X-Git-Url: https://git.exim.org/exim.git/blobdiff_plain/e7c3638eeaa194613d5c551382aded17da9b2be0..92914be2140997c19f610d7f5f17fa0d9c347b9c:/test/runtest diff --git a/test/runtest b/test/runtest index 9fef60820..1ed0ad73a 100755 --- a/test/runtest +++ b/test/runtest @@ -254,9 +254,11 @@ die "** runtest error: $_[1]\n"; sub new_value { my($oldid, $base, $sequence) = @_; my($newid) = $cache{$oldid}; +print ">> replace $oldid -> $newid\n" if ($debug && defined $newid); if (! defined $newid) { $newid = sprintf($base, $$sequence++); + print ">> new $oldid -> $newid\n" if $debug; $cache{$oldid} = $newid; } return $newid; @@ -342,7 +344,7 @@ return @yield; # into the same standard values throughout the data from a single test. # Message ids get this treatment (can't be made reliable for times), and # times in dumped retry databases are also handled in a special way, as are -# incoming port numbers. +# incoming port numbers and PIDs. # On entry to the subroutine, the file to write to is already opened with the # name MUNGED. The input file name is the only argument to the subroutine. @@ -385,11 +387,23 @@ $spid = "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx"; LINE: while() { RESET_AFTER_EXTRA_LINE_READ: + if ($munge_skip) + { + # Munging is a no-op, except for exim_msgdate specials. + # Useful when testing exim_msgdate so that + # we compare unmunged dates and message-ids. + s%^localhost \d+ from message-id != given number \d+ at \K/.+(?=/test/eximdir/exim_msgdate line 387.$)%DIR%; + + print MUNGED; + next; + } + # Custom munges if ($extra) { next if $extra =~ m%^/% && eval $extra; eval $extra if $extra =~ m/^s/; + eval substr($extra, 1) if $extra =~ m/^R/; } # Check for "*** truncated ***" @@ -411,9 +425,12 @@ RESET_AFTER_EXTRA_LINE_READ: # patchexim should have fixed this for us #s/Exim \K\d+[._]\d+[\w_-]*/x.yz/i; - # Replace Exim message ids by a unique series + # Replace Exim message ids by a unique series. + # Both old and new formats, with separate replace series, for now. s/(\d[^\W_]{5}-[^\W_]{6}-[^\W_]{2}) - /new_value($1, "10Hm%s-0005vi-00", \$next_msgid)/egx; + /new_value($1, "10Hm%s-0005vi-00", \$next_msgid_old)/egx; + s/(\d[^\W_]{5}-[^\W_]{11}-[^\W_]{4}) + /new_value($1, "10Hm%s-000000005vi-0000", \$next_msgid)/egx; # The names of lock files appear in some error and debug messages s/\.lock(\.[-\w]+)+(\.[\da-f]+){2}/.lock.test.ex.dddddddd.pppppppp/; @@ -507,7 +524,7 @@ RESET_AFTER_EXTRA_LINE_READ: # Date/time in logs and in one instance of a filter test s/^\d{4}-\d\d-\d\d\s\d\d:\d\d:\d\d(\s[+-]\d\d\d\d)?\s/1999-03-02 09:44:33 /gx; - s/^\d{4}-\d\d-\d\d\s\d\d:\d\d:\d\d\.\d{3}(\s[+-]\d\d\d\d)?\s/2017-07-30 18:51:05.712 /gx; + s/^\d{4}-\d\d-\d\d\s\d\d:\d\d:\d\d\.\d{3}(?:\s(?:[+-]\d\d\d\d|[A-Z]{2}T))?