From 17b8cfa97fb2fbf819eac53900bf9d0fd5225f73 Mon Sep 17 00:00:00 2001
From: netblue30 <netblue30@yahoo.com>
Date: Sun, 1 Apr 2018 13:45:12 -0400
Subject: testing ssh

---
 Makefile.in        |  4 +++
 test/login_ssh.exp | 59 ------------------------------------
 test/root/root.sh  |  2 --
 test/ssh/login.exp | 49 ++++++++++++++++++++++++++++++
 test/ssh/scp.exp   | 63 +++++++++++++++++++++++++++++++++++++++
 test/ssh/sftp.exp  | 87 ++++++++++++++++++++++++++++++++++++++++++++++++++++++
 test/ssh/ssh.sh    | 16 ++++++++++
 7 files changed, 219 insertions(+), 61 deletions(-)
 delete mode 100755 test/login_ssh.exp
 create mode 100755 test/ssh/login.exp
 create mode 100755 test/ssh/scp.exp
 create mode 100755 test/ssh/sftp.exp
 create mode 100755 test/ssh/ssh.sh

diff --git a/Makefile.in b/Makefile.in
index 134e7bd66..ebf9d40e8 100644
--- a/Makefile.in
+++ b/Makefile.in
@@ -299,6 +299,10 @@ test-travis: test-profiles test-fcopy test-fnetfilter test-fs test-utils test-sy
 # with them you will need to restart your computer.
 ##########################################
 
