X-Git-Url: https://git.exim.org/exim.git/blobdiff_plain/2634320751a5f719abf2daa5e279aeeef03cdf7f..3bfdf0f1f1d7a1bb6e9c3e4c6af8d1117dd13955:/test/runtest diff --git a/test/runtest b/test/runtest index 3f37311b1..6fa17f9dc 100755 --- a/test/runtest +++ b/test/runtest @@ -29,10 +29,11 @@ use File::Basename; use Pod::Usage; use Getopt::Long; use FindBin qw'$RealBin'; +use File::Copy; use lib "$RealBin/lib"; use Exim::Runtest; -use Exim::Utils qw(uniq numerically); +use Exim::Utils qw(uniq numerically cp); use if $ENV{DEBUG} && scalar($ENV{DEBUG} =~ /\bruntest\b/) => 'Smart::Comments' => '####'; use if $ENV{DEBUG} && scalar($ENV{DEBUG} =~ /\bruntest\b/) => 'Data::Dumper'; @@ -368,6 +369,10 @@ my($is_mail) = $file =~ /mail/; $date = "\\d{2}-\\w{3}-\\d{4}\\s\\d{2}:\\d{2}:\\d{2}"; +# Debug time & pid + +$time_pid = "(?:\\d{2}:\\d{2}:\\d{2}\\s+\\d+\\s)"; + # Pattern for matching pids at start of stderr lines; initially something # that won't match. @@ -404,10 +409,10 @@ RESET_AFTER_EXTRA_LINE_READ: # Replace the Exim version number (may appear in various places) # patchexim should have fixed this for us - #s/(Exim) \d+\.\d+[\w_-]*/$1 x.yz/i; + #s/Exim \K\d+[._]\d+[\w_-]*/x.yz/i; # Replace Exim message ids by a unique series - s/((?:[^\W_]{6}-){2}[^\W_]{2}) + s/(\d[^\W_]{5}-[^\W_]{6}-[^\W_]{2}) /new_value($1, "10Hm%s-0005vi-00", \$next_msgid)/egx; # The names of lock files appear in some error and debug messages @@ -427,6 +432,8 @@ RESET_AFTER_EXTRA_LINE_READ: # There are differences in error messages between OpenSSL versions s/SSL_CTX_set_cipher_list/SSL_connect/; + s/error=\Kauthority and subject key identifier mismatch/self signed certificate/; + s/error=\Kself-signed certificate/self signed certificate/; # One error test in expansions mentions base 62 or 36 s/is not a base (36|62) number/is not a base 36\/62 number/; @@ -598,11 +605,13 @@ RESET_AFTER_EXTRA_LINE_READ: # LibreSSL # TLSv1:AES256-GCM-SHA384:256 # TLSv1:ECDHE-RSA-CHACHA20-POLY1305:256 + # TLS1.3:AEAD-AES256-GCM-SHA384:256 # # ECDHE-RSA-CHACHA20-POLY1305 # AES256-GCM-SHA384 s/(?/ && !/->/ - && !/\*>/ && !/Connection refused/) + && !/\*>/&& !/==/ && !/\*\*/ && !/Connection refused/ && !/in response to/) { s/\[([a-z\d:]+|\d+(?:\.\d+){3})\]:(\d+)/"[".$1."]:".new_value($2,"%s",\$next_port)/ie; } @@ -827,11 +835,10 @@ RESET_AFTER_EXTRA_LINE_READ: # ======== IP error numbers and messages ======== # These vary between operating systems - s/Can't assign requested address/Network Error/; - s/Cannot assign requested address/Network Error/; + s/Can(no|')t assign requested address/Network Error/; s/Operation timed out/Connection timed out/; s/Address family not supported by protocol family/Network Error/; - s/Network is unreachable/Network Error/; + s/Network( is)? unreachable/Network Error/; s/Invalid argument/Network Error/; s/\(\d+\): Network/(dd): Network/; @@ -901,12 +908,16 @@ RESET_AFTER_EXTRA_LINE_READ: # numbers, or handle specific bad conditions in different ways, leading to # different wording in the error messages, so we cannot compare them. -#XXX This loses any trailing "deliving unencypted to" which is unfortunate +#XXX This loses any trailing "delivering unencypted to" which is unfortunate # but I can't work out how to deal with that. s/(TLS session: \(SSL_\w+\): error:)(.