diff options
| author | Yang Tse <yangsita@gmail.com> | 2007-03-31 03:21:08 +0000 |
|---|---|---|
| committer | Yang Tse <yangsita@gmail.com> | 2007-03-31 03:21:08 +0000 |
| commit | fdc1b61507ae80bb4bfcec7a2ebac29e26059d43 (patch) | |
| tree | 170f34ed572eeb61239376b5deed46419573b63e | |
| parent | 7fd154f094a2a18d6318a002d0cdfb472f8feea0 (diff) | |
sshd might fail to start if given an unsupported configuration option.
Try to avoid this problem checking for some possible unsupported options,
and avoid using them in the configuration file.
| -rw-r--r-- | tests/sshserver.pl | 49 |
1 files changed, 43 insertions, 6 deletions
diff --git a/tests/sshserver.pl b/tests/sshserver.pl index a50bdf07b..a00dbbcd8 100644 --- a/tests/sshserver.pl +++ b/tests/sshserver.pl @@ -86,6 +86,28 @@ if ($username eq "root") { exit 1; } +# Support for some options might have not been built into sshd. On some +# platforms specifying an unsupported option prevents sshd from starting. +# Check here for possible unsupported options, avoiding its use in sshd. +sub sshd_supports_opt($) { + my ($option) = @_; + my $err = 1; + chomp($err = qx($sshd -t -o $option=no 2>&1 | grep $option 2>&1 | wc -l)); + return !$err; +} + +my $supports_UsePAM = sshd_supports_opt('UsePAM'); +my $supports_UseDNS = sshd_supports_opt('UseDNS'); +my $supports_ChReAu = sshd_supports_opt('ChallengeResponseAuthentication'); +if ($verbose) { + print STDERR "sshd supports UsePAM: "; + print STDERR $supports_UsePAM ? "yes\n" : "no\n"; + print STDERR "sshd supports UseDNS: "; + print STDERR $supports_UseDNS ? "yes\n" : "no\n"; + print STDERR "sshd supports ChallengeResponseAuthentication: "; + print STDERR $supports_ChReAu ? "yes\n" : "no\n"; +} + if (! -e "curl_client_key.pub") { if ($verbose) { print STDERR "Generating host and client keys...\n"; @@ -96,8 +118,8 @@ if (! -e "curl_client_key.pub") { system "ssh-keygen -q -t dsa -f curl_client_key -C 'curl test client' -N ''" and die "Could not generate key"; } -open(FILE, ">$conffile") || die "Could not write $conffile"; -print FILE <<EOF +open(my $FILE, ">$conffile") || die "Could not write $conffile"; +print $FILE <<EOF # This is a generated file! Do not edit! # OpenSSH sshd configuration file for curl testing AllowUsers $username @@ -127,12 +149,27 @@ UseLogin no X11Forwarding no UsePrivilegeSeparation no # Newer OpenSSH options -UsePAM no -UseDNS no -ChallengeResponseAuthentication no EOF ; -close FILE; +close $FILE; + +sub set_sshd_option { + my ($string) = @_; + if (open(my $FILE, ">>$conffile")) { + print $FILE "$string\n"; + close $FILE; + } +} + +if ($supports_UsePAM) { + set_sshd_option('UsePAM no'); +} +if ($supports_UseDNS) { + set_sshd_option('UseDNS no'); +} +if ($supports_ChReAu) { + set_sshd_option('ChallengeResponseAuthentication no'); +} if (system "$sshd -t -q -f $conffile") { # This is likely due to missing support for UsePam |