X-Git-Url: https://git.exim.org/exim.git/blobdiff_plain/492fd282bc8f158258e4f019a8211885352efc2c..3f78365471d68728e6607ad49aaa6299f69c6f86:/test/runtest

diff --git a/test/runtest b/test/runtest
index 23319b755..5671fead2 100755
--- a/test/runtest
+++ b/test/runtest
@@ -545,16 +545,23 @@ RESET_AFTER_EXTRA_LINE_READ:
   # negotiating TLS 1.2 instead of 1.0.
   # Mail headers (...), log-lines X=..., client-ssl output ...
   # (and \b doesn't match between ' ' and '(' )
+  #
+  # Retain the authentication algorith field as we want to test that.
 
   s/( (?: (?:\b|\s) [\(=] ) | \s )TLSv1\.[12]:/$1TLSv1:/xg;
-  s/\bAES128-GCM-SHA256:128\b/AES256-SHA:256/g;
-  s/\bAES128-GCM-SHA256\b/AES256-SHA/g;
-  s/\bAES256-GCM-SHA384\b/AES256-SHA/g;
-  s/\bDHE-RSA-AES256-SHA\b/AES256-SHA/g;
+  s/((EC)?DHE-)?(RSA|ECDSA)-AES(128|256)-(GCM-SHA(256|384)|SHA)(?!:)/ke-$3-AES256-SHA/g;
+  s/((EC)?DHE-)?(RSA|ECDSA)-AES(128|256)-(GCM-SHA(256|384)|SHA):(128|256)/ke-$3-AES256-SHA:xxx/g;
 
   # LibreSSL
+  # TLSv1:AES256-GCM-SHA384:256
   # TLSv1:ECDHE-RSA-CHACHA20-POLY1305:256
-  s/\bECDHE-RSA-CHACHA20-POLY1305\b/AES256-SHA/g;
+  #
+  # ECDHE-RSA-CHACHA20-POLY1305
+  # AES256-GCM-SHA384
+
+  s/(?<!-)(AES256-GCM-SHA384)/RSA-$1/;
+  s/((EC)?DHE-)?(RSA|ECDSA)-(AES256|CHACHA20)-(GCM-SHA384|POLY1305)(?!:)/ke-$3-AES256-SHA/g;
+  s/((EC)?DHE-)?(RSA|ECDSA)-(AES256|CHACHA20)-(GCM-SHA384|POLY1305):256/ke-$3-AES256-SHA:xxx/g;
 
   # GnuTLS have seen:
   #   TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256
@@ -572,8 +579,8 @@ RESET_AFTER_EXTRA_LINE_READ:
   #   DHE-RSA-AES256-SHA
   # picking latter as canonical simply because regex easier that way.
   s/\bDHE_RSA_AES_128_CBC_SHA1:128/RSA_AES_256_CBC_SHA1:256/g;
-  s/TLS1.[012]:((EC)?DHE_)?RSA_AES_(256|128)_(CBC|GCM)_SHA(1|256|384):(256|128)/TLS1.x:xxxxRSA_AES_256_CBC_SHAnnn:256/g;
-  s/\b(ECDHE-RSA-AES256-SHA|DHE-RSA-AES256-SHA256)\b/AES256-SHA/g;
+  s/TLS1.[012]:((EC)?DHE_)?(RSA|ECDSA)_AES_(256|128)_(CBC|GCM)_SHA(1|256|384):(256|128)/TLS1.x:ke_$3_AES_256_CBC_SHAnnn:256/g;
+  s/\b(ECDHE-(RSA|ECDSA)-AES256-SHA|DHE-RSA-AES256-SHA256)\b/ke-$2-AES256-SHAxx/g;
 
   # GnuTLS library error message changes
   s/No certificate was found/The peer did not send any certificate/g;
@@ -935,6 +942,9 @@ RESET_AFTER_EXTRA_LINE_READ:
 
     s/\b(gethostbyname2?|\bgetipnodebyname)(\(af=inet\))?/get[host|ipnode]byname[2]/;
 
+    # we don't care what TZ enviroment the testhost was running
+    next if /^Reset TZ to/;
+
     # drop gnutls version strings
     next if /GnuTLS compile-time version: \d+[\.\d]+$/;
     next if /GnuTLS runtime version: \d+[\.\d]+$/;
@@ -1113,8 +1123,8 @@ RESET_AFTER_EXTRA_LINE_READ:
     next if /^(ppppp )?setsockopt FASTOPEN: Protocol not available$/;
 
     # Specific pointer values reported for DB operations change from run to run
-    s/^(returned from EXIM_DBOPEN: 0x)[0-9a-f]+/$1AAAAAAAA/;
-    s/^(EXIM_DBCLOSE.0x)[0-9a-f]+/$1AAAAAAAA/;
+    s/^(returned from EXIM_DBOPEN: )(0x)?[0-9a-f]+/${1}0xAAAAAAAA/;
+    s/^(EXIM_DBCLOSE.)(0x)?[0-9a-f]+/${1}0xAAAAAAAA/;
 
