X-Git-Url: https://git.exim.org/exim.git/blobdiff_plain/6a9cf7f890226aa085842cd3d94b13e78ea31637..041bf37266e8b97f457b78401ee7006429c69495:/test/runtest?ds=sidebyside diff --git a/test/runtest b/test/runtest index f61b016f9..f595634e9 100755 --- a/test/runtest +++ b/test/runtest @@ -29,10 +29,11 @@ use File::Basename; use Pod::Usage; use Getopt::Long; use FindBin qw'$RealBin'; +use File::Copy; use lib "$RealBin/lib"; use Exim::Runtest; -use Exim::Utils qw(uniq numerically); +use Exim::Utils qw(uniq numerically cp); use if $ENV{DEBUG} && scalar($ENV{DEBUG} =~ /\bruntest\b/) => 'Smart::Comments' => '####'; use if $ENV{DEBUG} && scalar($ENV{DEBUG} =~ /\bruntest\b/) => 'Data::Dumper'; @@ -598,11 +599,13 @@ RESET_AFTER_EXTRA_LINE_READ: # LibreSSL # TLSv1:AES256-GCM-SHA384:256 # TLSv1:ECDHE-RSA-CHACHA20-POLY1305:256 + # TLS1.3:AEAD-AES256-GCM-SHA384:256 # # ECDHE-RSA-CHACHA20-POLY1305 # AES256-GCM-SHA384 s/(?/ && !/->/ - && !/\*>/ && !/Connection refused/) + && !/\*>/&& !/==/ && !/\*\*/ && !/Connection refused/ && !/in response to/) { s/\[([a-z\d:]+|\d+(?:\.\d+){3})\]:(\d+)/"[".$1."]:".new_value($2,"%s",\$next_port)/ie; } @@ -1007,7 +1009,8 @@ RESET_AFTER_EXTRA_LINE_READ: s/conversion: german.xn--strae-oqa.de/conversion: german.straße.de/; # subsecond timstamp info in reported header-files - s/^(-received_time_usec \.)\d{6}$/$1uuuuuu/; + s/^-received_time_usec \.\K\d{6}$/uuuuuu/; + s/^-received_time_complete \K\d+\.\d{6}$/tttt.uuuuuu/; # Postgres server takes varible time to shut down; lives in various places s/^waiting for server to shut down\.+ done$/waiting for server to shut down.... done/; @@ -1019,6 +1022,9 @@ RESET_AFTER_EXTRA_LINE_READ: # ARC is not always supported by the build next if /^arc_sign =/; + # LIMITS is not always supported by the build + next if /^limits_advertise_hosts =/; + # TLS resumption is not always supported by the build next if /^tls_resumption_hosts =/; next if /^-tls_resumption/; @@ -1047,6 +1053,9 @@ RESET_AFTER_EXTRA_LINE_READ: s/\b(gethostbyname2?|\bgetipnodebyname)(\(af=inet\))?/get[host|ipnode]byname[2]/; + # Extra lookups done when ipv6 is supported + next if /^host_fake_gethostbyname\(af=inet6\) returned 1 \(HOST_NOT_FOUND\)$/; + # we don't care what TZ enviroment the testhost was running next if /^Reset TZ to/; @@ -1066,22 +1075,40 @@ RESET_AFTER_EXTRA_LINE_READ: # this is timing-dependent next if /^OpenSSL: creating STEK$/; + next if /^selfsign cert rotate$/; + # TLS preload # only OpenSSL speaks of these - next if /^TLS: preloading DH params for server/; + next if /^TLS: (preloading (DH params|ECDH curve|CA bundle) for server|generating selfsigned server cert)/; next if /^Diffie-Hellman initialized from default/; - next if /^TLS: preloading ECDH curve for server/; - next if /^ECDH OpenSSL [\d.+]+ temp key parameter settings: default selection$/; - next if /^watch dir '\/etc\/pki\/tls'$/; + next if /^ECDH OpenSSL (< )?[\d.+]+: temp key parameter settings:/; + next if /^ECDH: .*'prime256v1'/; + next if /^tls_verify_certificates: system$/; + next if /^tls_set_watch: .