*)(?!: delivering)/$1 <>/; + s/TLS error on connection from .*\K\(SSL_accept\): error:.*:unexpected eof while reading$/(tls lib accept fn): TCP connection closed by peer/; s/(TLS error on connection from .* \(SSL_\w+\): error:)(.*)/$1 <>/; next if /SSL verify error: depth=0 error=certificate not trusted/; + # OpenSSL 3.0.0 + s/TLS error \(D-H param setting .* error:\K.*dh key too small/xxxxxxxx:SSL routines::dh key too small/; + # ======== Maildir things ======== # timestamp output in maildir processing s/(timestamp=|\(timestamp_only\): )\d+/$1ddddddd/g; @@ -917,7 +928,7 @@ RESET_AFTER_EXTRA_LINE_READ: s/renamed tmp\/\d+\.[^.]+\.(\S+) as new\/\d+\.[^.]+\.(\S+)/renamed tmp\/MAILDIR.$1 as new\/MAILDIR.$1/; # Maildir file names in general - s/\b\d+\.H\d+P\d+\b/dddddddddd.HddddddPddddd/; + s/\b\d+\.M\d+P\d+\b/dddddddddd.HddddddPddddd/; # Maildirsize data while (/^\d+S,\d+C\s*$/) @@ -935,7 +946,7 @@ RESET_AFTER_EXTRA_LINE_READ: # SRS timestamps and signatures vary by hostname and from run to run - s/SRS0=....=..=[^=]+=[^@]+\@test.ex/SRS0=ZZZZ=YY=the.local.host.name=CALLER\@test.ex/; + s/(?i)SRS0=....=.[^=]?=([^=]+)=([^@]+)\@([^ ]+)/SRS0=ZZZZ=YY=$1=$2\@$3/g; # ======== Output from the "fd" program about open descriptors ======== @@ -952,16 +963,13 @@ RESET_AFTER_EXTRA_LINE_READ: s/^\d\d\d(?=[PFS*])/ddd/; - # ========= Exim lookups ================== - # Lookups have a char which depends on the number of lookup types compiled in, - # in stderr output. Replace with a "0". Recognising this while avoiding - # other output is fragile; perhaps the debug output should be revised instead. - s%(?>>>>>>>>>>>>>>> Exim pid=)\d+(?= terminating)/pppp/; - s/^(proxy-proc \w{5}-pid) \d+$/$1 pppp/; - s/^(?:\s*\d+ )(exec .* -oPX)$/pppp $1/; + s/^\s*\K(\d+)(?=\sexec\s.*\s-oPX$)/new_value($1, "%s", \$next_pid)/xe; + next if /(?:postfork: | fork(?:ing|ed) for )/; # IP address lookups use gethostbyname() when IPv6 is not supported, # and gethostbyname2() or getipnodebyname() when it is. s/\b(gethostbyname2?|\bgetipnodebyname)(\(af=inet\))?/get[host|ipnode]byname[2]/; + # Extra lookups done when ipv6 is supported + next if /^host_fake_gethostbyname\(af=inet6\) returned 1 \(HOST_NOT_FOUND\)$/; + # we don't care what TZ enviroment the testhost was running next if /^Reset TZ to/; + # port numbers + s/(?:\[[^\]]*\]:|V4NET\.0\.0\.0:|localhost::?|127\.0\.0\.1[.:]:?|port[= ])\K$parm_port_d/PORT_D/; + s/(?:\[[^\]]*\]:|V4NET\.0\.0\.0:|localhost::?|127\.0\.0\.1[.:]:?|port[= ])\K$parm_port_d2/PORT_D2/; + s/(?:\[[^\]]*\]:|V4NET\.0\.0\.0:|localhost::?|127\.0\.0\.1[.:]:?|port[= ])\K$parm_port_d3/PORT_D3/; + s/(?:\[[^\]]*\]:|V4NET\.0\.0\.0:|localhost::?