aboutsummaryrefslogtreecommitdiff
path: root/tests
diff options
context:
space:
mode:
Diffstat (limited to 'tests')
-rw-r--r--tests/.cvsignore3
-rw-r--r--tests/FILEFORMAT3
-rw-r--r--tests/README11
-rw-r--r--tests/data/Makefile.am6
-rw-r--r--tests/data/test70057
-rw-r--r--tests/data/test70157
-rw-r--r--tests/data/test70239
-rw-r--r--tests/data/test70442
-rw-r--r--tests/data/test70543
-rwxr-xr-xtests/runtests.pl211
-rw-r--r--tests/sshserver.pl38
11 files changed, 438 insertions, 72 deletions
diff --git a/tests/.cvsignore b/tests/.cvsignore
index 999599e7b..217b75782 100644
--- a/tests/.cvsignore
+++ b/tests/.cvsignore
@@ -5,8 +5,11 @@ log
*.pid
*.pdf
*.html
+curl_client_knownhosts
curl_client_key
curl_client_key.pub
curl_host_dsa_key
curl_host_dsa_key.pub
+curl_sshd_config
+curl_ssh_config
stunnel.conf
diff --git a/tests/FILEFORMAT b/tests/FILEFORMAT
index 3264ef5f7..b22ee8421 100644
--- a/tests/FILEFORMAT
+++ b/tests/FILEFORMAT
@@ -133,6 +133,8 @@ https
none
scp
sftp
+socks4
+socks5
Give only one per line. This subsection is mandatory.
</server>
@@ -227,6 +229,7 @@ Available substitute variables include:
%TFTPPORT - Port number of the TFTP server
%TFTP6PORT - IPv6 port number of the TFTP server
%SSHPORT - Port number of the SCP/SFTP server
+%SOCKSPORT - Port number of the SOCKS4/5 server
%SRCDIR - Full path to the source dir
%PWD - Current directory
%CURL - Path to the curl executable
diff --git a/tests/README b/tests/README
index 8eaeee21f..aa442f755 100644
--- a/tests/README
+++ b/tests/README
@@ -11,6 +11,8 @@ Requires:
diff (when a test fail, a diff is shown)
stunnel (for HTTPS and FTPS tests)
sshd (for SCP and SFTP tests; OpenSSH ver. 3.8 is known to work)
+ ssh (for SOCKS4 and SOCK5 tests; OpenSSH ver. 4.5 is known to work.
+ OpenSSH version 3.7 or greater is needed for SOCKS5)
TCP ports used by default:
@@ -23,11 +25,13 @@ TCP ports used by default:
- 8996 on localhost for FTP IPv6 tests
- 8997 on localhost for TFTP tests
- 8999 on localhost for SCP/SFTP tests
+ - 9000 on localhost for SOCKS tests
The test suite runs simple FTP, HTTP and TFTP servers on these ports to
which it makes requests. For SSL tests, it runs stunnel to handle
encryption to the regular servers. For SSH, it runs a standard OpenSSH
- server.
+ server. For SOCKS4/5 tests SSH is used to perform the SOCKS functionality
+ and requires a SSH client and server.
The base port number shown above can be changed using runtests' -b option
to allow running more than one instance of the test suite simultaneously
@@ -92,7 +96,8 @@ TEST CASE NUMBERS
400 - 499 FTPS
500 - 599 libcurl source code tests, not using the curl command tool
600 - 699 SCP/SFTP
- 700 - 799 miscellanous*
+ 700 - 799 SOCKS4 (even numbers) and SOCK5 (odd numbers)
+ 1000 - x miscellanous*
Since 30-apr-2003, there's nothing in the system that requires us to keep
within these number series, and those sections marked with * actually
@@ -102,3 +107,5 @@ TEST CASE NUMBERS
TODO:
* Add tests for TELNET, LDAP, DICT...