*\/cert.pem/; + next if /^Generating 2048 bit RSA key/; + # TLS preload # only GnuTLS speaks of these next if /^GnuTLS global init required$/; next if /^TLS: basic cred init, server/; next if /^TLS: preloading cipher list for server: NULL$/; s/^GnuTLS using default session cipher\/priority "NORMAL"$/TLS: not preloading cipher list for server/; next if /^GnuTLS<2>: added \d+ protocols, \d+ ciphersuites, \d+ sig algos and \d+ groups into priority list$/; - + next if /^GnuTLS<2>: (Disabling X.509 extensions|signing structure using RSA-SHA256)/; + next if /^GnuTLS.*(wrap_nettle_mpi_print|gnutls_subject_alt_names_get|get_alt_name)/; + next if /^GnuTLS<[23]>: (p11|ASSERT: pkcs11.c|Initializing needed PKCS #11 modules)/; + next if /^GnuTLS<2>: Intel (AES|GCM) accelerator was detected/; + next if /^Added \d{3} certificate authorities/; + next if /^TLS: not preloading CRL for server/; + + # only kevent platforms (FreeBSD, OpenBSD) say this + next if /^watch dir/; + next if /^watch file .*\/usr\/local/; + next if /^watch file .*\/etc\/ssl/; + + # TLS preload # there happen in different orders for OpenSSL/GnuTLS/noTLS + next if /^TLS: generating selfsigned server cert/; next if /^TLS: not preloading (CA bundle|cipher list) for server$/; next if /^TLS: not preloading server certs$/; @@ -1136,6 +1163,8 @@ RESET_AFTER_EXTRA_LINE_READ: # drop pdkim debugging header next if /^DKIM( <<<<<<<<<<<<<<<<<<<<<<<<<<<<<+|: no signatures)$/; + # Some platforms have TIOCOUTome do not + next if /\d+ bytes remain in socket output buffer$/; # Various other IPv6 lines must be omitted too next if /using host_fake_gethostbyname for \S+ \(IPv6\)/; @@ -1151,14 +1180,16 @@ RESET_AFTER_EXTRA_LINE_READ: next; } - # Non-TLS bulds have a different Recieved: header expansion - s/^((.*)\t}}}}by \$primary_hostname \$\{if def:received_protocol \{with \$received_protocol }})\(Exim \$version_number\)$/$1\${if def:tls_in_cipher_std { tls \$tls_in_cipher_std\n$2\t}}(Exim \$version_number)/; - s/^((\s*).*considering: with \$received_protocol }})\(Exim \$version_number\)$/$1\${if def:tls_in_cipher_std { tls \$tls_in_cipher_std\n$2\t}}(Exim \$version_number)/; - if (/condition: def:tls_in_cipher_std$/) + # Non-TLS builds have a different default Recieved: header expansion + s/^((.*)\t}}}}by \$primary_hostname \$\{if def:received_protocol \{with \$received_protocol }})\(Exim \$version_number\)$/$1\${if def:tls_in_ver { (\$tls_in_ver)}}\${if def:tls_in_cipher_std { tls \$tls_in_cipher_std\n$2\t}}(Exim \$version_number)/; + s/^((\s*).*considering: with \$received_protocol }})\(Exim \$version_number\)$/$1\${if def:tls_in_ver { (\$tls_in_ver)}}\${if def:tls_in_cipher_std { tls \$tls_in_cipher_std\n$2\t}}(Exim \$version_number)/; + if (/condition: def:tls_in_ver$/) { $_= ; $_= ; $_= ; $_= ; $_= ; $_= ; $_= ; $_= ; - $_= ; $_= ; $_= ; next; + $_= ; $_= ; $_= ; $_= ; + $_= ; $_= ; $_= ; $_= ; + $_= ; $_= ; $_= ; $_= ; $_= ; next; } @@ -1241,6 +1272,15 @@ RESET_AFTER_EXTRA_LINE_READ: s/^(\s*\d+|ppppp) \@?(.*exim_daemon_notify)$/ppppp $2/; next if /unlinking notifier socket/; + # daemon notifier socket + # Timing variance over runs. Collapse repeated memssages. + if (/notify triggered queue run/) + { + my $line = $_; + while (/notify triggered queue run/) { $_ = ; } + $_ = $line . $_; + } + # DISABLE_OCSP next if /in hosts_requ(est|ire)_ocsp\? (no|yes)/; @@ -1256,6 +1296,9 @@ RESET_AFTER_EXTRA_LINE_READ: # Experimental_REQUIRETLS next if / in tls_advertise_requiretls?