|127\.0\.0\.1[.:]:?|port[= ])\K$parm_port_d4/PORT_D4/; + s/(?:\[[^\]]*\]:|V4NET\.0\.0\.0:|localhost::?|127\.0\.0\.1[.:]:?|port[= ])\K$parm_port_s/PORT_S/; + s/(?:\[[^\]]*\]:|V4NET\.0\.0\.0:|localhost::?|127\.0\.0\.1[.:]:?|port[= ])\K$parm_port_n/PORT_N/; + + # ========= Exim lookups ================== + # Lookups have a char which depends on the number of lookup types compiled in, + # in stderr output. Replace with a "0". Recognising this while avoiding + # other output is fragile; perhaps the debug output should be revised instead. + s%^\s+(:?closing )?\K[0-?]TESTSUITE/aux-fixed/%0TESTSUITE/aux-fixed/%g; + # drop gnutls version strings next if /GnuTLS compile-time version: \d+[\.\d]+$/; next if /GnuTLS runtime version: \d+[\.\d]+$/; + # and unwanted debug + next if /^GnuTLS<2>: FIPS140-2 (context is not set|operation mode switched from initial to not-approved)$/; + next if /^GnuTLS<3>: ASSERT: sign.c\[_gnutls_sign_is_secure2\]:\d+$/; # drop openssl version strings next if /OpenSSL compile-time version: OpenSSL \d+[\.\da-z]+/; @@ -1066,30 +1122,71 @@ RESET_AFTER_EXTRA_LINE_READ: # this is timing-dependent next if /^OpenSSL: creating STEK$/; + next if /^selfsign cert rotate$/; + + # TLS preload + # only OpenSSL speaks of these + next if /^TLS: (preloading (DH params|ECDH curve|CA bundle) for server|generating selfsigned server cert)/; + next if /^Diffie-Hellman initialized from default/; + next if /^ECDH OpenSSL (< )?[\d.+]+: temp key parameter settings:/; + next if /^ECDH: .*'prime256v1'/; + next if /^tls_verify_certificates: system$/; + next if /^tls_set_watch: .*\/cert.pem/; + next if /^Generating 2048 bit RSA key/; + + # TLS preload + # only GnuTLS speaks of these + next if /^GnuTLS global init required$/; + next if /^TLS: basic cred init, server/; + next if /^TLS: preloading cipher list for server: NULL$/; + s/^GnuTLS using default session cipher\/priority "NORMAL"$/TLS: not preloading cipher list for server/; + next if /^GnuTLS<2>: added \d+ protocols, \d+ ciphersuites, \d+ sig algos and \d+ groups into priority list$/; + next if /^GnuTLS<2>: (Disabling X.509 extensions|signing structure using RSA-SHA256)/; + next if /^GnuTLS.*(wrap_nettle_mpi_print|gnutls_subject_alt_names_get|get_alt_name)/; + next if /^GnuTLS<[23]>: (p11|ASSERT: pkcs11.c|Initializing needed PKCS #11 modules)/; + next if /^GnuTLS<2>: Intel (AES|GCM) accelerator was detected/; + next if /^Added \d{3} certificate authorities/; + next if /^TLS: not preloading CRL for server/; + next if /^GnuTLS<3>: ASSERT: extensions.c\[_gnutls_get_extension/; + next if /^GnuTLS<3>: ASSERT: \.\.\/\.\.\/\.\.\/lib\/x509\//; + next if /^GnuTLS<2>: Initializing PKCS #11 modules/; + + + # only kevent platforms (FreeBSD, OpenBSD) say this + next if /^watch dir/; + next if /^watch file .*\/usr\/local/; + next if /^watch file .