X-Git-Url: https://git.exim.org/exim.git/blobdiff_plain/644eb96a06d26c5f02bafe8c8f927560437c7cdc..f5109b58420fa0754c102fb0a994b1f64d75ccdf:/test/runtest diff --git a/test/runtest b/test/runtest index 06e440115..3da23b945 100755 --- a/test/runtest +++ b/test/runtest @@ -432,6 +432,8 @@ RESET_AFTER_EXTRA_LINE_READ: # There are differences in error messages between OpenSSL versions s/SSL_CTX_set_cipher_list/SSL_connect/; + s/error=\Kauthority and subject key identifier mismatch/self signed certificate/; + s/error=\Kself-signed certificate/self signed certificate/; # One error test in expansions mentions base 62 or 36 s/is not a base (36|62) number/is not a base 36\/62 number/; @@ -745,7 +747,7 @@ RESET_AFTER_EXTRA_LINE_READ: s/\bgid=\d+/gid=gggg/; s/\begid=\d+/egid=gggg/; - s/\b(pid=|pid |PID: )\d+/$1pppp/; + s/\b(?:pid=|pid\s|PID:\s|Process\s|child\s)\K(\d+)/new_value($1, "p%s", \$next_pid)/gxe; s/\buid=\d+/uid=uuuu/; s/\beuid=\d+/euid=uuuu/; s/set_process_info:\s+\d+/set_process_info: pppp/; @@ -792,7 +794,7 @@ RESET_AFTER_EXTRA_LINE_READ: } # Port in host address in spool file output from -Mvh - s/^(--?host_address) (.*)\.\d+/$1 $2.9999/; + s/^(--?host_address) (.*[:.])\d+$/$1 ${2}9999/; if ($dynamic_socket and $dynamic_socket->opened and my $port = $dynamic_socket->sockport) { s/^Connecting to 127\.0\.0\.1 port \K$port//; @@ -906,9 +908,10 @@ RESET_AFTER_EXTRA_LINE_READ: # numbers, or handle specific bad conditions in different ways, leading to # different wording in the error messages, so we cannot compare them. -#XXX This loses any trailing "deliving unencypted to" which is unfortunate +#XXX This loses any trailing "delivering unencypted to" which is unfortunate # but I can't work out how to deal with that. s/(TLS session: \(SSL_\w+\): error:)(.*)(?!: delivering)/$1 <>/; + s/TLS error on connection from .*\K\(SSL_accept\): error:.*:unexpected eof while reading$/(tls lib accept fn): TCP connection closed by peer/; s/(TLS error on connection from .* \(SSL_\w+\): error:)(.*)/$1 <>/; next if /SSL verify error: depth=0 error=certificate not trusted/; @@ -964,6 +967,9 @@ RESET_AFTER_EXTRA_LINE_READ: # MIME boundaries in RFC3461 DSN messages s/\d{8,10}-eximdsn-\d+/NNNNNNNNNN-eximdsn-MMMMMMMMMM/; + # Cyrus SASL library version differences (rejectlog) + s/Cyrus SASL permanent failure: \Kuser not found$/generic failure/; + # ========================================================== # Some munging is specific to the specific file types @@ -1005,8 +1011,10 @@ RESET_AFTER_EXTRA_LINE_READ: next if /SSL verify error: depth=0 error=certificate not trusted/; s/SSL3_READ_BYTES/ssl3_read_bytes/i; s/CONNECT_CR_FINISHED/ssl3_read_bytes/i; - s/^\d+:error:\d+(?:E\d+)?(:SSL routines:ssl3_read_bytes:[^:]+:).*(:SSL alert number \d\d)$/pppp:error:dddddddd$1\[...\]$2/; - s/^error:[^:]*:(SSL routines:ssl3_read_bytes:(tls|ssl)v\d+ alert)/error:dddddddd:$1/; + s/^[[:xdigit:]]+:error:[[:xdigit:]]+(?:E[[:xdigit:]]+)?