     # When Exim is checking the size of directories for maildir, it uses
     # the check_dir_size() function to scan directories. Of course, the order
@@ -1148,6 +1158,7 @@ RESET_AFTER_EXTRA_LINE_READ:
                 /^Support for:/ ||
                 /^Routers:/ ||
                 /^Transports:/ ||
+                /^Malware:/ ||
                 /^log selectors =/ ||
                 /^cwd=/ ||
                 /^Fixed never_users:/ ||
@@ -1172,8 +1183,8 @@ RESET_AFTER_EXTRA_LINE_READ:
     s/(=>.* K C="250- \d)\d+ (byte chunk, total \d)\d+/$1nn $2nn/;
 
     # openssl version variances
-    s/(TLS error on connection .*: error:)[0-9A-F]{8}(:system library):func\(4095\):(No such file or
- directory)$/$1xxxxxxxx$2:fopen:$3/;
+    s/(TLS error on connection [^:]*: error:)[0-9A-F]{8}(:system library):(?:fopen|func\(4095\)):(No such file or directory)$/$1xxxxxxxx$2:fopen:$3/;
+    s/(DANE attempt failed.*error:)[0-9A-F]{8}(:SSL routines:)(ssl3_get_server_certificate|tls_process_server_certificate|CONNECT_CR_CERT)(?=:certificate verify failed$)/$1xxxxxxxx$2ssl3_get_server_certificate/;
     }
 
   # ======== All files other than stderr ========
@@ -2418,6 +2429,7 @@ elsif (/^background$/)
 
   $_ = <SCRIPT>; $lineno++;
   chomp;
+  do_substitute($testno);
   $line = $_;
   if ($debug) { printf ">> daemon: $line >>test-stdout 2>>test-stderr\n"; }
 
@@ -2752,6 +2764,9 @@ die "CONFIGURE_GROUP ($parm_configure_group) does not match the group invoking $
 	if 0020 & (stat "$parm_cwd/test-config")[2]
 	and $parm_configure_group != $);
 
+die "aux-fixed file is world-writeable; best to strip them all, recursively\n"
+	if 0020 & (stat "aux-fixed/0037.f-1")[2];
+
 
 open(EXIMINFO, "$parm_exim -d-all+transport -bV -C $parm_cwd/test-config -DDIR=$parm_cwd |") ||
   die "** Cannot run $parm_exim: $!\n";
@@ -2826,6 +2841,15 @@ while (<EXIMINFO>)
         }
       }
     }
+
+  elsif (/^Malware: (.*)/)
+    {
+    print;
+    @temp = split /(\s+)/, $1;
+    push(@temp, ' ');
+    %parm_malware = @temp;
+    }
+
   }
 close(EXIMINFO);
 print "-" x 78, "\n";
@@ -3136,6 +3160,12 @@ unless (defined $parm_eximgroup)
   die "** ABANDONING.\n";
   }
 
+if ($parm_caller_home eq $parm_cwd)
+  {
+  print "will confuse working dir with homedir; change homedir\n";
+  die "** ABANDONING.\n";
+  }
+
 print "You need to be in the Exim group to run these tests. Checking ...";
 
 if (`groups` =~ /\b\Q$parm_eximgroup\E\b/)
@@ -3318,7 +3348,6 @@ system("sudo cp eximdir/exim eximdir/exim_exim;" .
        "sudo chgrp $parm_eximgroup eximdir/exim_exim;" .
        "sudo chmod 06755 eximdir/exim_exim");
 
-
 ##################################################
 #     Make copies of utilities we might need     #
 ##################################################
@@ -3361,6 +3390,15 @@ if (system("cp $parm_exim_dir/eximstats eximdir") != 0)
   tests_exit(-1, "Failed to make a copy of eximstats: $!");
   }
 
+# Collect some version information
+print '-' x 78, "\n";
+print "Perl version for runtest: $]\n";
+foreach (map { "./eximdir/$_" } qw(exigrep exinext eximstats)) {
+  # fold (or unfold?) multiline output into a one-liner
+  print join(', ', map { chomp; $_ } `$_ --version`), "\n";
+}
+print '-' x 78, "\n";
+
 
 ##################################################
 #    Check that the Exim user can access stuff   #
@@ -3482,6 +3520,10 @@ DIR: for (my $i = 0; $i < @test_dirs; $i++)
         {
         if (!defined $parm_transports{$1}) { $wantthis = 0; last; }
         }
+      elsif (/^malware (.*)$/)
+        {
+        if (!defined $parm_malware{$1}) { $wantthis = 0; last; }
+        }
       else
         {
         tests_exit(-1, "Unknown line in \"scripts/$testdir/REQUIRES\": \"$_\"");