+ * SOCKS4/5 test deficiencies - no proxy authentication tests as SSH (the
+ test mechanism) doesn't support them
diff --git a/tests/data/Makefile.am b/tests/data/Makefile.am
index e418d41e4..6262dac6b 100644
--- a/tests/data/Makefile.am
+++ b/tests/data/Makefile.am
@@ -28,8 +28,8 @@ EXTRA_DIST = test1 test108 test117 test127 test20 test27 test34 test46 \
test194 test195 test196 test197 test198 test515 test516 test517 test518 \
test210 test211 test212 test220 test221 test222 test223 test224 test206 \
test207 test208 test209 test213 test240 test241 test242 test519 test214 \
- test215 test216 test217 test218 test199 test225 test226 test227 \
- test228 test229 test233 test234 test235 test236 test520 \
+ test215 test216 test217 test218 test199 test225 test226 test227 \
+ test228 test229 test233 test234 test235 test236 test520 \
test237 test238 test239 test243 test245 test246 test247 test248 test249 \
test250 test251 test252 test253 test254 test255 test521 test522 test523 \
test256 test257 test258 test259 test260 test261 test262 test263 test264 \
@@ -41,4 +41,4 @@ EXTRA_DIST = test1 test108 test117 test127 test20 test27 test34 test46 \
test603 test401 test402 test290 test291 test292 test293 test403 test404 \
test405 test604 test605 test606 test607 test608 test609 test294 test295 \
test296 test297 test298 test610 test611 test612 test406 test407 test408 \
- test409 test613 test614
+ test409 test613 test614 test700 test701 test702 test704 test705
diff --git a/tests/data/test700 b/tests/data/test700
new file mode 100644
index 000000000..196fe4ed8
--- /dev/null
+++ b/tests/data/test700
@@ -0,0 +1,57 @@
+<testcase>
+<info>
+<keywords>
+HTTP
+HTTP GET
+SOCKS4
+</keywords>
+</info>
+
+#
+# Server-side
+<reply name="1">
+<data>
+HTTP/1.1 200 OK
+Date: Thu, 09 Nov 2010 14:49:00 GMT
+Server: test-server/fake
+Last-Modified: Tue, 13 Jun 2000 12:10:00 GMT
+ETag: "21025-dc7-39462498"
+Accept-Ranges: bytes
+Content-Length: 6
+Connection: close
+Content-Type: text/html
+Funny-head: yesyes
+
+-foo-
+</data>
+</reply>
+
+#
+# Client-side
+<client>
+<server>
+http
+socks4
+</server>
+ <name>
+HTTP GET via SOCK4 proxy
+ </name>
+ <command>
+--socks4 %HOSTIP:%SOCKSPORT http://%HOSTIP:%HTTPPORT/700
+</command>
+</client>
+
+#
+# Verify data after the test has been "shot"
+<verify>
+<strip>
+^User-Agent:.*
+</strip>
+<protocol>
+GET /700 HTTP/1.1
+Host: 127.0.0.1:%HTTPPORT
+Accept: */*
+
+</protocol>
+</verify>
+</testcase>
diff --git a/tests/data/test701 b/tests/data/test701
new file mode 100644
index 000000000..19fa933c0
--- /dev/null
+++ b/tests/data/test701
@@ -0,0 +1,57 @@
+<testcase>
+<info>
+<keywords>
+HTTP
+HTTP GET
+SOCKS5
+</keywords>
+</info>
+
+#
+# Server-side
+<reply name="1">
+<data>
+HTTP/1.1 200 OK
+Date: Thu, 09 Nov 2010 14:49:00 GMT
+Server: test-server/fake
+Last-Modified: Tue, 13 Jun 2000 12:10:00 GMT
+ETag: "21025-dc7-39462498"
+Accept-Ranges: bytes
+Content-Length: 6
+Connection: close
+Content-Type: text/html
+Funny-head: yesyes
+
+-foo-
+</data>
+</reply>
+
+#
+# Client-side
+<client>
+<server>
+http
+socks5
+</server>
+ <name>
+HTTP GET via SOCK5 proxy
+ </name>
+ <command>
+--socks5 %HOSTIP:%SOCKSPORT http://%HOSTIP:%HTTPPORT/701