(:SSL routines:ssl3_read_bytes:[^:]+:).*(:SSL alert number \d\d)$/pppp:error:dddddddd$1\[...\]$2/; + s/^error:\K[^:]*:(SSL routines:ssl3_read_bytes:(tls|ssl)v\d+ alert)/dddddddd:$1/; + s/^error:\K[[:xdigit:]]+:SSL routines::(tlsv13 alert certificate required)$/dddddddd:SSL routines:ssl3_read_bytes:$1/; + s/^error:\K[[:xdigit:]]+:SSL routines::((tlsv1|sslv3) alert (unknown ca|certificate revoked))$/dddddddd:SSL routines:ssl3_read_bytes:$1/; # gnutls version variances next if /^Error in the pull function./; @@ -1045,14 +1053,35 @@ RESET_AFTER_EXTRA_LINE_READ: elsif ($is_stderr) { # The very first line of debugging output will vary - s/^Exim version .*/Exim version x.yz ..../; + # Skip some lines that Exim puts out at the start of debugging output + # because they will be different in different binaries. + + next if /^$time_pid? + (?: Berkeley\ DB:\s + | Probably\ (?:Berkeley\ DB|ndbm|GDBM) + | Using\ tdb + | Authenticators: + | Lookups(?:\(built-in\))?: + | Support\ for: + | Routers: + | Transports: + | Malware: + | log\ selectors\ = + | cwd= + | Fixed\ never_users + | Configure\ owner + | Size\ of\ off_t: + ) + /x; + + # Lines with a leading pid + s/^(\d+)\s(?!(?:previous message|in\s))/new_value($1, "p%s", \$next_pid) . ' '/e; + # Debugging lines for Exim terminations and process-generation - s/(?<=^>>>>>>>>>>>>>>>> Exim pid=)\d+(?= terminating)/pppp/; - s/^(proxy-proc \w{5}-pid) \d+$/$1 pppp/; - s/^(?:\s*\d+ )(exec .* -oPX)$/pppp $1/; + s/^\s*\K(\d+)(?=\sexec\s.*\s-oPX$)/new_value($1, "%s", \$next_pid)/xe; next if /(?:postfork: | fork(?:ing|ed) for )/; # IP address lookups use gethostbyname() when IPv6 is not supported, @@ -1066,6 +1095,14 @@ RESET_AFTER_EXTRA_LINE_READ: # we don't care what TZ enviroment the testhost was running next if /^Reset TZ to/; + # port numbers + s/(?:\[[^\]]*\]:|V4NET\.0\.0\.0:|localhost::?|127\.0\.0\.1[.:]:?|port[= ])\K$parm_port_d/PORT_D/; + s/(?:\[[^\]]*\]:|V4NET\.0\.0\.0:|localhost::?|127\.0\.0\.1[.:]:?|port[= ])\K$parm_port_d2/PORT_D2/; + s/(?:\[[^\]]*\]:|V4NET\.0\.0\.0:|localhost::?|127\.0\.0\.1[.:]:?|port[= ])\K$parm_port_d3/PORT_D3/; + s/(?:\[[^\]]*\]:|V4NET\.0\.0\.0:|localhost::?|127\.0\.0\.1[.:]:?|port[= ])\K$parm_port_d4/PORT_D4/; + s/(?:\[[^\]]*\]:|V4NET\.0\.0\.0:|localhost::?|127\.0\.0\.1[.:]:?|port[= ])\K$parm_port_s/PORT_S/; + s/(?:\[[^\]]*\]:|V4NET\.0\.0\.0:|localhost::?|127\.0\.0\.1[.:]:?|port[= ])\K$parm_port_n/PORT_N/; + # ========= Exim lookups ================== # Lookups have a char which depends on the number of lookup types compiled in, # in stderr output. Replace with a "0". Recognising this while avoiding @@ -1075,6 +1112,9 @@ RESET_AFTER_EXTRA_LINE_READ: # drop gnutls version strings next if /GnuTLS compile-time version: \d+[\.\d]+$/; next if /GnuTLS runtime version: \d+[\.\d]+$/; + # and unwanted debug + next if /^GnuTLS<2>: FIPS140-2 (context is not set|operation mode switched from initial to not-approved)$/; + next if /^GnuTLS<3>: ASSERT: sign.c\[_gnutls_sign_is_secure2\]:\d+$/; # drop openssl version strings next if /OpenSSL compile-time version: OpenSSL \d+[\.