aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorYang Tse <yangsita@gmail.com>2007-03-31 03:21:08 +0000
committerYang Tse <yangsita@gmail.com>2007-03-31 03:21:08 +0000
commitfdc1b61507ae80bb4bfcec7a2ebac29e26059d43 (patch)
tree170f34ed572eeb61239376b5deed46419573b63e
parent7fd154f094a2a18d6318a002d0cdfb472f8feea0 (diff)
sshd might fail to start if given an unsupported configuration option.
Try to avoid this problem checking for some possible unsupported options, and avoid using them in the configuration file.
-rw-r--r--tests/sshserver.pl49
1 files changed, 43 insertions, 6 deletions
diff --git a/tests/sshserver.pl b/tests/sshserver.pl
index a50bdf07b..a00dbbcd8 100644
--- a/tests/sshserver.pl
+++ b/tests/sshserver.pl
@@ -86,6 +86,28 @@ if ($username eq "root") {
exit 1;
}
+# Support for some options might have not been built into sshd. On some
+# platforms specifying an unsupported option prevents sshd from starting.
+# Check here for possible unsupported options, avoiding its use in sshd.
+sub sshd_supports_opt($) {
+ my ($option) = @_;
+ my $err = 1;
+ chomp($err = qx($sshd -t -o $option=no 2>&1 | grep $option 2>&1 | wc -l));
+ return !$err;
+}
+
+my $supports_UsePAM = sshd_supports_opt('UsePAM');
+my $supports_UseDNS = sshd_supports_opt('UseDNS');
+my $supports_ChReAu = sshd_supports_opt('ChallengeResponseAuthentication');
+if ($verbose) {
+ print STDERR "sshd supports UsePAM: ";
+ print STDERR $supports_UsePAM ? "yes\n" : "no\n";
+ print STDERR "sshd supports UseDNS: ";
+ print STDERR $supports_UseDNS ? "yes\n" : "no\n";
+ print STDERR "sshd supports ChallengeResponseAuthentication: ";
+ print STDERR $supports_ChReAu ? "yes\n" : "no\n";
+}
+
if (! -e "curl_client_key.pub") {
if ($verbose) {
print STDERR "Generating host and client keys...\n";
@@ -96,8 +118,8 @@ if (! -e "curl_client_key.pub") {
system "ssh-keygen -q -t dsa -f curl_client_key -C 'curl test client' -N ''" and die "Could not generate key";
}
-open(FILE, ">$conffile") || die "Could not write $conffile";
-print FILE <<EOF
+open(my $FILE, ">$conffile") || die "Could not write $conffile";
+print $FILE <<EOF
# This is a generated file! Do not edit!
# OpenSSH sshd configuration file for curl testing
AllowUsers $username
@@ -127,12 +149,27 @@ UseLogin no
X11Forwarding no
UsePrivilegeSeparation no
# Newer OpenSSH options
-UsePAM no
-UseDNS no
-ChallengeResponseAuthentication no
EOF
;
-close FILE;
+close $FILE;
+
+sub set_sshd_option {
+ my ($string) = @_;
+ if (open(my $FILE, ">>$conffile")) {
+ print $FILE "$string\n";
+ close $FILE;
+ }
+}
+
+if ($supports_UsePAM) {
+ set_sshd_option('UsePAM no');
+}
+if ($supports_UseDNS) {
+ set_sshd_option('UseDNS no');
+}
+if ($supports_ChReAu) {
+ set_sshd_option('ChallengeResponseAuthentication no');
+}
if (system "$sshd -t -q -f $conffile") {
# This is likely due to missing support for UsePam