git://git.exim.org
/
exim.git
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
raw
|
inline
| side by side
Fix CVE-2016-1531
[exim.git]
/
test
/
runtest
diff --git
a/test/runtest
b/test/runtest
index c6111678fe1b74a9fd364b6ee32316a56562b151..a05bc48edefbba672f60d34a3079d4fc42cbce8f 100755
(executable)
--- a/
test/runtest
+++ b/
test/runtest
@@
-339,7
+339,7
@@
$spid = "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx";
# that are specific to certain file types, though there are also some of those
# inline too.
# that are specific to certain file types, though there are also some of those
# inline too.
-while(<IN>)
+
LINE:
while(<IN>)
{
RESET_AFTER_EXTRA_LINE_READ:
# Custom munges
{
RESET_AFTER_EXTRA_LINE_READ:
# Custom munges
@@
-491,6
+491,9
@@
RESET_AFTER_EXTRA_LINE_READ:
s/Exim\sstatistics\sfrom\s\d{4}-\d\d-\d\d\s\d\d:\d\d:\d\d\sto\s
\d{4}-\d\d-\d\d\s\d\d:\d\d:\d\d/Exim statistics from <time> to <time>/x;
s/Exim\sstatistics\sfrom\s\d{4}-\d\d-\d\d\s\d\d:\d\d:\d\d\sto\s
\d{4}-\d\d-\d\d\s\d\d:\d\d:\d\d/Exim statistics from <time> to <time>/x;
+ # Treat ECONNRESET the same as ECONNREFUSED. At least some systems give
+ # us the former on a new connection.
+ s/(could not connect to .*: Connection) reset by peer$/$1 refused/;
# ======== TLS certificate algorithms ========
# Test machines might have various different TLS library versions supporting
# ======== TLS certificate algorithms ========
# Test machines might have various different TLS library versions supporting
@@
-550,6
+553,25
@@
RESET_AFTER_EXTRA_LINE_READ:
# signature algorithm names
s/RSA-SHA1/RSA-SHA/;
# signature algorithm names
s/RSA-SHA1/RSA-SHA/;
+ # -d produces a list of environement variables as they are checked if they exist in the
+ # in the environment. Unfortunately this list isn't always in the same order. For now we
+ # just remove this list
+ #
+ if (/^\w+ in keep_environment/)
+ {
+ my @lines = $_;
+ while (<IN>)
+ {
+ if (/^\w+ in keep_environment/)
+ {
+ push @lines, $_;
+ next;
+ }
+ print MUNGED sort grep { !/^(SHLVL|_) / } @lines;
+ redo LINE;
+ }
+ }
+
# ======== Caller's login, uid, gid, home, gecos ========
# ======== Caller's login, uid, gid, home, gecos ========
@@
-1302,19
+1324,25
@@
return 1;
##################################################
$munges =
{ 'dnssec' =>
##################################################
$munges =
{ 'dnssec' =>
- { 'stderr' => '/^Reverse DNS security status: unverified\n/'
,
},
+ { 'stderr' => '/^Reverse DNS security status: unverified\n/' },
'gnutls_unexpected' =>
'gnutls_unexpected' =>
- { 'mainlog' => '/\(recv\): A TLS packet with unexpected length was received./'
,
},
+ { 'mainlog' => '/\(recv\): A TLS packet with unexpected length was received./' },
'gnutls_handshake' =>
'gnutls_handshake' =>
- { 'mainlog' => 's/\(gnutls_handshake\): Error in the push function/\(gnutls_handshake\): A TLS packet with unexpected length was received/'
,
},