*\/etc\/ssl/; + next if /^closing watch fd:/; + + # TLS preload + # there happen in different orders for OpenSSL/GnuTLS/noTLS + next if /^TLS: generating selfsigned server cert/; + next if /^TLS: not preloading (CA bundle|cipher list) for server$/; + next if /^TLS: not preloading server certs$/; # drop lookups - next if /^Lookups \(built-in\):/; - next if /^Loading lookup modules from/; - next if /^Loaded \d+ lookup modules/; - next if /^Total \d+ lookups/; + next if /^$time_pid?(?: Lookups\ \(built-in\): + | Loading\ lookup\ modules\ from + | Loaded\ \d+\ lookup\ modules + | Total\ \d+\ lookups)/x; # drop compiler information - next if /^Compiler:/; + next if /^$time_pid?Compiler:/; # and the ugly bit # different libraries will have different numbers (possibly 0) of follow-up # lines, indenting with more data - if (/^Library version:/) { + if (/^$time_pid?Library version:/) { while (1) { $_ = ; - next if /^\s/; + next if /^$time_pid?\s/; goto RESET_AFTER_EXTRA_LINE_READ; } } # drop other build-time controls emitted for debugging - next if /^WHITELIST_D_MACROS:/; - next if /^TRUSTED_CONFIG_LIST:/; + next if /^$time_pid?WHITELIST_D_MACROS:/; + next if /^$time_pid?TRUSTED_CONFIG_LIST:/; # As of Exim 4.74, we log when a setgid fails; because we invoke Exim # with -be, privileges will have been dropped, so this will always @@ -1118,6 +1215,8 @@ RESET_AFTER_EXTRA_LINE_READ: # drop pdkim debugging header next if /^DKIM( <<<<<<<<<<<<<<<<<<<<<<<<<<<<<+|: no signatures)$/; + # Some platforms have TIOCOUTome do not + next if /\d+ bytes remain in socket output buffer$/; # Various other IPv6 lines must be omitted too next if /using host_fake_gethostbyname for \S+ \(IPv6\)/; @@ -1133,14 +1232,16 @@ RESET_AFTER_EXTRA_LINE_READ: next; } - # Non-TLS bulds have a different Recieved: header expansion - s/^((.*)\t}}}}by \$primary_hostname \$\{if def:received_protocol \{with \$received_protocol }})\(Exim \$version_number\)$/$1\${if def:tls_in_cipher_std { tls \$tls_in_cipher_std\n$2\t}}(Exim \$version_number)/; - s/^((\s*).*considering: with \$received_protocol }})\(Exim \$version_number\)$/$1\${if def:tls_in_cipher_std { tls \$tls_in_cipher_std\n$2\t}}(Exim \$version_number)/; - if (/condition: def:tls_in_cipher_std$/) + # Non-TLS builds have a different default Recieved: header expansion + s/^((.*)\t}}}}by \$primary_hostname \$\{if def:received_protocol \{with \$received_protocol }})\(Exim \$version_number\)$/$1\${if def:tls_in_ver { (\$tls_in_ver)}}\${if def:tls_in_cipher_std { tls \$tls_in_cipher_std\n$2\t}}(Exim \$version_number)/; + s/^((\s*).*considering: with \$received_protocol }})\(Exim \$version_number\)$/$1\${if def:tls_in_ver { (\$tls_in_ver)}}\${if def:tls_in_cipher_std { tls \$tls_in_cipher_std\n$2\t}}(Exim \$version_number)/; + if (/condition: def:tls_in_ver$/) { $_= ; $_= ; $_= ; $_= ; $_= ; $_= ; $_= ; $_= ; - $_= ; $_= ; $_= ; next; + $_= ; $_= ; $_= ; $_= ; + $_= ; $_= ; $_= ; $_= ; + $_= ; $_= ; $_= ; $_= ; $_= ; next; } @@ -1223,6 +1324,18 @@ RESET_AFTER_EXTRA_LINE_READ: s/^(\s*\d+|ppppp) \@?(.