+</command>
+</client>
+
+#
+# Verify data after the test has been "shot"
+<verify>
+<strip>
+^User-Agent:.*
+</strip>
+<protocol>
+GET /701 HTTP/1.1
+Host: 127.0.0.1:%HTTPPORT
+Accept: */*
+
+</protocol>
+</verify>
+</testcase>
diff --git a/tests/data/test702 b/tests/data/test702
new file mode 100644
index 000000000..65564f840
--- /dev/null
+++ b/tests/data/test702
@@ -0,0 +1,39 @@
+#based off 19
+<testcase>
+<info>
+<keywords>
+HTTP
+SOCKS4
+connect to non-listen
+FAILURE
+</keywords>
+</info>
+# Server-side
+<reply>
+<data>
+</data>
+</reply>
+
+# Client-side
+<client>
+<server>
+socks4
+</server>
+<features>
+http
+</features>
+ <name>
+attempt connect to non-listening socket via sock4 proxy
+ </name>
+ <command>
+--socks4 %HOSTIP:%SOCKSPORT %HOSTIP:60000
+</command>
+</client>
+
+# Verify data after the test has been "shot"
+<verify>
+<errorcode>
+7
+</errorcode>
+</verify>
+</testcase>
diff --git a/tests/data/test704 b/tests/data/test704
new file mode 100644
index 000000000..76792640d
--- /dev/null
+++ b/tests/data/test704
@@ -0,0 +1,42 @@
+#based off 19
+<testcase>
+<info>
+<keywords>
+HTTP
+SOCKS4 fail
+connect to non-listen
+FAILURE
+</keywords>
+</info>
+# Server-side
+<reply>
+<data>
+</data>
+</reply>
+
+# Client-side
+<client>
+<server>
+http
+</server>
+<killserver>
+socks4
+</killserver>
+<features>
+http
+</features>
+ <name>
+attempt connect to non-listening sock4 proxy
+ </name>
+ <command>
+--socks4 %HOSTIP:%SOCKSPORT %HOSTIP:60000
+</command>
+</client>
+
+# Verify data after the test has been "shot"
+<verify>
+<errorcode>
+7
+</errorcode>
+</verify>
+</testcase>
diff --git a/tests/data/test705 b/tests/data/test705
new file mode 100644
index 000000000..72e5b0b3b
--- /dev/null
+++ b/tests/data/test705
@@ -0,0 +1,43 @@
+#based off 19
+<testcase>
+<info>
+<keywords>
+HTTP
+SOCKS5 fail
+connect to non-listen
+FAILURE
+</keywords>
+</info>
+# Server-side
+<reply>
+<data>
+</data>
+</reply>
+
+# Client-side
+<client>
+<server>
+http
+</server>
+<features>
+http
+</features>
+ <name>
+attempt connect to non-listening sock5 proxy
+ </name>
+ <command>
+--socks5 %HOSTIP:%SOCKSPORT %HOSTIP:60000
+</command>
+</client>
+
+<killserver>
+sock5
+</killserver>
+
+# Verify data after the test has been "shot"
+<verify>
+<errorcode>
+7
+</errorcode>
+</verify>
+</testcase>
diff --git a/tests/runtests.pl b/tests/runtests.pl
index 98c71d5e1..7d1bd1df3 100755
--- a/tests/runtests.pl
+++ b/tests/runtests.pl
@@ -49,6 +49,7 @@ my $FTP6PORT; # FTP IPv6 server port
my $TFTPPORT; # TFTP
my $TFTP6PORT; # TFTP
my $SSHPORT; # SCP/SFTP
+my $SOCKSPORT; # SOCKS4/5 port
my $CURL="../src/curl"; # what curl executable to run on the tests
my $DBGCURL=$CURL; #"../src/.libs/curl"; # alternative for debugging
@@ -81,6 +82,7 @@ my $FTPSPIDFILE=".ftps.pid";
my $TFTPPIDFILE=".tftpd.pid";
my $TFTP6PIDFILE=".tftp6.pid";
my $SSHPIDFILE=".ssh.pid";
+my $SOCKSPIDFILE=".socks.pid";
# invoke perl like this:
my $perl="perl -I$srcdir";
@@ -111,15 +113,15 @@ if($valgrind) {
if (($? >> 8)==0) {
$valgrind_tool="--tool=memcheck ";
}
- open(C, "<$CURL");
- my $l = <C>;
+ open( my $C, "<", $CURL);
+ my $l = <$C>;
