view test/test_aslr.py @ 1921:284c3837891c

Allow user space file locations (rootless support) Why: Running dropbear as a user (rootless) is aided if files and programs can be saved/removed without needing sudo. What: Use the same convention as DROPBEAR_DEFAULT_CLI_AUTHKEY; if not starting with '/', then is relative to hedge's /home/hedge: *_PRIV_FILENAME DROPBEAR_PIDFILE SFTPSERVER_PATH default_options.h commentary added. Changes kept to a minimum, so log entry in svr_kex.c#163 is refactored. From: Generated hostkey is <path> ... <finger-print> to: Generated hostkey path is <path> Generated hostkey fingerprint is <fp> Otherwise the unexpanded path was reported. Patch modified by Matt Johnston Signed-off-by: Begley Brothers Inc <[email protected]>
author Begley Brothers Inc <begleybrothers@gmail.com>
date Thu, 09 Jul 2020 17:47:58 +1000
parents 1c9215154d4a
children
line wrap: on
line source

from pathlib import Path
import sys

from test_dropbear import *

def test_reexec(request, dropbear):
	"""
	Tests that two consecutive connections have different address layouts.
	This indicates that re-exec makes ASLR work
	"""
	map_script = (Path(request.node.fspath).parent / "parent_dropbear_map.py").resolve()
	# run within the same venv, for python deps
	activate = own_venv_command()
	cmd = f"{activate}; {map_script}"
	print(cmd)
	r = dbclient(request, cmd, capture_output=True, text=True)
	map1 = r.stdout.rstrip()
	print(r.stderr, file=sys.stderr)
	r.check_returncode()

	r = dbclient(request, cmd, capture_output=True, text=True)
	map2 = r.stdout.rstrip()
	print(r.stderr, file=sys.stderr)
	r.check_returncode()

	print(map1)
	print(map2)
	# expect something like
	# "563174d59000-563174d5d000 r--p 00000000 00:29 4242372                    /home/matt/src/dropbear/build/dropbear"
	assert map1.endswith('/dropbear') or map1.endswith('/dropbearmulti')
	a1 = map1.split()[0]
	a2 = map2.split()[0]
	print(a1)
	print(a2)
	# relocation addresses should differ
	assert a1 != a2