\? no \(end of list\)/; + # Experimental_LIMITS + next if / in limits_advertise_hosts?\? no \(matched "!\*"\)/; + # TCP Fast Open next if /^(ppppp )?setsockopt FASTOPEN: Network Error/; @@ -1263,7 +1306,7 @@ RESET_AFTER_EXTRA_LINE_READ: next if /\w+ in keep_environment\? (yes|no)/; # Sizes vary with test hostname - s/^cmd buf flush \d+ bytes$/cmd buf flush ddd bytes/; + s/^cmd buf flush \d+ bytes/cmd buf flush ddd bytes/; # Spool filesystem free space changes on different systems. s/^((?:spool|log) directory space =) -?\d+K (inodes =)\s*-?\d+/$1 nnnnnK $2 nnnnn/; @@ -1293,14 +1336,6 @@ RESET_AFTER_EXTRA_LINE_READ: next if /^date:\w+,\{SP\}/; next if /^DKIM \[[^[]+\] (Header hash|b) computed:/; - # Timing variable over runs. Collapse repeated memssages. - if (/notify triggered queue run/) - { - my $line = $_; - while (/notify triggered queue run/) { $_ = ; } - $_ = $line . $_; - } - # Not all platforms support TCP Fast Open, and the compile omits the check if (s/\S+ in hosts_try_fastopen\? (no \(option unset\)|no \(end of list\)|yes \(matched "\*"\))\n$//) { @@ -1471,6 +1506,13 @@ RESET_AFTER_EXTRA_LINE_READ: # Platform differences in errno strings s/Arg list too long/Argument list too long/; + + # OpenSSL vs. GnuTLS + s/session: \K\((SSL_connect|gnutls_handshake)\): timed out/(tls lib connect fn): timed out/; + s/TLS error on connection from .*\K\((SSL_accept|gnutls_handshake)\): timed out/(tls lib accept fn): timed out/; + s/TLS error on connection from .*\K(SSL_accept: TCP connection closed by peer|\(gnutls_handshake\): The TLS connection was non-properly terminated.)/(tls lib accept fn): TCP connection closed by peer/; + s/TLS session: \K\(gnutls_handshake\): No supported application protocol could be negotiated/(SSL_connect): error: <>/; + s/\(gnutls_handshake\): No common application protocol could be negotiated./(SSL_accept): error: <>/; } # ======== mail ======== @@ -1771,7 +1813,7 @@ if (-e $sf_current) if (-s $mf) { my $sf = /^u/i ? $sf_current : $sf_flavour; - tests_exit(-1, "Failed to cp $mf $sf") if system("cp '$mf' '$sf'") != 0; + copy($mf, $sf) or tests_exit(-1, "Failed to copy $mf $sf"); } else { @@ -2134,7 +2176,7 @@ if ($debug) $prcmd =~ s/; /;\n>> /; print ">> $prcmd\n"; } -system("$cmd"); +system($cmd); } @@ -2792,8 +2834,9 @@ else { tests_exit(-1, "Command unrecognized in line $lineno: $_"); } # Run the command, with stdin connected to a pipe, and write the stdin data -# to it, with appropriate substitutions. If a line ends with \NONL\, chop off -# the terminating newline (and the \NONL\). If the command contains +# to it, with appropriate substitutions. If a starts with '>>> ', process it +# via Perl's string eval(). +# If the command contains # -DSERVER=server add "-server" to the command, where it will adjoin the name # for the stderr file. See comment above about the use of -DSERVER. @@ -2802,12 +2845,29 @@ print ">> |${cmd}${stderrsuffix}\n" if ($debug); open CMD, "|${cmd}${stderrsuffix}" || tests_exit(1, "Failed to run $cmd"); CMD->autoflush(1); -while (