
|
||||
closedir DIR;
|
||||
my @files = readdir($DIR);
|
||||
closedir $DIR;
|
||||
my $f;
|
||||
my $l;
|
||||
foreach $f (@files) {
|
||||
@ -2183,7 +2248,7 @@ sub startservers {
|
||||
$run{'tftp-ipv6'}="$pid $pid2";
|
||||
}
|
||||
}
|
||||
elsif($what eq "sftp" || $what eq "scp") {
|
||||
elsif($what eq "sftp" || $what eq "scp" || $what eq "socks4" || $what eq "socks5" ) {
|
||||
if(!$run{'ssh'}) {
|
||||
($pid, $pid2) = runsshserver("", $verbose);
|
||||
if($pid <= 0) {
|
||||
@ -2192,6 +2257,29 @@ sub startservers {
|
||||
printf ("* pid ssh => %d %d\n", $pid, $pid2) if($verbose);
|
||||
$run{'ssh'}="$pid $pid2";
|
||||
}
|
||||
if ($what eq "socks4" || $what eq "socks5") {
|
||||
if (!checkcmd("ssh")) {
|
||||
return "failed to find SSH client for socks support";
|
||||
}
|
||||
if ($what eq "socks5") {
|
||||
my $sshversion=`ssh -V 2>&1`;
|
||||
if ($sshversion =~ /SSH_(\d+)\.(\d+)/i) {
|
||||
if ($1*10+$2 < 37) {
|
||||
# need 3.7 for socks5 - http://www.openssh.com/txt/release-3.7
|
||||
return "ssh version ($1.$2) $sshversion insufficient need at least 3.7\n" if ($verbose);
|
||||
}
|
||||
}
|
||||
|
||||
}
|
||||
if(!$run{'socks'}) {
|
||||
($pid, $pid2) = runsocksserver("", $verbose);
|
||||
if($pid <= 0) {
|
||||
return "failed starting socks server";
|
||||
}
|
||||
printf ("* pid socks => %d %d\n", $pid, $pid2) if($verbose);
|
||||
$run{'socks'}="$pid $pid2";
|
||||
}
|
||||
}
|
||||
}
|
||||
elsif($what eq "none") {
|
||||
logmsg "* starts no server\n" if ($verbose);
|
||||
@ -2234,7 +2322,9 @@ sub serverfortest {
|
||||
my $proto = lc($what[0]);
|
||||
chomp $proto;
|
||||
if (! grep /^$proto$/, @protocols) {
|
||||
return "curl lacks $proto support";
|
||||
if (substr($proto,0,5) ne "socks") {
|
||||
return "curl lacks any $proto support";
|
||||
}
|
||||
}
|
||||
|
||||
return &startservers(@what);
|
||||
@ -2373,10 +2463,10 @@ if($valgrind) {
|
||||
}
|
||||
|
||||
# open the executable curl and read the first 4 bytes of it
|
||||
open(CHECK, "<$CURL");
|
||||
open(my $CHECK, "<", $CURL);
|
||||
my $c;
|
||||
sysread CHECK, $c, 4;
|
||||
close(CHECK);
|
||||
sysread $CHECK, $c, 4;
|
||||
close($CHECK);
|
||||
if($c eq "#! /") {
|
||||
# A shell script. This is typically when built with libtool,
|
||||
$libtool = 1;
|
||||
@ -2394,6 +2484,7 @@ $FTP6PORT = $base + 6; # FTP IPv6 port
|
||||
$TFTPPORT = $base + 7; # TFTP (UDP) port
|
||||
$TFTP6PORT = $base + 8; # TFTP IPv6 (UDP) port
|
||||
$SSHPORT = $base + 9; # SSH (SCP/SFTP) port
|
||||
$SOCKSPORT = $base + 10; # SOCKS port
|
||||
|
||||
#######################################################################
|
||||
# clear and create logging directory:
|
||||
@ -2416,12 +2507,12 @@ if(!$listonly) {
|
||||
|
||||
if ( $TESTCASES eq "all") {
|
||||
# Get all commands and find out their test numbers
|
||||
opendir(DIR, $TESTDIR) || die "can't opendir $TESTDIR: $!";
|
||||
my @cmds = grep { /^test([0-9]+)$/ && -f "$TESTDIR/$_" } readdir(DIR);
|
||||
closedir DIR;
|
||||
opendir(my $DIR, $TESTDIR) || die "can't opendir $TESTDIR: $!";
|
||||
my @cmds = grep { /^test([0-9]+)$/ && -f "$TESTDIR/$_" } readdir($DIR);
|
||||
closedir $DIR;
|
||||
|
||||
open(D, "$TESTDIR/DISABLED");
|
||||
while(<D>) {
|
||||
open(my $D, "$TESTDIR/DISABLED");
|
||||
while(<$D>) {
|
||||
if(/^ *\#/) {
|
||||
# allow comments
|
||||
next;
|
||||
@ -2430,7 +2521,7 @@ if ( $TESTCASES eq "all") {
|
||||
$disabled{$1}=$1; # disable this test number
|
||||
}
|
||||
}
|
||||
close(D);
|
||||
close($D);
|
||||
|
||||
$TESTCASES=""; # start with no test cases
|
||||
|
||||
@ -2455,7 +2546,7 @@ if ( $TESTCASES eq "all") {
|
||||
#######################################################################
|
||||
# Start the command line log
|
||||
#
|
||||
open(CMDLOG, ">$CURLLOG") ||
|
||||
open($CMDLOG, ">", $CURLLOG) ||
|
||||
logmsg "can't log command lines to $CURLLOG\n";