if($l =~ /^\#\!/) {
# The first line starts with "#!" which implies a shell-script.
# This means libcurl is built shared and curl is a wrapper-script
# Disable valgrind in this setup
$valgrind=0;
}
- close(C);
+ close($C);
# valgrind 3 renamed the --logfile option to --log-file!!!
my $ver=`valgrind --version`;
@@ -181,6 +183,8 @@ my $torture;
my $tortnum;
my $tortalloc;
+my $CMDLOG; #log filehandle
+
# open and close each time to allow removal at any time
sub logmsg {
# uncomment the Time::HiRes usage for this
@@ -256,7 +260,7 @@ sub checkdied {
# Return the pids (yes plural) of the new child process to the parent.
#
sub startnew {
- my ($cmd, $pidfile)=@_;
+ my ($cmd, $pidfile,$fake)=@_;
logmsg "startnew: $cmd\n" if ($verbose);
@@ -285,12 +289,22 @@ sub startnew {
die "error: exec() has returned";
}
+
+ # Ugly hack but ssh doesn't support pid files
+ if ($fake) {
+ logmsg "$pidfile faked with pid=$child\n";
+ open(my $OUT, ">", $pidfile);
+ print $OUT $child;
+ close $OUT;
+ # could/should do a while connect fails sleep a bit and loop
+ sleep 1;
+ }
my $count=12;
while($count--) {
if(-f $pidfile) {
- open(PID, "<$pidfile");
- $pid2 = 0 + <PID>;
- close(PID);
+ open(my $PID, "<", $pidfile);
+ $pid2 = 0 + <$PID>;
+ close($PID);
if($pid2 && kill(0, $pid2)) {
# if $pid2 is valid, then make sure this pid is alive, as
# otherwise it is just likely to be the _previous_ pidfile or
@@ -505,9 +519,9 @@ sub verifyhttp {
}
}
}
- open(FILE, "<log/verifiedserver");
- my @file=<FILE>;
- close(FILE);
+ open(my $FILE, "<", "log/verifiedserver");
+ my @file=<$FILE>;
+ close($FILE);
$data=$file[0]; # first line
if ( $data =~ /WE ROOLZ: (\d+)/ ) {
@@ -574,9 +588,20 @@ sub verifyftp {
sub verifyssh {
my ($proto, $ip, $port) = @_;
- open(FILE, "<" . $SSHPIDFILE);
- my $pid=0+<FILE>;
- close(FILE);
+ open(my $FILE, "<" . $SSHPIDFILE);
+ my $pid=0+<$FILE>;
+ close($FILE);
+ return $pid;
+}
+
+#######################################################################
+# STUB for verifying socks
+
+sub verifysocks {
+ my ($proto, $ip, $port) = @_;
+ open(my $FILE, "<" . $SOCKSPIDFILE);
+ my $pid=0+<$FILE>;
+ close($FILE);
return $pid;
}
@@ -590,7 +615,8 @@ my %protofunc = ('http' => \&verifyhttp,
'ftp' => \&verifyftp,
'ftps' => \&verifyftp,
'tftp' => \&verifyftp,
- 'ssh' => \&verifyssh);
+ 'ssh' => \&verifyssh,
+ 'socks' => \&verifysocks);
sub verifyserver {
my ($proto, $ip, $port) = @_;
@@ -648,7 +674,7 @@ sub runhttpserver {
my $cmd="$perl $srcdir/httpserver.pl -p $pidfile $fork$flag $port $ipv6";
my ($httppid, $pid2) =
- startnew($cmd, $pidfile); # start the server in a new process
+ startnew($cmd, $pidfile,0); # start the server in a new process
if(!kill(0, $httppid)) {
# it is NOT alive
@@ -702,7 +728,7 @@ sub runhttpsserver {
my $flag=$debugprotocol?"-v ":"";
my $cmd="$perl $srcdir/httpsserver.pl $flag -p https -s \"$stunnel\" -d $srcdir -r $HTTPPORT $HTTPSPORT";
- my ($httpspid, $pid2) = startnew($cmd, $HTTPSPIDFILE);
+ my ($httpspid, $pid2) = startnew($cmd, $HTTPSPIDFILE,0);