*exim_daemon_notify)$/ppppp $2/; next if /unlinking notifier socket/; + # daemon notifier socket + # Timing variance over runs. Collapse repeated memssages. + if (/notify triggered queue run/) + { + my $line = $_; + while (/notify triggered queue run/) { $_ = ; } + $_ = $line . $_; + } + + # Different builds will have different lookup types included + s/^\s*search_type \K\d+ \((\w+)\) quoting -1 \(none\)$/NN ($1) quoting -1 (none)/; + # DISABLE_OCSP next if /in hosts_requ(est|ire)_ocsp\? (no|yes)/; @@ -1238,6 +1351,9 @@ RESET_AFTER_EXTRA_LINE_READ: # Experimental_REQUIRETLS next if / in tls_advertise_requiretls?\? no \(end of list\)/; + # Experimental_LIMITS + next if / in limits_advertise_hosts?\? no \(matched "!\*"\)/; + # TCP Fast Open next if /^(ppppp )?setsockopt FASTOPEN: Network Error/; @@ -1245,7 +1361,7 @@ RESET_AFTER_EXTRA_LINE_READ: next if /\w+ in keep_environment\? (yes|no)/; # Sizes vary with test hostname - s/^cmd buf flush \d+ bytes$/cmd buf flush ddd bytes/; + s/^cmd buf flush \d+ bytes/cmd buf flush ddd bytes/; # Spool filesystem free space changes on different systems. s/^((?:spool|log) directory space =) -?\d+K (inodes =)\s*-?\d+/$1 nnnnnK $2 nnnnn/; @@ -1285,7 +1401,7 @@ RESET_AFTER_EXTRA_LINE_READ: s/Address family not supported by protocol family/Network Error/; s/Network is unreachable/Network Error/; } - next if /^(ppppp )?setsockopt FASTOPEN: Protocol not available$/; + next if /^(ppppp |\d+ )?setsockopt FASTOPEN: Protocol not available$/; s/^(Connecting to .* \.\.\. sending) \d+ (nonTFO early-data)$/$1 dd $2/; if (/^([0-9: ]* # possible timestamp @@ -1324,6 +1440,9 @@ RESET_AFTER_EXTRA_LINE_READ: next if /^Waiting for MySQL server to answer/; next if /mysqladmin: CREATE DATABASE failed; .* database exists/; + # Postgres version-dependent differences + s/^initdb: warning: (enabling "trust" authentication for local connections)$/\nWARNING: $1/; + # Not all builds include DMARC next if /^DMARC: no (dmarc_tld_file|sender_host_address)$/ ; @@ -1337,8 +1456,13 @@ RESET_AFTER_EXTRA_LINE_READ: s/^errno = \d+$/errno = EEE/; s/^writing error \d+: /writing error EEE: /; - # Some platforms have to flip to slow-mode taint-checking - next if /switching to slow-mode taint checking/; + # Time-only, in debug output + # we have to handle double lines from the DBOPEN, hence placed down here and /mg + s/^\d\d:\d\d:\d\d\s+/01:01:01 /mg; + + # pid in debug lines + s/^(\d\d:\d\d:\d\d\s+)(\d+)/$1 . new_value($2, "p%s", \$next_pid) . " "/mgxe; + s/(?>/; + s/\(gnutls_handshake\): No common application protocol could be negotiated./(SSL_accept): error: <>/; } # ======== mail ======== @@ -1739,7 +1854,7 @@ if (-e $sf_current) if (-s $mf) { my $sf = /^u/i ? $sf_current : $sf_flavour; - tests_exit(-1, "Failed to cp $mf $sf") if system("cp '$mf' '$sf'") != 0; + copy($mf, $sf) or tests_exit(-1, "Failed to copy $mf $sf"); } else { @@ -1811,9 +1926,6 @@ $munges = 'rejectlog' => 's/ X=TLS\S+ / X=TLS_proto_and_cipher /', }, - 'debug_pid' => - { 'stderr' => 's/(^\s{0,4}|(?<=Process )|(?