+ { 'mainlog' => 's/\(gnutls_handshake\): Error in the push function/\(gnutls_handshake\): A TLS packet with unexpected length was received/' },
'optional_events' =>
'optional_events' =>
- { 'stdout' => '/event_action =/'
,
},
+ { 'stdout' => '/event_action =/' },
'optional_ocsp' =>
'optional_ocsp' =>
- { 'stderr' => '/127.0.0.1 in hosts_requ(ire|est)_ocsp/', },
+ { 'stderr' => '/127.0.0.1 in hosts_requ(ire|est)_ocsp/' },
+
+ 'no_tpt_filter_epipe' =>
+ { 'stderr' => '/^writing error 32: Broken pipe$/' },
+
+ 'optional_cert_hostnames' =>
+ { 'stderr' => '/in tls_verify_cert_hostnames\? no/' },
};
};
@@
-1591,6
+1619,8
@@
my($commandnameref) = $_[3];
my($aux_info) = $_[4];
my($yield) = 1;
my($aux_info) = $_[4];
my($yield) = 1;
+our %ENV = map { $_ => $ENV{$_} } grep { /^(?:USER|SHELL|PATH|TERM|EXIM_TEST_.*)$/ } keys %ENV;
+
if (/^(\d+)\s*$/) # Handle unusual return code
{
my($r) = $_[2];
if (/^(\d+)\s*$/) # Handle unusual return code
{
my($r) = $_[2];
@@
-1660,19
+1690,42
@@
if (/^dump\s+(\S+)/)
my(@temp);
print ">> ./eximdir/exim_dumpdb $parm_cwd/spool $which\n" if $debug;
open(IN, "./eximdir/exim_dumpdb $parm_cwd/spool $which |");
my(@temp);
print ">> ./eximdir/exim_dumpdb $parm_cwd/spool $which\n" if $debug;
open(IN, "./eximdir/exim_dumpdb $parm_cwd/spool $which |");
- @temp = <IN>;
- close(IN);
- if ($which eq "callout")
+ open(OUT, ">>test-stdout");
+ print OUT "+++++++++++++++++++++++++++\n";
+
+ if ($which eq "retry")
{
{
+ $/ = "\n ";
+ @temp = <IN>;
+ $/ = "\n";
+
@temp = sort {
@temp = sort {
-
my($aa) = substr $a, 21
;
-
my($bb) = substr $b, 21
;
- return $aa cmp $bb;
+
my($aa) = split(' ', $a)
;
+
my($bb) = split(' ', $b)
;
+
return $aa cmp $bb;
} @temp;
} @temp;
+
+ foreach $item (@temp)
+ {
+ $item =~ s/^\s*(.*)\n(.*)\n?\s*$/$1\n$2/m;
+ print OUT " $item\n";
+ }
}
}
- open(OUT, ">>test-stdout");
- print OUT "+++++++++++++++++++++++++++\n";
- print OUT @temp;
+ else
+ {
+ @temp = <IN>;
+ if ($which eq "callout")
+ {
+ @temp = sort {
+ my($aa) = substr $a, 21;
+ my($bb) = substr $b, 21;
+ return $aa cmp $bb;
+ } @temp;
+ }
+ print OUT @temp;
+ }
+
+ close(IN);
close(OUT);
return 1;
}
close(OUT);
return 1;
}
@@
-1971,12
+2024,12
@@
if (/^client/ || /^(sudo\s+)?perl\b/)
# not drop privilege when -C and -D options are present. To run the exim
# command as root, we use sudo.
# not drop privilege when -C and -D options are present. To run the exim
# command as root, we use sudo.
-elsif (/^(
[A-Z_]+=\S+\s+)?(\d+)?\s*(sudo
\s+)?exim(_\S+)?\s+(.*)$/)
+elsif (/^(
(?i:[A-Z\d_]+=\S+\s+)+)?(\d+)?\s*(sudo(?:\s+-u\s+(\w+))?
\s+)?exim(_\S+)?\s+(.*)$/)
{
{
- $args = $
5
;
+ $args = $
6
;
my($envset) = (defined $1)? $1 : "";
my($envset) = (defined $1)? $1 : "";
- my($sudo) = (defined $3)? "sudo " : "";
- my($special)= (defined $
4)? $4
: "";
+ my($sudo) = (defined $3)? "sudo "
. (defined $4 ? "-u $4 ":"")
: "";
+ my($special)= (defined $
5)? $5
: "";
$wait_time = (defined $2)? $2 : 0;
# Return 2 rather than 1 afterwards
$wait_time = (defined $2)? $2 : 0;
# Return 2 rather than 1 afterwards