if(!kill(0, $httpspid)) {
# it is NOT alive
@@ -768,7 +794,7 @@ sub runftpserver {
unlink($pidfile);
- my ($ftppid, $pid2) = startnew($cmd, $pidfile);
+ my ($ftppid, $pid2) = startnew($cmd, $pidfile,0);
if(!$ftppid || !kill(0, $ftppid)) {
# it is NOT alive
@@ -821,7 +847,7 @@ sub runftpsserver {
my $flag=$debugprotocol?"-v ":"";
my $cmd="$perl $srcdir/httpsserver.pl $flag -p ftps -s \"$stunnel\" -d $srcdir -r $FTPPORT $FTPSPORT";
- my ($ftpspid, $pid2) = startnew($cmd, $FTPSPIDFILE);
+ my ($ftpspid, $pid2) = startnew($cmd, $FTPSPIDFILE,0);
if(!kill(0, $ftpspid)) {
# it is NOT alive
@@ -887,7 +913,7 @@ sub runtftpserver {
unlink($pidfile);
- my ($tftppid, $pid2) = startnew($cmd, $pidfile);
+ my ($tftppid, $pid2) = startnew($cmd, $pidfile,0);
if(!$tftppid || !kill(0, $tftppid)) {
# it is NOT alive
@@ -930,7 +956,7 @@ sub runsshserver {
my $flag=$debugprotocol?"-v ":"";
my $cmd="$perl $srcdir/sshserver.pl $flag-u $USER -d $srcdir $port";
my ($sshpid, $pid2) =
- startnew($cmd, $pidfile); # start the server in a new process
+ startnew($cmd, $pidfile,0); # start the server in a new process
if(!$sshpid || !kill(0, $sshpid)) {
# it is NOT alive
@@ -952,6 +978,40 @@ sub runsshserver {
}
#######################################################################
+# Start the socks server
+#
+sub runsocksserver {
+ my ($id, $verbose, $ipv6) = @_;
+ my $ip=$HOSTIP;
+ my $port = $SOCKSPORT;
+ my $pidfile = $SOCKSPIDFILE;
+
+ my $flag=$debugprotocol?"-v ":"";
+ my $cmd="ssh -D ${HOSTIP}:$SOCKSPORT -N -F curl_ssh_config ${USER}\@${HOSTIP} -p ${SSHPORT}";
+ my ($sshpid, $pid2) =
+ startnew($cmd, $pidfile,1); # start the server in a new process
+
+ if(!$sshpid || !kill(0, $sshpid)) {
+ # it is NOT alive
+ logmsg "RUN: failed to start the SOCKS server\n";
+ # failed to talk to it properly. Kill the server and return failure
+ stopserver("$sshpid $pid2");
+ return (0,0);
+ }
+
+ # Ugly hack but ssh doesn't support pid files
+ if (!verifyserver('socks',$ip,$port)) {
+ logmsg "RUN: SOCKS server failed verification\n";
+ return (0,0);
+ }
+ if($verbose) {
+ logmsg "RUN: SOCKS server is now running PID $sshpid\n";
+ }
+
+ return ($pid2, $sshpid);
+}
+
+#######################################################################
# Remove all files in the specified directory
#
sub cleardir {
@@ -981,20 +1041,20 @@ sub filteroff {
my $filter=$_[1];
my $ofile=$_[2];
- open(IN, "<$infile")
+ open(my $IN, "<", $infile)
|| return 1;
- open(OUT, ">$ofile")
+ open(my $OUT, ">", $ofile)
|| return 1;
# logmsg "FILTER: off $filter from $infile to $ofile\n";
- while(<IN>) {
+ while(<$IN>) {
$_ =~ s/$filter//;
- print OUT $_;
+ print $OUT $_;
}
- close(IN);
- close(OUT);
+ close($IN);
+ close($OUT);
return 0;
}
@@ -1045,9 +1105,9 @@ sub checksystem {
$versretval = system($versioncmd);
$versnoexec = $!;
- open(VERSOUT, $curlverout);
- @version = <VERSOUT>;
- close(VERSOUT);
+ open(my $VERSOUT, "<", $curlverout);
+ @version = <$VERSOUT>;
+ close($VERSOUT);
for(@version) {
chomp;
@@ -1197,13 +1257,13 @@ sub checksystem {
}