\s/2017-07-30 18:51:05.712 /gx; s/^Logwrite\s"\d{4}-\d\d-\d\d\s\d\d:\d\d:\d\d/Logwrite "1999-03-02 09:44:33/gx; # Date/time in syslog test s/^SYSLOG:\s\'\K\d{4}-\d\d-\d\d\s\d\d:\d\d:\d\d\s/2017-07-30 18:51:05 /gx; @@ -748,6 +765,7 @@ RESET_AFTER_EXTRA_LINE_READ: s/\bgid=\d+/gid=gggg/; s/\begid=\d+/egid=gggg/; s/\b(?:pid=|pid\s|PID:\s|Process\s|child\s)\K(\d+)/new_value($1, "p%s", \$next_pid)/gxe; + s/ Ci=\K(\d+)/new_value($1, "p%s", \$next_pid)/gxe; s/\buid=\d+/uid=uuuu/; s/\beuid=\d+/euid=uuuu/; s/set_process_info:\s+\d+/set_process_info: pppp/; @@ -794,7 +812,7 @@ RESET_AFTER_EXTRA_LINE_READ: } # Port in host address in spool file output from -Mvh - s/^(--?host_address) (.*)\.\d+/$1 $2.9999/; + s/^(--?host_address) (.*[:.])\d+$/$1 ${2}9999/; if ($dynamic_socket and $dynamic_socket->opened and my $port = $dynamic_socket->sockport) { s/^Connecting to 127\.0\.0\.1 port \K$port//; @@ -835,10 +853,10 @@ RESET_AFTER_EXTRA_LINE_READ: # ======== IP error numbers and messages ======== # These vary between operating systems - s/Can(no|')t assign requested address/Network Error/; + s/Can(no|')t assign requested address/Netwk addr not available/; s/Operation timed out/Connection timed out/; s/Address family not supported by protocol family/Network Error/; - s/Network( is)? unreachable/Network Error/; + s/Network( is)? unreachable/Network unreachable/; s/Invalid argument/Network Error/; s/\(\d+\): Network/(dd): Network/; @@ -874,7 +892,7 @@ RESET_AFTER_EXTRA_LINE_READ: s/([\s,])S=\d+\b/$1S=sss/; s/:S\d+\b/:Ssss/; - s/^(\s*\d+m\s+)\d+(\s+[a-z0-9-]{16} <)/$1sss$2/i if $is_stdout; + s/^(\s*\d+[mhd]\s+)\d+(\s+(?:[a-z0-9-]{23}|[a-z0-9-]{18}) <)/TTT sss$2/i if $is_stdout; s/\sSIZE=\d+\b/ SIZE=ssss/; s/\ssize=\d+\b/ size=sss/ if $is_stderr; s/old size = \d+\b/old size = sssss/; @@ -918,6 +936,11 @@ RESET_AFTER_EXTRA_LINE_READ: # OpenSSL 3.0.0 s/TLS error \(D-H param setting .* error:\K.*dh key too small/xxxxxxxx:SSL routines::dh key too small/; + # OpenSSL 1.1.1 + s/error:\K0B080074:x509 certificate routines:X509_check_private_key(?=:key values mismatch$)/05800074:x509 certificate routines:/; + s/error:\K02001002:system library:fopen(?=:No such file or directory$)/80000002:system library:/; + s/error:\K0909006C:PEM routines:get_name(?=:no start line$)/0480006C:PEM routines:/; + # ======== Maildir things ======== # timestamp output in maildir processing s/(timestamp=|\(timestamp_only\): )\d+/$1ddddddd/g; @@ -1033,6 +1056,8 @@ RESET_AFTER_EXTRA_LINE_READ: # DMARC is not always supported by the build next if /^dmarc_tld_file =/; + # timestamp in dmarc history file + s/received \K\d{10}$/1692480217/; # ARC is not always supported by the build next if /^arc_sign =/; @@ -1043,9 +1068,13 @@ RESET_AFTER_EXTRA_LINE_READ: # TLS resumption is not always supported by the build next if /^tls_resumption_hosts =/; next if /^-tls_resumption/; + next if /^host_name_extract = /; # gsasl library version may not support some methods s/250-AUTH ANONYMOUS PLAIN SCRAM-SHA-1\K SCRAM-SHA-256//; + + # mailq times change with when the run is done, vs. static-source spoolfiles + s/\s*\d*[hd](?