elks-enhanced
public
Read
Owner: themaster
Branch: master
Commits: 6893
Updated: 2026-04-19 00:15
Git CLI clone URL
git clone https://www.xt-emporium.com/git/elks-enhanced.git
Fullscreen desktop URL
Code
Commits
History
Branches
Bug Reports
Discussions
Compare
Settings
elks-enhanced
/
qemu-extapp-dropbear-test.sh
File editor
#!/bin/sh set -eu SCRIPT_DIR=$(CDPATH= cd -- "$(dirname -- "$0")" && pwd) MFS=${MFS:-"$SCRIPT_DIR/elks/tools/bin/mfs"} IMAGE=${IMAGE:-"$SCRIPT_DIR/image/fd2880-minix.img"} TMPROOT=${TMPROOT:-"$HOME/.elks-dropbear-tmp"} GUEST_IP=${GUEST_IP:-10.0.2.15} GATEWAY_IP=${GATEWAY_IP:-10.0.2.2} NETMASK=${NETMASK:-255.255.255.0} ROUNDS=${ROUNDS:-3} SSH_USER=${SSH_USER:-$(id -un)} QEMU_PID= QEMU_LOG= SERVER_PID= SERVER_LOG= SSH_PORT= HOST_DROPBEAR=${HOST_DROPBEAR:-} HOST_DROPBEARKEY=${HOST_DROPBEARKEY:-} HOME_MODE= HOME_MODE_CHANGED=0 usage() { echo "Usage: $0" exit 1 } require_dropbear_tree() { if [ ! -f "$SCRIPT_DIR/extapps/dropbear/Makefile.elks" ]; then echo "Dropbear extapp tree not found at $SCRIPT_DIR/extapps/dropbear" >&2 echo "Run ./buildext.sh dropbear first." >&2 exit 1 fi if [ ! -x "$SCRIPT_DIR/extapps/dropbear/dbclient" ]; then echo "Dropbear ELKS binary not built at $SCRIPT_DIR/extapps/dropbear/dbclient" >&2 echo "Run ./buildext.sh dropbear first." >&2 exit 1 fi } find_qemu() { if [ -n "${QEMU:-}" ]; then printf '%s\n' "$QEMU" return fi for bin in qemu-system-i386 qemu-system-x86_64; do if command -v "$bin" >/dev/null 2>&1; then command -v "$bin" return fi done echo "QEMU system emulator not found" >&2 exit 1 } QEMU_BIN=$(find_qemu) mkdir -p "$TMPROOT" chmod 700 "$TMPROOT" WORKDIR=${WORKDIR:-$(mktemp -d "$TMPROOT/elks-dropbear.XXXXXX")} cleanup() { if [ "${HOME_MODE_CHANGED:-0}" -eq 1 ] && [ -n "${HOME_MODE:-}" ]; then chmod "$HOME_MODE" "$HOME" >/dev/null 2>&1 || true HOME_MODE_CHANGED=0 fi if [ -n "${SERVER_PID:-}" ]; then kill "$SERVER_PID" >/dev/null 2>&1 || true wait "$SERVER_PID" 2>/dev/null || true SERVER_PID= fi if [ -n "${QEMU_PID:-}" ]; then kill "$QEMU_PID" >/dev/null 2>&1 || true wait "$QEMU_PID" 2>/dev/null || true QEMU_PID= fi } trap cleanup EXIT INT TERM stop_qemu() { if [ -n "${QEMU_PID:-}" ]; then kill "$QEMU_PID" >/dev/null 2>&1 || true wait "$QEMU_PID" 2>/dev/null || true QEMU_PID= fi } require_host_tools() { if ! command -v python3 >/dev/null 2>&1; then echo "python3 not found" >&2 exit 1 fi if ! command -v perl >/dev/null 2>&1; then echo "perl not found" >&2 exit 1 fi if [ ! -x "$MFS" ]; then echo "mfs tool not found at $MFS" >&2 exit 1 fi if [ ! -f "$IMAGE" ]; then echo "image not found at $IMAGE" >&2 exit 1 fi require_dropbear_tree } pick_port() { SSH_PORT=$(python3 - <<'PY' import socket for port in range(20022, 24000): with socket.socket() as sock: try: sock.bind(("127.0.0.1", port)) except OSError: continue print(port) break else: raise SystemExit("no free low port found") PY ) } build_host_server() { hostbuild=${HOSTBUILD:-"/tmp/elks-dropbear-hostbuild"} hostjobs=${HOSTJOBS:-4} if [ -n "${HOST_DROPBEAR:-}" ] && [ -n "${HOST_DROPBEARKEY:-}" ] && [ -x "$HOST_DROPBEAR" ] && [ -x "$HOST_DROPBEARKEY" ]; then return fi rm -rf "$hostbuild" git clone --quiet --shared "$SCRIPT_DIR/extapps/dropbear" "$hostbuild" ( cd "$hostbuild" cat >localoptions.h <<'EOF' #define DROPBEAR_SMALL_CODE 1 #define DROPBEAR_SVR_MULTIUSER 1 #define DROPBEAR_SVR_DROP_PRIVS 1 #define DROPBEAR_SVR_PASSWORD_AUTH 0 #define DROPBEAR_SVR_PAM_AUTH 0 #define DROPBEAR_SVR_PUBKEY_AUTH 1 #define DROPBEAR_SVR_PUBKEY_OPTIONS 0 #define DROPBEAR_SVR_LOCALTCPFWD 0 #define DROPBEAR_SVR_REMOTETCPFWD 0 #define DROPBEAR_SVR_LOCALSTREAMFWD 0 #define DROPBEAR_SVR_AGENTFWD 0 #define DROPBEAR_X11FWD 0 #define DO_MOTD 0 #define DROPBEAR_SFTPSERVER 0 #define DROPBEAR_CLI_PASSWORD_AUTH 0 #define DROPBEAR_CLI_PUBKEY_AUTH 0 #define DROPBEAR_CLI_IMMEDIATE_AUTH 0 #define DROPBEAR_CLI_LOCALTCPFWD 0 #define DROPBEAR_CLI_REMOTETCPFWD 0 #define DROPBEAR_CLI_AGENTFWD 0 #define DROPBEAR_CLI_PROXYCMD 0 #define DROPBEAR_CLI_NETCAT 0 #define DROPBEAR_ENABLE_CBC_MODE 0 #define DROPBEAR_ENABLE_CTR_MODE 1 #define DROPBEAR_ENABLE_GCM_MODE 0 #define DROPBEAR_SHA1_HMAC 0 #define DROPBEAR_SHA2_512_HMAC 0 #define DROPBEAR_RSA 0 #define DROPBEAR_DSS 0 #define DROPBEAR_ECDSA 0 #define DROPBEAR_ED25519 1 #define DROPBEAR_SK_KEYS 0 #define DROPBEAR_ECDH 0 #define DROPBEAR_DH_GROUP14_SHA1 0 #define DROPBEAR_DH_GROUP14_SHA256 0 #define DROPBEAR_DH_GROUP16 0 #define DROPBEAR_DH_GROUP1 0 #define DROPBEAR_CURVE25519 1 #define DROPBEAR_SNTRUP761 0 #define DROPBEAR_MLKEM768 0 #define DROPBEAR_CHACHA20POLY1305 1 #define DROPBEAR_AES128 0 #define DROPBEAR_AES256 0 #define DROPBEAR_3DES 0 #define DROPBEAR_SHA2_256_HMAC 1 #define DROPBEAR_SHA1_96_HMAC 0 #define DO_HOST_LOOKUP 0 #define DROPBEAR_USE_SSH_CONFIG 0 #define DEBUG_TRACE 0 #define DROPBEAR_DELAY_HOSTKEY 0 EOF rm -f config.h config.log config.status default_options_guard.h make distclean >/dev/null 2>&1 || true ./configure --disable-zlib >"$WORKDIR/hostbuild.configure.log" 2>&1 make -j"$hostjobs" PROGRAMS='dropbear dropbearkey' >"$WORKDIR/hostbuild.make.log" 2>&1 ) HOST_DROPBEAR=$hostbuild/dropbear HOST_DROPBEARKEY=$hostbuild/dropbearkey } generate_keys() { authdir=$WORKDIR/authkeys mkdir -p "$authdir" "$HOST_DROPBEARKEY" -t ed25519 -f "$WORKDIR/hostkey" >/tmp/elks-dropbear-hostkey.log 2>&1 "$HOST_DROPBEARKEY" -t ed25519 -f "$WORKDIR/clientkey" >/tmp/elks-dropbear-clientkey.log 2>&1 "$HOST_DROPBEARKEY" -y -f "$WORKDIR/clientkey" | sed -n '/^ssh-ed25519 /p' >"$authdir/authorized_keys" chmod 700 "$authdir" chmod 600 "$authdir/authorized_keys" "$WORKDIR/hostkey" "$WORKDIR/clientkey" } start_server() { SERVER_LOG=$WORKDIR/server.log pick_port HOME_MODE=$(stat -c %a "$HOME") case "$HOME_MODE" in *2|*3|*6|*7|?2?|?3?|?6?|?7?|??2|??3|??6|??7) chmod go-w "$HOME" HOME_MODE_CHANGED=1 ;; esac "$HOST_DROPBEAR" \ -F -E \ -r "$WORKDIR/hostkey" \ -D "$WORKDIR/authkeys" \ -p "127.0.0.1:$SSH_PORT" >"$SERVER_LOG" 2>&1 & SERVER_PID=$! sleep 1 } render_rc() { rcfile=$1 cat >"$rcfile" <<EOF exec > /boot.log 2>&1 umask 022 export PATH=/bin export UIP_TRACE=/tmp/uip.trace clock -s -u mkdir /root/.ssh cp /root/id_dropbear /root/.ssh/id_dropbear uip -b -p ne0 $GUEST_IP $GATEWAY_IP $NETMASK || exit 1 EOF round=1 while [ "$round" -le "$ROUNDS" ]; do cat >>"$rcfile" <<EOF dbclient -q -y -y -T -o BatchMode=yes -o PasswordAuthentication=no -l $SSH_USER -p $SSH_PORT 10.0.2.2 "echo ssh-round-$round" > /ssh.