if(-r "../lib/config.h") {
- open(CONF, "<../lib/config.h");
- while(<CONF>) {
+ open(my $CONF, "<", "../lib/config.h");
+ while(<$CONF>) {
if($_ =~ /^\#define HAVE_GETRLIMIT/) {
$has_getrlimit = 1;
}
}
- close(CONF);
+ close($CONF);
}
if($has_ipv6) {
@@ -1267,6 +1327,7 @@ sub checksystem {
logmsg sprintf("* TFTP IPv6 port: %d\n", $TFTP6PORT);
}
logmsg sprintf("* SCP/SFTP port: %d\n", $SSHPORT);
+ logmsg sprintf("* SOCKS port: %d\n", $SOCKSPORT);
if($ssl_version) {
logmsg sprintf("* SSL library: %s\n", $ssllib);
@@ -1298,6 +1359,7 @@ sub subVariables {
$$thing =~ s/%TFTPPORT/$TFTPPORT/g;
$$thing =~ s/%TFTP6PORT/$TFTP6PORT/g;
$$thing =~ s/%SSHPORT/$SSHPORT/g;
+ $$thing =~ s/%SOCKSPORT/$SOCKSPORT/g;
$$thing =~ s/%CURL/$CURL/g;
$$thing =~ s/%USER/$USER/g;
@@ -1412,6 +1474,9 @@ sub singletest {
next;
}
}
+ elsif($f eq "socks") {
+ next;
+ }
# See if this "feature" is in the list of supported protocols
elsif (grep /^$f$/, @protocols) {
next;
@@ -1567,10 +1632,10 @@ sub singletest {
my $fileContent = join('', @inputfile);
subVariables \$fileContent;
# logmsg "DEBUG: writing file " . $filename . "\n";
- open OUTFILE, ">$filename";
- binmode OUTFILE; # for crapage systems, use binary
- print OUTFILE $fileContent;
- close OUTFILE;
+ open my $OUTFILE, ">", $filename;
+ binmode $OUTFILE; # for crapage systems, use binary
+ print $OUTFILE $fileContent;
+ close $OUTFILE;
}
my %cmdhash = getpartattr("client", "command");
@@ -1626,7 +1691,7 @@ sub singletest {
logmsg "$CMDLINE\n";
}
- print CMDLOG "$CMDLINE\n";
+ print $CMDLOG "$CMDLINE\n";
unlink("core");
@@ -1648,10 +1713,10 @@ sub singletest {
}
if($gdbthis) {
- open(GDBCMD, ">log/gdbcmd");
- print GDBCMD "set args $cmdargs\n";
- print GDBCMD "show args\n";
- close(GDBCMD);
+ open( my $GDBCMD, ">", "log/gdbcmd");
+ print $GDBCMD "set args $cmdargs\n";
+ print $GDBCMD "show args\n";
+ close($GDBCMD);
}
# run the command line we built
if ($torture) {
@@ -1685,9 +1750,9 @@ sub singletest {
logmsg "core dumped\n";
if(0 && $gdb) {
logmsg "running gdb for post-mortem analysis:\n";
- open(GDBCMD, ">log/gdbcmd2");
- print GDBCMD "bt\n";
- close(GDBCMD);
+ open( my $GDBCMD, ">", "log/gdbcmd2");
+ print $GDBCMD "bt\n";
+ close($GDBCMD);
system("$gdb --directory libtest -x log/gdbcmd2 -batch $DBGCURL core ");
# unlink("log/gdbcmd2");
}
@@ -1963,10 +2028,10 @@ sub singletest {
if($disable[0] !~ /disable/) {
- opendir(DIR, "log") ||
+ opendir( my $DIR, "log") ||
return 0; # can't open log dir
- my @files = readdir(DIR);
- closedir DIR;
+ my @files = readdir($DIR);
+ closedir $DIR;
my $f;
my $l;
foreach $f (@files) {
@@ -2183,7 +2248,7 @@ sub startservers {
$run{'tftp-ipv6'}="$pid $pid2";
}
}
- elsif($what eq "sftp" || $what eq "scp") {
+ elsif($what eq "sftp" || $what eq "scp" || $what eq "socks4" || $what eq "socks5" ) {
if(!$run{'ssh'}) {
($pid, $pid2) = runsshserver("", $verbose);
if($pid <= 0) {
@@ -2192,6 +2257,29 @@ sub startservers {
printf ("* pid ssh => %d %d\n", $pid, $pid2) if($verbose);
$run{'ssh'}="$pid $pid2";
}
