X-Git-Url: https://git.exim.org/exim.git/blobdiff_plain/8f8950c344cc3aa27efa0230519708aacc2de0fd..d341f2a27e689098e23c4eae2f78b59d053d5060:/test/runtest diff --git a/test/runtest b/test/runtest index 8f8767af4..7893dcbd7 100755 --- a/test/runtest +++ b/test/runtest @@ -491,8 +491,8 @@ RESET_AFTER_EXTRA_LINE_READ: s/^\d{4}-\d\d-\d\d\s\d\d:\d\d:\d\d\.\d{3}(\s[+-]\d\d\d\d)?\s/2017-07-30 18:51:05.712 /gx; s/^Logwrite\s"\d{4}-\d\d-\d\d\s\d\d:\d\d:\d\d/Logwrite "1999-03-02 09:44:33/gx; - s/((D|[QD]T)=)\d+s/$1qqs/g; - s/((D|[QD]T)=)\d\.\d{3}s/$1q.qqqs/g; + s/((D|[RQD]T)=)\d+s/$1qqs/g; + s/((D|[RQD]T)=)\d\.\d{3}s/$1q.qqqs/g; # Date/time in message separators s/(?:[A-Z][a-z]{2}\s){2}\d\d\s\d\d:\d\d:\d\d\s\d\d\d\d @@ -545,16 +545,23 @@ RESET_AFTER_EXTRA_LINE_READ: # negotiating TLS 1.2 instead of 1.0. # Mail headers (...), log-lines X=..., client-ssl output ... # (and \b doesn't match between ' ' and '(' ) + # + # Retain the authentication algorith field as we want to test that. s/( (?: (?:\b|\s) [\(=] ) | \s )TLSv1\.[12]:/$1TLSv1:/xg; - s/\bAES128-GCM-SHA256:128\b/AES256-SHA:256/g; - s/\bAES128-GCM-SHA256\b/AES256-SHA/g; - s/\bAES256-GCM-SHA384\b/AES256-SHA/g; - s/\bDHE-RSA-AES256-SHA\b/AES256-SHA/g; + s/((EC)?DHE-)?(RSA|ECDSA)-AES(128|256)-(GCM-SHA(256|384)|SHA)(?!:)/ke-$3-AES256-SHA/g; + s/((EC)?DHE-)?(RSA|ECDSA)-AES(128|256)-(GCM-SHA(256|384)|SHA):(128|256)/ke-$3-AES256-SHA:xxx/g; # LibreSSL + # TLSv1:AES256-GCM-SHA384:256 # TLSv1:ECDHE-RSA-CHACHA20-POLY1305:256 - s/\bECDHE-RSA-CHACHA20-POLY1305\b/AES256-SHA/g; + # + # ECDHE-RSA-CHACHA20-POLY1305 + # AES256-GCM-SHA384 + + s/(?.* K C="250- \d)\d+ (byte chunk, total \d)\d+/$1nn $2nn/; # openssl version variances - s/(TLS error on connection .*: error:)[0-9A-F]{8}(:system library):func\(4095\):(No such file or - directory)$/$1xxxxxxxx$2:fopen:$3/; + s/(TLS error on connection [^:]*: error:)[0-9A-F]{8}(:system library):(?:fopen|func\(4095\)):(No such file or directory)$/$1xxxxxxxx$2:fopen:$3/; + s/(DANE attempt failed.*error:)[0-9A-F]{8}(:SSL routines:)(ssl3_get_server_certificate|tls_process_server_certificate|CONNECT_CR_CERT)(?=:certificate verify failed$)/$1xxxxxxxx$2ssl3_get_server_certificate/; + s/(DKIM: validation error: )error:[0-9A-F]{8}:rsa routines:(?:(?i)int_rsa_verify|CRYPTO_internal):(?:bad signature|algorithm mismatch)$/$1Public key signature verification has failed./; } # ======== All files other than stderr ======== @@ -1539,6 +1563,7 @@ $munges = dkim_(canon|domain|private_key|selector|sign_headers|strict|hash|identity) |gnutls_require_(kx|mac|protocols) |hosts_(requ(est|ire)|try)_(dane|ocsp) + |dane_require_tls_ciphers |hosts_(avoid|nopass|noproxy|require|verify_avoid)_tls |socks_proxy |tls_[^ ]* @@ -2421,6 +2446,7 @@ elsif (/^background$/) $_ =