+# a firejail-test account is required, public/private key setup
+test-ssh:
+	cd test/ssh; ./ssh.sh | grep TESTING
+
 # requires root access
 test-chroot:
 	cd test/chroot; ./chroot.sh | grep testing
diff --git a/test/login_ssh.exp b/test/login_ssh.exp
deleted file mode 100755
index db0721d25..000000000
--- a/test/login_ssh.exp
+++ /dev/null
@@ -1,59 +0,0 @@
-#!/usr/bin/expect -f
-
-set timeout 10
-spawn $env(SHELL)
-match_max 100000
-
-send -- "ssh bingo@0\r"
-expect {
-	timeout {puts "TESTING ERROR 0\n";exit}
-	"password:" {
-		puts "\nTESTING: please enter SSH password"
-		set oldmode [stty -echo -raw]
-		expect_user -re "(.*)\n"
-		send_user "\n"
-		eval stty $oldmode
-#		stty echo
-		set pass $expect_out(1,string)
-		send -- "$pass\r"
-		puts "TESTING: password sent to the server"
-	}
-	"Child process initialized"
-}
-sleep 1
-
-# test default gw
-send -- "bash\r"
-sleep 1
-send -- "ps aux; pwd\r"
-expect {
-	timeout {puts "TESTING ERROR 1\n";exit}
-	"/bin/bash"
-}
-expect {
-	timeout {puts "TESTING ERROR 2\n";exit}
-	"bash"
-}
-expect {
-	timeout {puts "TESTING ERROR 3\n";exit}
-	"ps aux"
-}
-expect {
-	timeout {puts "TESTING ERROR 4\n";exit}
-	"home"
-}
-sleep 1
-
-
-send -- "ps aux |wc -l; pwd\r"
-expect {
-	timeout {puts "TESTING ERROR 5\n";exit}
-	"6"
-}
-expect {
-	timeout {puts "TESTING ERROR 6\n";exit}
-	"home"
-}
-sleep 1
-
-puts "\nall done\n"
diff --git a/test/root/root.sh b/test/root/root.sh
index d77982993..3a20e4ba4 100755
--- a/test/root/root.sh
+++ b/test/root/root.sh
@@ -11,10 +11,8 @@ which less
 if [ "$?" -eq 0 ];
 then
 	echo "TESTING: firecfg (test/root/firecfg.exp)"
-	rm -fr /home/netblue/.local/share/applications-store
 	mv /home/netblue/.local/share/applications /home/netblue/.local/share/applications-store
 	./firecfg.exp
-	rm -fr /home/netblue/.local/share/applications
 	mv /home/netblue/.local/share/applications-store /home/netblue/.local/share/applications
 else
 	echo "TESTING SKIP: firecfg, less not found"
diff --git a/test/ssh/login.exp b/test/ssh/login.exp
new file mode 100755
index 000000000..479292c91
--- /dev/null
+++ b/test/ssh/login.exp
@@ -0,0 +1,49 @@
+#!/usr/bin/expect -f
+
+set timeout 10
+spawn $env(SHELL)
+match_max 100000
+
+send -- "ssh firejail-test@0\r"
+expect {
+	timeout {puts "TESTING ERROR 0\n";exit}
+	"Child process initialized" {puts "OK\n"}
+	"an existing sandbox was detected" {puts "OK\n"}
+}
+sleep 1
+
+send -- "ps aux | wc -l\r"
+expect {
+	timeout {puts "TESTING ERROR 1\n";exit}
+	"5"
+}
+after 100
+
+send -- "ls -l /home | grep drw | wc -l\r"
+expect {
+	timeout {puts "TESTING ERROR 2\n";exit}
+	"1"
+}
+after 100
+
+send -- "cat /proc/self/status | grep Seccomp\r"
+expect {
+	timeout {puts "TESTING ERROR 3\n";exit}
+	"2"
+}
+after 100
+
+send -- "cat /proc/self/status | grep CapBnd\r"
+expect {
+	timeout {puts "TESTING ERROR 4\n";exit}
+	"0000000000000000"
+}
+after 100
+
+# preparing scp/sftp tests
+send -- "rm testfile\r"
+
+send -- "exit\r"
+sleep 1
+
+puts "\nall done\n"
diff --git a/test/ssh/scp.exp b/test/ssh/scp.exp
new file mode 100755
index 000000000..355125751
--- /dev/null
+++ b/test/ssh/scp.exp
@@ -0,0 +1,63 @@
+#!/usr/bin/expect -f
+
+set timeout 10
+spawn $env(SHELL)
+match_max 100000
+
+send -- "ssh firejail-test@0\r"
+expect {
+	timeout {puts "TESTING ERROR 0\n";exit}
+	"Child process initialized" {puts "OK\n"}
+	"an existing sandbox was detected" {puts "OK\n"}
+}
+sleep 1
+
+send -- "rm -f testfile\r"
+after 100
+send -- "exit\r"
+sleep 1
+
+send -- "echo 12345 > testfile\r"
+after 100
+send -- "scp testfile firejail-test@0:~/testfile\r"
+expect {
+	timeout {puts "TESTING ERROR 1\n";exit}
+	"100%"
+}
+sleep 1
+
+
+send -- "ssh firejail-test@0\r"
+expect {
+	timeout {puts "TESTING ERROR 2\n";exit}
+	"Child process initialized" {puts "OK\n"}
+	"an existing sandbox was detected" {puts "OK\n"}
+}
+sleep 1
+send -- "cat testfile\r"
+expect {
+	timeout {puts "TESTING ERROR 3\n";exit}
+	"12345"
+}
+after 100
+send -- "exit\r"
+sleep 1
+
+send -- "rm testfile\r"
+after 100
+send -- "scp firejail-test@0:~/testfile testfile\r"
+expect {
+	timeout {puts "TESTING ERROR 4\n";exit}
+	"100%"
+}
+sleep 1
+send -- "cat testfile\r"
+expect {
+	timeout {puts "TESTING ERROR 5\n";exit}
+	"12345"
+}
+after 100
+send -- "rm testfile\r"
+sleep 1
+
+puts "\nall done\n"
diff --git a/test/ssh/sftp.exp b/test/ssh/sftp.exp
new file mode 100755
index 000000000..72c858f05
--- /dev/null
+++ b/test/ssh/sftp.exp
@@ -0,0 +1,87 @@
+#!/usr/bin/expect -f
+
+set timeout 10
+spawn $env(SHELL)
+match_max 100000
+
+send -- "ssh firejail-test@0\r"
+expect {
+	timeout {puts "TESTING ERROR 0\n";exit}
+	"Child process initialized" {puts "OK\n"}
+	"an existing sandbox was detected" {puts "OK\n"}
+}
+sleep 1
+
+send -- "rm -f testfile\r"
+after 100
+send -- "exit\r"
+sleep 1
+
+send -- "echo 12345 > testfile\r"
+after 100
+send -- "sftp firejail-test@0\r"
+expect {
+	timeout {puts "TESTING ERROR 0\n";exit}
+	"Connected to 0"
+}
+expect {
+	timeout {puts "TESTING ERROR 0\n";exit}
+	"sftp>"
+}
+after 100
+send -- "put testfile\r"
+expect {
+	timeout {puts "TESTING ERROR 0\n";exit}
+	"100%"
+}
+after 100
+send -- "exit\r"
+sleep 1
+
+
+send -- "ssh firejail-test@0\r"
+expect {
+	timeout {puts "TESTING ERROR 0\n";exit}
+	"Child process initialized" {puts "OK\n"}
+	"an existing sandbox was detected" {puts "OK\n"}
+}
+sleep 1
+send -- "cat testfile\r"
+expect {
+	timeout {puts "TESTING ERROR 0\n";exit}
+	"12345"
+}
+after 100
+send -- "exit\r"
+sleep 1
+
+send -- "rm testfile\r"
+after 100
+send -- "sftp firejail-test@0\r"
+expect {
+	timeout {puts "TESTING ERROR 0\n";exit}
+	"Connected to 0"
+}
+expect {
+	timeout {puts "TESTING ERROR 0\n";exit}
+	"sftp>"
+}
+after 100
+send -- "get testfile\r"
+expect {
+	timeout {puts "TESTING ERROR 0\n";exit}
+	"100%"
+}
+after 100
+send -- "exit\r"
+sleep 1
+send -- "cat testfile\r"
+expect {
+	timeout {puts "TESTING ERROR 0\n";exit}
+	"12345"
+}
+after 100
+send -- "rm testfile\r"
+sleep 1
+
+puts "\nall done\n"
diff --git a/test/ssh/ssh.sh b/test/ssh/ssh.sh
new file mode 100755
index 000000000..20a70b1b6
--- /dev/null
+++ b/test/ssh/ssh.sh
@@ -0,0 +1,16 @@
+#!/bin/bash
+# This file is part of Firejail project
+# Copyright (C) 2014-2018 Firejail Authors
+# License GPL v2
+
+export MALLOC_CHECK_=3
+export MALLOC_PERTURB_=$(($RANDOM % 255 + 1))
+
+echo "TESTING: ssh login (test/ssh/login.exp)"
+./login.exp
+
+echo "TESTING: sftp (test/ssh/sftp.exp)"
+./sftp.exp
+
+echo "TESTING: scp (test/ssh/scp.exp)"
+./scp.exp
-- 
cgit v1.2.3-54-g00ecf