<=child ))\d+/ppppp/g' }, - 'optional_dsn_info' => { 'mail' => '/^(X-(Remote-MTA-(smtp-greeting|helo-response)|Exim-Diagnostic|(body|message)-linecount):|Remote-MTA: X-ip;)/' }, @@ -1840,11 +1952,6 @@ $munges = { 'mainlog' => 's/^(.* SMTP protocol synchronization error .* next input=.{8}).*$/$1/', 'rejectlog' => 's/^(.* SMTP protocol synchronization error .* next input=.{8}).*$/$1/'}, - 'debuglog_stdout' => - { 'stdout' => 's/^\d\d:\d\d:\d\d\s+\d+ //; - s/Process \d+ is ready for new message/Process pppp is ready for new message/' - }, - 'timeout_errno' => # actual errno differs Solaris vs. Linux { 'mainlog' => 's/((?:host|message) deferral .* errno) <\d+> /$1 /' }, @@ -1945,7 +2052,7 @@ if (! $message_skip) foreach $mail (@mails) { - next if $mail eq "test-mail/oncelog"; + next if $mail =~ /^test-mail\/oncelog(.(dir|pag|db))?$/; $saved_mail = substr($mail, 10); # Remove "test-mail/" $saved_mail =~ s/^$parm_caller(\/|$)/CALLER/; # Convert caller name @@ -2102,7 +2209,7 @@ if ($debug) $prcmd =~ s/; /;\n>> /; print ">> $prcmd\n"; } -system("$cmd"); +system($cmd); } @@ -2226,7 +2333,7 @@ if (/^dump\s+(\S+)/) sort { $a->[0] cmp $b->[0] } #map { [ (split)[0] =~ s/\Q$parm_ipv4/ip4.ip4.ip4.ip4/gr, $_ ] } # this is too modern for 5.10.1 map { - (my $k = (split)[0]) =~ s/\Q$parm_ipv4/ip4.ip4.ip4.ip4/g; + (my $k = (split)[0]) =~ s/\Q$parm_ipv4\E/ip4.ip4.ip4.ip4/g; [ $k, $_ ] } do { local $/ = "\n "; <$in> }; @@ -2247,6 +2354,16 @@ if (/^dump\s+(\S+)/) return $aa cmp $bb; } @temp; } + elsif ($which eq "seen") + { + @temp = sort { + (my $aa = $a) =~ s/^([\d.]+)/$1/; + (my $bb = $b) =~ s/^([\d.]+)/$1/; + $aa =~ s/\Q$parm_ipv4\E/ip4.ip4.ip4.ip4/; + $bb =~ s/\Q$parm_ipv4\E/ip4.ip4.ip4.ip4/; + return $aa cmp $bb; + } @temp; + } print $out @temp; } close($in); # close it explicitly, otherwise $? does not get set @@ -2313,6 +2430,17 @@ if (/^exigrep\s+(.*)/) } +# The "exiqgrep" command runs exiqgrep on the current spool + +if (/^exiqgrep(\s+.*)?/) + { + run_system("(./eximdir/exiqgrep -E ./eximdir/exim -C $parm_cwd/test-config" . ($1 || '') . ";" . + "echo exiqgrep exit code = \$?)" . + ">>test-stdout"); + return 1; + } + + # The "eximstats" command runs eximstats on the current mainlog if (/^eximstats\s+(.*)/) @@ -2760,8 +2888,9 @@ else { tests_exit(-1, "Command unrecognized in line $lineno: $_"); } # Run the command, with stdin connected to a pipe, and write the stdin data -# to it, with appropriate substitutions. If a line ends with \NONL\, chop off -# the terminating newline (and the \NONL\). If the command contains +# to it, with appropriate substitutions. If a starts with '>>> ', process it +# via Perl's string eval(). +# If the command contains # -DSERVER=server add "-server" to the command, where it will adjoin the name # for the stderr file. See comment above about the use of -DSERVER. @@ -2770,12 +2899,29 @@ print ">> |${cmd}${stderrsuffix}\n" if ($debug); open CMD, "|${cmd}${stderrsuffix}" || tests_exit(1, "Failed to run $cmd"); CMD->autoflush(1); -while (