+ if ($what eq "socks4" || $what eq "socks5") {
+ if (!checkcmd("ssh")) {
+ return "failed to find SSH client for socks support";
+ }
+ if ($what eq "socks5") {
+ my $sshversion=`ssh -V 2>&1`;
+ if ($sshversion =~ /SSH_(\d+)\.(\d+)/i) {
+ if ($1*10+$2 < 37) {
+ # need 3.7 for socks5 - http://www.openssh.com/txt/release-3.7
+ return "ssh version ($1.$2) $sshversion insufficient need at least 3.7\n" if ($verbose);
+ }
+ }
+
+ }
+ if(!$run{'socks'}) {
+ ($pid, $pid2) = runsocksserver("", $verbose);
+ if($pid <= 0) {
+ return "failed starting socks server";
+ }
+ printf ("* pid socks => %d %d\n", $pid, $pid2) if($verbose);
+ $run{'socks'}="$pid $pid2";
+ }
+ }
}
elsif($what eq "none") {
logmsg "* starts no server\n" if ($verbose);
@@ -2234,7 +2322,9 @@ sub serverfortest {
my $proto = lc($what[0]);
chomp $proto;
if (! grep /^$proto$/, @protocols) {
- return "curl lacks $proto support";
+ if (substr($proto,0,5) ne "socks") {
+ return "curl lacks any $proto support";
+ }
}
return &startservers(@what);
@@ -2373,10 +2463,10 @@ if($valgrind) {
}
# open the executable curl and read the first 4 bytes of it
-open(CHECK, "<$CURL");
+open(my $CHECK, "<", $CURL);
my $c;
-sysread CHECK, $c, 4;
-close(CHECK);
+sysread $CHECK, $c, 4;
+close($CHECK);
if($c eq "#! /") {
# A shell script. This is typically when built with libtool,
$libtool = 1;
@@ -2394,6 +2484,7 @@ $FTP6PORT = $base + 6; # FTP IPv6 port
$TFTPPORT = $base + 7; # TFTP (UDP) port
$TFTP6PORT = $base + 8; # TFTP IPv6 (UDP) port
$SSHPORT = $base + 9; # SSH (SCP/SFTP) port
+$SOCKSPORT = $base + 10; # SOCKS port
#######################################################################
# clear and create logging directory:
@@ -2416,12 +2507,12 @@ if(!$listonly) {
if ( $TESTCASES eq "all") {
# Get all commands and find out their test numbers
- opendir(DIR, $TESTDIR) || die "can't opendir $TESTDIR: $!";
- my @cmds = grep { /^test([0-9]+)$/ && -f "$TESTDIR/$_" } readdir(DIR);
- closedir DIR;
+ opendir(my $DIR, $TESTDIR) || die "can't opendir $TESTDIR: $!";
+ my @cmds = grep { /^test([0-9]+)$/ && -f "$TESTDIR/$_" } readdir($DIR);
+ closedir $DIR;
- open(D, "$TESTDIR/DISABLED");
- while(<D>) {
+ open(my $D, "$TESTDIR/DISABLED");
+ while(<$D>) {
if(/^ *\#/) {
# allow comments
next;
@@ -2430,7 +2521,7 @@ if ( $TESTCASES eq "all") {
$disabled{$1}=$1; # disable this test number
}
}
- close(D);
+ close($D);
$TESTCASES=""; # start with no test cases
@@ -2455,7 +2546,7 @@ if ( $TESTCASES eq "all") {
#######################################################################
# Start the command line log
#
-open(CMDLOG, ">$CURLLOG") ||
+open($CMDLOG, ">", $CURLLOG) ||
logmsg "can't log command lines to $CURLLOG\n";
#######################################################################
@@ -2600,7 +2691,7 @@ foreach $testnum (@at) {
#######################################################################
# Close command log
#
-close(CMDLOG);
+close($CMDLOG);
# Tests done, stop the servers
stopservers($verbose);
diff --git a/tests/sshserver.pl b/tests/sshserver.pl