\da-z]+/; @@ -1107,6 +1147,10 @@ RESET_AFTER_EXTRA_LINE_READ: next if /^GnuTLS<2>: Intel (AES|GCM) accelerator was detected/; next if /^Added \d{3} certificate authorities/; next if /^TLS: not preloading CRL for server/; + next if /^GnuTLS<3>: ASSERT: extensions.c\[_gnutls_get_extension/; + next if /^GnuTLS<3>: ASSERT: \.\.\/\.\.\/\.\.\/lib\/x509\//; + next if /^GnuTLS<2>: Initializing PKCS #11 modules/; + # only kevent platforms (FreeBSD, OpenBSD) say this next if /^watch dir/; @@ -1290,7 +1334,7 @@ RESET_AFTER_EXTRA_LINE_READ: } # Different builds will have different lookup types included - s/^search_type \K\d+ \((\w+)\) quoting -1 \(none\)$/NN ($1) quoting -1 (none)/; + s/^\s*search_type \K\d+ \((\w+)\) quoting -1 \(none\)$/NN ($1) quoting -1 (none)/; # DISABLE_OCSP next if /in hosts_requ(est|ire)_ocsp\? (no|yes)/; @@ -1357,7 +1401,7 @@ RESET_AFTER_EXTRA_LINE_READ: s/Address family not supported by protocol family/Network Error/; s/Network is unreachable/Network Error/; } - next if /^(ppppp )?setsockopt FASTOPEN: Protocol not available$/; + next if /^(ppppp |\d+ )?setsockopt FASTOPEN: Protocol not available$/; s/^(Connecting to .* \.\.\. sending) \d+ (nonTFO early-data)$/$1 dd $2/; if (/^([0-9: ]* # possible timestamp @@ -1398,6 +1442,8 @@ RESET_AFTER_EXTRA_LINE_READ: # Postgres version-dependent differences s/^initdb: warning: (enabling "trust" authentication for local connections)$/\nWARNING: $1/; + # Postgre DB server PID + s/ \[\d+\] (?=(LOG: redirecting log|HINT: Future log output))/ [pppp] /; # Not all builds include DMARC next if /^DMARC: no (dmarc_tld_file|sender_host_address)$/ ; @@ -1417,8 +1463,8 @@ RESET_AFTER_EXTRA_LINE_READ: s/^\d\d:\d\d:\d\d\s+/01:01:01 /mg; # pid in debug lines - s/^(\d\d:\d\d:\d\d)(\s+\d+\s)/"$1 " . new_value($2, "%s", \$next_pid) . " "/mgxe; - s/(?.* K C="250- \d)\d+ (byte chunk, total \d)\d+/$1nn $2nn/; - # openssl version variances - s/(TLS error on connection [^:]*: error:)[0-9A-F]{8}(:system library):(?:fopen|func\(4095\)):(No such file or directory)$/$1xxxxxxxx$2:fopen:$3/; - s/(DANE attempt failed.*error:)[0-9A-F]{8}(:SSL routines:)(?:(?i)ssl3_get_server_certificate|tls_process_server_certificate|CONNECT_CR_CERT)(?=:certificate verify failed$)/$1xxxxxxxx$2ssl3_get_server_certificate/; + # OpenSSL version variances + s/(TLS error on connection [^:]*: error:)[0-9A-F]{8}(:system library):(?:fopen|func\(4095\)|):(No such file or directory)$/$1xxxxxxxx$2:fopen:$3/; + next if /TLS error \(SSL_read\): error:0A000126:SSL routines::unexpected eof while reading$/ ; + s/EVDATA: \K\(SSL_accept\): error:0A000126:SSL routines::unexpected eof while reading/SSL_accept: TCP connection closed by peer/; + s/(DANE attempt failed.*error:)[0-9A-F]{8}(:SSL routines:)(?:(?i)ssl3_get_server_certificate|tls_process_server_certificate|CONNECT_CR_CERT|)(?