$round.out 2>&1 echo \$? > /ssh.$round.status sync EOF round=$((round + 1)) done cat >>"$rcfile" <<'EOF' sleep 20 EOF } prepare_image() { base_image=$1 out_image=$2 rcfile=$WORKDIR/rc.sys dbclient_bin=$SCRIPT_DIR/extapps/dropbear/dbclient cp "$base_image" "$out_image" render_rc "$rcfile" "$MFS" "$out_image" rm /etc/rc.sys >/dev/null 2>&1 || true "$MFS" "$out_image" cp "$rcfile" /etc/rc.sys "$MFS" "$out_image" cp "$WORKDIR/clientkey" /root/id_dropbear if [ -x "$dbclient_bin" ]; then "$MFS" "$out_image" rm /bin/dbclient >/dev/null 2>&1 || true "$MFS" "$out_image" cp "$dbclient_bin" /bin/dbclient fi } start_qemu() { image_file=$1 log_file=$2 QEMU_LOG=$log_file "$QEMU_BIN" \ -nodefaults \ -machine isapc \ -cpu 486,tsc \ -m 8M \ -rtc base=utc \ -display none \ -monitor none \ -serial none \ -drive file="$image_file",if=floppy,format=raw \ -boot a \ -netdev user,id=mynet \ -device ne2k_isa,irq=12,netdev=mynet >"$QEMU_LOG" 2>&1 & QEMU_PID=$! } extract_guest_file() { image_file=$1 guest_path=$2 host_path=$3 if "$MFS" -f "$image_file" cat "$guest_path" >"$host_path" 2>/dev/null; then return 0 fi : >"$host_path" return 1 } wait_for_guest_file() { image_file=$1 guest_path=$2 for _ in 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30; do if "$MFS" -f "$image_file" cat "$guest_path" >/dev/null 2>&1; then return 0 fi sleep 1 done return 1 } validate_results() { outdir=$1 round=1 while [ "$round" -le "$ROUNDS" ]; do if ! grep -q '^0$' "$outdir/ssh.$round.status"; then echo "dbclient round $round failed" >&2 return 1 fi if ! grep -q "^ssh-round-$round$" "$outdir/ssh.$round.out"; then echo "dbclient round $round output mismatch" >&2 return 1 fi round=$((round + 1)) done count=$(grep -c 'Pubkey auth succeeded' "$outdir/server.log" || true) if [ "$count" -lt "$ROUNDS" ]; then echo "Dropbear server recorded only $count successful pubkey logins" >&2 return 1 fi return 0 } main() { image_file=$WORKDIR/test.img log_file=$WORKDIR/qemu.log if [ "$#" -ne 0 ]; then usage fi require_host_tools build_host_server generate_keys start_server prepare_image "$IMAGE" "$image_file" start_qemu "$image_file" "$log_file" if ! wait_for_guest_file "$image_file" "/ssh.$ROUNDS.status"; then echo "timeout waiting for dbclient results" >&2 exit 1 fi sleep 5 stop_qemu extract_guest_file "$image_file" /boot.log "$WORKDIR/boot.log" || true extract_guest_file "$image_file" /tmp/uip.trace "$WORKDIR/uip.trace" || true round=1 while [ "$round" -le "$ROUNDS" ]; do extract_guest_file "$image_file" "/ssh.$round.out" "$WORKDIR/ssh.$round.out" || true extract_guest_file "$image_file" "/ssh.$round.status" "$WORKDIR/ssh.$round.status" || true round=$((round + 1)) done validate_results "$WORKDIR" echo "Dropbear SSH smoke passed ($ROUNDS rounds). Artifacts: $WORKDIR" } main "$@"
Commit message
This repository is read-only for this account.
Repository snapshot
Current branch
master
Visibility
public
Your access
Read
Remote
Configured
File activity
View file history