|
||||
|
||||
#######################################################################
|
||||
@ -2600,7 +2691,7 @@ foreach $testnum (@at) {
|
||||
#######################################################################
|
||||
# Close command log
|
||||
#
|
||||
close(CMDLOG);
|
||||
close($CMDLOG);
|
||||
|
||||
# Tests done, stop the servers
|
||||
stopservers($verbose);
|
||||
|
@ -23,7 +23,7 @@ if ($^O eq 'MSWin32' || $^O eq 'cygwin' || $^O eq 'msys' || $^O eq 'dos' || $^O
|
||||
}
|
||||
|
||||
# Where to look for sftp-server
|
||||
my @sftppath=qw(/usr/lib/openssh /usr/libexec/openssh /usr/libexec /usr/local/libexec /opt/local/libexec /usr/lib/ssh /usr/libexec/ssh /usr/sbin /usr/lib /usr/lib/ssh/openssh /usr/lib64/ssh);
|
||||
my @sftppath=qw(/usr/lib/openssh /usr/libexec/openssh /usr/libexec /usr/local/libexec /opt/local/libexec /usr/lib/ssh /usr/libexec/ssh /usr/sbin /usr/lib /usr/lib/ssh/openssh /usr/lib64/ssh /usr/lib64/misc);
|
||||
|
||||
my $username = $ENV{USER};
|
||||
|
||||
@ -55,6 +55,8 @@ do {
|
||||
} while(shift @ARGV);
|
||||
|
||||
my $conffile="curl_sshd_config"; # sshd configuration data
|
||||
my $conffile_ssh="curl_ssh_config"; # ssh configuration data
|
||||
my $knownhostsfile="curl_client_knownhosts"; # ssh knownhosts file
|
||||
|
||||
# Searching for sshd and sftp-server will be done first
|
||||
# in the PATH and afterwards in other common locations.
|
||||
@ -146,9 +148,21 @@ if (! -e "curl_client_key.pub") {
|
||||
system "ssh-keygen -q -t dsa -f curl_host_dsa_key -C 'curl test server' -N ''" and die "Could not generate key";
|
||||
system "ssh-keygen -q -t dsa -f curl_client_key -C 'curl test client' -N ''" and die "Could not generate key";
|
||||
}
|
||||
# setup knownhosts
|
||||
open(my $DSAKEYFILE, "<", "curl_host_dsa_key.pub") || die 'Could not read curl_host_dsa_key.pub';
|
||||
my @dsahostkey = do { local $/ = ' '; <$DSAKEYFILE> };
|
||||
close $DSAKEYFILE || die "Could not close RSAKEYFILE";
|
||||
open(my $RSAKEYFILE, "<", "curl_host_dsa_key.pub") || die 'Could not read curl_host_dsa_key.pub';
|
||||
my @rsahostkey = do { local $/ = ' '; <$RSAKEYFILE> };
|
||||
close $RSAKEYFILE || die "Could not close RSAKEYFILE";
|
||||
open(my $KNOWNHOSTS, ">>", $knownhostsfile) || die "Could not write $knownhostsfile";
|
||||
print {$KNOWNHOSTS} "[127.0.0.1]:$port ssh-dss $dsahostkey[1]\n" || die 'Could not write to KNOWNHOSTS';
|
||||
print {$KNOWNHOSTS} "[127.0.0.1]:$port ssh-rsa $rsahostkey[1]\n" || die 'Could not write to KNOWNHOSTS';
|
||||
close $KNOWNHOSTS || die "Could not close KNOWNHOSTS";
|
||||
|
||||
open(my $FILE, ">>$conffile") || die "Could not write $conffile";
|
||||
print $FILE <<EOF
|
||||
|
||||
open(my $FILE, ">>", $conffile) || die "Could not write $conffile";
|
||||
print $FILE <<EOFSSHD
|
||||
AllowUsers $username
|
||||
DenyUsers
|
||||
DenyGroups
|
||||
@ -158,7 +172,7 @@ PidFile $path/.ssh.pid
|
||||
Port $port
|
||||
ListenAddress localhost
|
||||
Protocol 2
|
||||
AllowTcpForwarding no
|
||||
AllowTcpForwarding yes
|
||||
GatewayPorts no
|
||||
HostbasedAuthentication no
|
||||
IgnoreRhosts yes
|
||||
@ -173,12 +187,22 @@ PrintMotd no
|
||||
StrictModes no
|
||||
Subsystem sftp $sftp
|
||||
UseLogin no
|
||||
PrintLastLog no
|
||||
X11Forwarding no
|
||||
UsePrivilegeSeparation no
|
||||
# Newer OpenSSH options
|
||||
EOF
|
||||
EOFSSHD
|
||||
;
|
||||
close $FILE;
|
||||
close $FILE || die "Could not close $conffile";
|
||||
|
||||
open(my $SSHFILE, ">>", $conffile_ssh) || die "Could not write $conffile_ssh";
|
||||
print $SSHFILE <<EOFSSH
|
||||
UserKnownHostsFile $path/$knownhostsfile
|
||||
IdentityFile $path/curl_client_key
|
||||
EOFSSH
|
||||
;
|
||||
close $SSHFILE || die "Could not close $conffile_ssh";
|
||||
|
||||
|
||||
sub set_sshd_option {
|
||||
my ($string) = @_;
|
||||
|
Loading…
Reference in New Issue
Block a user