git://git.exim.org
/
exim.git
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
raw
|
inline
| side by side
Testsuite: tidying GnuTLS with TLS1.3
[exim.git]
/
test
/
runtest
diff --git
a/test/runtest
b/test/runtest
index 39e87629e6a42dc8cea2db8a986b6cb8626b7a96..10ae833ffea1f16ae2ee7f611fb05824e0f00e3b 100755
(executable)
--- a/
test/runtest
+++ b/
test/runtest
@@
-494,6
+494,9
@@
RESET_AFTER_EXTRA_LINE_READ:
# Date/time in header lines and SMTP responses
s/[A-Z][a-z]{2},\s\d\d?\s[A-Z][a-z]{2}\s\d\d\d\d\s\d\d\:\d\d:\d\d\s[-+]\d{4}
/Tue, 2 Mar 1999 09:44:33 +0000/gx;
# Date/time in header lines and SMTP responses
s/[A-Z][a-z]{2},\s\d\d?\s[A-Z][a-z]{2}\s\d\d\d\d\s\d\d\:\d\d:\d\d\s[-+]\d{4}
/Tue, 2 Mar 1999 09:44:33 +0000/gx;
+ # and in a French locale
+ s/\S{4},\s\d\d?\s[^,]+\s\d\d\d\d\s\d\d\:\d\d:\d\d\s[-+]\d{4}
+ /dim., 10 f\xE9vr 2019 20:05:49 +0000/gx;
# Date/time in logs and in one instance of a filter test
s/^\d{4}-\d\d-\d\d\s\d\d:\d\d:\d\d(\s[+-]\d\d\d\d)?\s/1999-03-02 09:44:33 /gx;
# Date/time in logs and in one instance of a filter test
s/^\d{4}-\d\d-\d\d\s\d\d:\d\d:\d\d(\s[+-]\d\d\d\d)?\s/1999-03-02 09:44:33 /gx;
@@
-566,9
+569,9
@@
RESET_AFTER_EXTRA_LINE_READ:
#
# Retain the authentication algorith field as we want to test that.
#
# Retain the authentication algorith field as we want to test that.
- s/( (?: (?:\b|\s) [\(=] ) | \s )TLSv1
\.[123]:/$1TLSv1
:/xg;
- s/(
(EC)?DHE-)?(RSA|ECDSA)-AES(128|256)-(GCM-SHA(256|384)|SHA)(?!:)/ke-$3-AES256-SHA
/g;
- s/(
(EC)?DHE-)?(RSA|ECDSA)-AES(128|256)-(GCM-SHA(256|384)|SHA):(128|256)/ke-$3-AES256-SHA
:xxx/g;
+ s/( (?: (?:\b|\s) [\(=] ) | \s )TLSv1
(\.[123])?:/$1TLS1.x
:/xg;
+ s/(
?<!ke-)((EC)?DHE-)?(RSA|ECDSA)-AES(128|256)-(GCM-SHA(256|384)|SHA)(?!:)/ke-$3-AES256-SHAnnn
/g;
+ s/(
?<!ke-)((EC)?DHE-)?(RSA|ECDSA)-AES(128|256)-(GCM-SHA(256|384)|SHA):(128|256)/ke-$3-AES256-SHAnnn
:xxx/g;
# OpenSSL TLSv1.3 - unsure what to do about the authentication-variant testcases now,
# as it seems the protocol no longer supports a user choice. Replace the "TLS" field with "RSA".
# OpenSSL TLSv1.3 - unsure what to do about the authentication-variant testcases now,
# as it seems the protocol no longer supports a user choice. Replace the "TLS" field with "RSA".
@@
-576,8
+579,8
@@
RESET_AFTER_EXTRA_LINE_READ:
#
# TLSversion : "TLS" - C_iph_er - MAC : ???
#
#
# TLSversion : "TLS" - C_iph_er - MAC : ???
#
- s/TLS_AES(_256)?_GCM_SHA384(?!:)/ke-RSA-AES256-SHA/g;
- s/:TLS_AES(_256)?_GCM_SHA384:256/:ke-RSA-AES256-SHA:xxx/g;
+ s/TLS_AES(_256)?_GCM_SHA384(?!:)/ke-RSA-AES256-SHA
nnn
/g;
+ s/:TLS_AES(_256)?_GCM_SHA384:256/:ke-RSA-AES256-SHA
nnn
:xxx/g;
# LibreSSL
# TLSv1:AES256-GCM-SHA384:256
# LibreSSL
# TLSv1:AES256-GCM-SHA384:256
@@
-587,10
+590,12
@@
RESET_AFTER_EXTRA_LINE_READ:
# AES256-GCM-SHA384
s/(?<!-)(AES256-GCM-SHA384)/RSA-$1/;
# AES256-GCM-SHA384
s/(?<!-)(AES256-GCM-SHA384)/RSA-$1/;
- s/(
(EC)?DHE-)?(RSA|ECDSA)-(AES256|CHACHA20)-(GCM-SHA384|POLY1305)(?!:)/ke-$3-AES256-SHA
/g;
- s/(
(EC)?DHE-)?(RSA|ECDSA)-(AES256|CHACHA20)-(GCM-SHA384|POLY1305):256/ke-$3-AES256-SHA
:xxx/g;
+ s/(
?<!ke-)((EC)?DHE-)?(RSA|ECDSA)-(AES256|CHACHA20)-(GCM-SHA384|POLY1305)(?!:)/ke-$3-AES256-SHAnnn
/g;
+ s/(
?<!ke-)((EC)?DHE-)?(RSA|ECDSA)-(AES256|CHACHA20)-(GCM-SHA384|POLY1305):256/ke-$3-AES256-SHAnnn
:xxx/g;
# GnuTLS have seen:
# GnuTLS have seen:
+ # TLS1.3:ECDHE_RSA_AES_256_GCM_SHA384:256
+ #
# TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256
# TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128
# TLS1.2:RSA_AES_256_CBC_SHA1:256 (canonical)
# TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256
# TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128
# TLS1.2:RSA_AES_256_CBC_SHA1:256 (canonical)
@@
-605,9
+610,9
@@
RESET_AFTER_EXTRA_LINE_READ:
# DHE-RSA-AES256-SHA256
# DHE-RSA-AES256-SHA
# picking latter as canonical simply because regex easier that way.
# DHE-RSA-AES256-SHA256
# DHE-RSA-AES256-SHA
# picking latter as canonical simply because regex easier that way.
- s/\bDHE_RSA_AES_128_CBC_SHA1:128/RSA
_AES_256_CBC_
SHA1:256/g;
- s/TLS1.[012
]:((EC)?DHE_)?(RSA|ECDSA)_AES_(256|128)_(CBC|GCM)_SHA(1|256|384):(256|128)/TLS1.x:ke_$3_AES_256_CBC_SHAnnn:256
/g;
- s/\b(ECDHE-(RSA|ECDSA)-AES256-SHA|DHE-RSA-AES256-SHA256)\b/ke-$2-AES256-SHA
xx
/g;
+ s/\bDHE_RSA_AES_128_CBC_SHA1:128/RSA
-AES256-
SHA1:256/g;
+ s/TLS1.[012
3]:((EC)?DHE_)?(RSA|ECDSA)_AES_(256|128)_(CBC|GCM)_SHA(1|256|384):(256|128)/TLS1.x:ke-$3-AES256-SHAnnn:xxx
/g;
+ s/\b(ECDHE-(RSA|ECDSA)-AES256-SHA|DHE-RSA-AES256-SHA256)\b/ke-$2-AES256-SHA
nnn
/g;
# GnuTLS library error message changes
s/No certificate was found/The peer did not send any certificate/g;
# GnuTLS library error message changes
s/No certificate was found/The peer did not send any certificate/g;
@@
-2199,7
+2204,7
@@
elsif (/^millisleep\s+(.*)$/)
# The "munge" command selects one of a hardwired set of test-result modifications
# The "munge" command selects one of a hardwired set of test-result modifications
-# to be made before result compares are run agains the golden set. This lets
+# to be made before result compares are run agains
t
the golden set. This lets
# us account for test-system dependent things which only affect a few, but known,
# test-cases.
# Currently only the last munge takes effect.
# us account for test-system dependent things which only affect a few, but known,
# test-cases.
# Currently only the last munge takes effect.