=:certificate verify failed$)/$1xxxxxxxx$2ssl3_get_server_certificate/; s/(DKIM: validation error: )error:[0-9A-F]{8}:rsa routines:(?:(?i)int_rsa_verify|CRYPTO_internal):(?:bad signature|algorithm mismatch)$/$1Public key signature verification has failed./; s/ARC: AMS signing: privkey PEM-block import: error:\K[0-9A-F]{8}:(PEM routines):get_name:(no start line)/0906D06C:$1:PEM_read_bio:$2/; - # gnutls version variances + # GnuTLS version variances if (/TLS error on connection \(recv\): .* (Decode error|peer did not send any certificate)/) { my $prev = $_; @@ -1496,8 +1524,10 @@ RESET_AFTER_EXTRA_LINE_READ: else { $_ = $prev; } } - # translate gnutls error into the openssl one + # translate GnuTLS error into the OpenSSL one s/ARC: AMS signing: privkey PEM-block import: \KThe requested data were not available.$/error:0906D06C:PEM routines:PEM_read_bio:no start line/; + # and then both into the OpenSSL 3.x one + s/ARC: AMS signing: privkey PEM-block import: error:\K[0-9A-F]{8}:PEM routines:PEM_read_bio:no start line$/1E08010C:DECODER routines::unsupported/; # DKIM timestamps if ( /(DKIM: d=.*) t=([0-9]*) x=([0-9]*) / ) @@ -1902,9 +1932,6 @@ $munges = 'rejectlog' => 's/ X=TLS\S+ / X=TLS_proto_and_cipher /', }, - 'debug_pid' => - { 'stderr' => 's/(^\s{0,4}|(?<=Process )|(?<=child ))\d+/ppppp/g' }, - 'optional_dsn_info' => { 'mail' => '/^(X-(Remote-MTA-(smtp-greeting|helo-response)|Exim-Diagnostic|(body|message)-linecount):|Remote-MTA: X-ip;)/' }, @@ -2031,7 +2058,7 @@ if (! $message_skip) foreach $mail (@mails) { - next if $mail eq "test-mail/oncelog"; + next if $mail =~ /^test-mail\/oncelog(.(dir|pag|db))?$/; $saved_mail = substr($mail, 10); # Remove "test-mail/" $saved_mail =~ s/^$parm_caller(\/|$)/CALLER/; # Convert caller name @@ -2409,6 +2436,17 @@ if (/^exigrep\s+(.*)/) } +# The "exiqgrep" command runs exiqgrep on the current spool + +if (/^exiqgrep(\s+.*)?/) + { + run_system("(./eximdir/exiqgrep -E ./eximdir/exim -C $parm_cwd/test-config" . ($1 || '') . ";" . + "echo exiqgrep exit code = \$?)" . + ">>test-stdout"); + return 1; + } + + # The "eximstats" command runs eximstats on the current mainlog if (/^eximstats\s+(.*)/) @@ -3791,7 +3829,7 @@ if (defined $parm_lookups{dbm} && not cp("$parm_exim_dir/exim_dbmbuild", "eximdi $dbm_build_deleted = 1; } -foreach my $tool (qw(exim_dumpdb exim_lock exinext exigrep eximstats)) { +foreach my $tool (qw(exim_dumpdb exim_lock exinext exigrep eximstats exiqgrep)) { cp("$parm_exim_dir/$tool" => "eximdir/$tool") or tests_exit(-1, "Failed to make a copy of $tool: $!"); } @@ -3799,7 +3837,7 @@ foreach my $tool (qw(exim_dumpdb exim_lock exinext exigrep eximstats)) { # Collect some version information print '-' x 78, "\n"; print "Perl version for runtest: $]\n"; -foreach (map { "./eximdir/$_" } qw(exigrep exinext eximstats)) { +foreach (map { "./eximdir/$_" } qw(exigrep exinext eximstats exiqgrep)) { # fold (or unfold?) multiline output into a one-liner print join(', ', map { chomp; $_ } `$_ --version`), "\n"; }