index 178ea91e7..e24352023 100644
--- a/tests/sshserver.pl
+++ b/tests/sshserver.pl
@@ -23,7 +23,7 @@ if ($^O eq 'MSWin32' || $^O eq 'cygwin' || $^O eq 'msys' || $^O eq 'dos' || $^O
}
# Where to look for sftp-server
-my @sftppath=qw(/usr/lib/openssh /usr/libexec/openssh /usr/libexec /usr/local/libexec /opt/local/libexec /usr/lib/ssh /usr/libexec/ssh /usr/sbin /usr/lib /usr/lib/ssh/openssh /usr/lib64/ssh);
+my @sftppath=qw(/usr/lib/openssh /usr/libexec/openssh /usr/libexec /usr/local/libexec /opt/local/libexec /usr/lib/ssh /usr/libexec/ssh /usr/sbin /usr/lib /usr/lib/ssh/openssh /usr/lib64/ssh /usr/lib64/misc);
my $username = $ENV{USER};
@@ -55,6 +55,8 @@ do {
} while(shift @ARGV);
my $conffile="curl_sshd_config"; # sshd configuration data
+my $conffile_ssh="curl_ssh_config"; # ssh configuration data
+my $knownhostsfile="curl_client_knownhosts"; # ssh knownhosts file
# Searching for sshd and sftp-server will be done first
# in the PATH and afterwards in other common locations.
@@ -146,9 +148,21 @@ if (! -e "curl_client_key.pub") {
system "ssh-keygen -q -t dsa -f curl_host_dsa_key -C 'curl test server' -N ''" and die "Could not generate key";
system "ssh-keygen -q -t dsa -f curl_client_key -C 'curl test client' -N ''" and die "Could not generate key";
}
-
-open(my $FILE, ">>$conffile") || die "Could not write $conffile";
-print $FILE <<EOF
+# setup knownhosts
+open(my $DSAKEYFILE, "<", "curl_host_dsa_key.pub") || die 'Could not read curl_host_dsa_key.pub';
+my @dsahostkey = do { local $/ = ' '; <$DSAKEYFILE> };
+close $DSAKEYFILE || die "Could not close RSAKEYFILE";
+open(my $RSAKEYFILE, "<", "curl_host_dsa_key.pub") || die 'Could not read curl_host_dsa_key.pub';
+my @rsahostkey = do { local $/ = ' '; <$RSAKEYFILE> };
+close $RSAKEYFILE || die "Could not close RSAKEYFILE";
+open(my $KNOWNHOSTS, ">>", $knownhostsfile) || die "Could not write $knownhostsfile";
+print {$KNOWNHOSTS} "[127.0.0.1]:$port ssh-dss $dsahostkey[1]\n" || die 'Could not write to KNOWNHOSTS';
+print {$KNOWNHOSTS} "[127.0.0.1]:$port ssh-rsa $rsahostkey[1]\n" || die 'Could not write to KNOWNHOSTS';
+close $KNOWNHOSTS || die "Could not close KNOWNHOSTS";
+
+
+open(my $FILE, ">>", $conffile) || die "Could not write $conffile";
+print $FILE <<EOFSSHD
AllowUsers $username
DenyUsers
DenyGroups
@@ -158,7 +172,7 @@ PidFile $path/.ssh.pid
Port $port
ListenAddress localhost
Protocol 2
-AllowTcpForwarding no
+AllowTcpForwarding yes
GatewayPorts no
HostbasedAuthentication no
IgnoreRhosts yes
@@ -173,12 +187,22 @@ PrintMotd no
StrictModes no
Subsystem sftp $sftp
UseLogin no
+PrintLastLog no
X11Forwarding no
UsePrivilegeSeparation no
# Newer OpenSSH options
-EOF
+EOFSSHD
;
-close $FILE;
+close $FILE || die "Could not close $conffile";
+
+open(my $SSHFILE, ">>", $conffile_ssh) || die "Could not write $conffile_ssh";
+print $SSHFILE <<EOFSSH
+UserKnownHostsFile $path/$knownhostsfile
+IdentityFile $path/curl_client_key
+EOFSSH
+;
+close $SSHFILE || die "Could not close $conffile_ssh";
+
sub set_sshd_option {
my ($string) = @_;