= 317 [0-9A-Za-z\-]{23} )/DDd/; } # ======== stderr ======== @@ -1076,12 +1105,10 @@ RESET_AFTER_EXTRA_LINE_READ: ) /x; - # Lines with a leading pid - s/^(\d+)\s(?!(?:previous message|in\s))/new_value($1, "p%s", \$next_pid) . ' '/e; + # Lines with a leading pid. Only handle >= 4-digit PIDs to avoid converting SMTP respose codes + s/^\s*(\d{4,})\s(?!(?:previous message|in\s|bytes remain in|SMTP accept process running))/new_value($1, "p%s", \$next_pid) . ' '/e; # Debugging lines for Exim terminations and process-generation - - s/^\s*\K(\d+)(?=\sexec\s.*\s-oPX$)/new_value($1, "%s", \$next_pid)/xe; next if /(?:postfork: | fork(?:ing|ed) for )/; # IP address lookups use gethostbyname() when IPv6 is not supported, @@ -1096,12 +1123,12 @@ RESET_AFTER_EXTRA_LINE_READ: next if /^Reset TZ to/; # port numbers - s/(?:\[[^\]]*\]:|port )\K$parm_port_d/PORT_D/; - s/(?:\[[^\]]*\]:|port )\K$parm_port_d2/PORT_D2/; - s/(?:\[[^\]]*\]:|port )\K$parm_port_d3/PORT_D3/; - s/(?:\[[^\]]*\]:|port )\K$parm_port_d4/PORT_D4/; - s/(?:\[[^\]]*\]:|port )\K$parm_port_s/PORT_S/; - s/(?:\[[^\]]*\]:|port )\K$parm_port_n/PORT_N/; + s/(?:\[[^\]]*\]:|V4NET\.0\.0\.0:|localhost::?|127\.0\.0\.1[.:]:?|port[= ])\K$parm_port_d/PORT_D/; + s/(?:\[[^\]]*\]:|V4NET\.0\.0\.0:|localhost::?|127\.0\.0\.1[.:]:?|port[= ])\K$parm_port_d2/PORT_D2/; + s/(?:\[[^\]]*\]:|V4NET\.0\.0\.0:|localhost::?|127\.0\.0\.1[.:]:?|port[= ])\K$parm_port_d3/PORT_D3/; + s/(?:\[[^\]]*\]:|V4NET\.0\.0\.0:|localhost::?|127\.0\.0\.1[.:]:?|port[= ])\K$parm_port_d4/PORT_D4/; + s/(?:\[[^\]]*\]:|V4NET\.0\.0\.0:|localhost::?|127\.0\.0\.1[.:]:?|port[= ])\K$parm_port_s/PORT_S/; + s/(?:\[[^\]]*\]:|V4NET\.0\.0\.0:|localhost::?|127\.0\.0\.1[.:]:?|port[= ])\K$parm_port_n/PORT_N/; # ========= Exim lookups ================== # Lookups have a char which depends on the number of lookup types compiled in, @@ -1115,6 +1142,8 @@ RESET_AFTER_EXTRA_LINE_READ: # and unwanted debug next if /^GnuTLS<2>: FIPS140-2 (context is not set|operation mode switched from initial to not-approved)$/; next if /^GnuTLS<3>: ASSERT: sign.c\[_gnutls_sign_is_secure2\]:\d+$/; + next if /^GnuTLS<3>: ASSERT: \.\.\/\.\.\/lib\/pkcs11.c\[find_multi_objs_cb\]:/; + next if /^GnuTLS<3>: ASSERT: \.\.\/\.\.\/lib\/pkcs11.c\[gnutls_pkcs11_obj_list_import_url3\]:/; # drop openssl version strings next if /OpenSSL compile-time version: OpenSSL \d+[\.\da-z]+/; @@ -1126,10 +1155,10 @@ RESET_AFTER_EXTRA_LINE_READ: # TLS preload # only OpenSSL speaks of these - next if /^TLS: (preloading (DH params|ECDH curve|CA bundle) for server|generating selfsigned server cert)/; - next if /^Diffie-Hellman initialized from default/; - next if /^ECDH OpenSSL (< )?[\d.+]+: temp key parameter settings:/; - next if /^ECDH: .*'prime256v1'/; + next if /^TLS: (preloading (DH params \S+|ECDH curve \S+|CA bundle) for server|generating selfsigned server cert)/; + next if /^ Diffie-Hellman initialized from default/; + next if /^ ECDH OpenSSL (< )?[\d.+]+: temp key parameter settings:/; + next if /^ ECDH: .*'prime256v1'/; next if /^tls_verify_certificates: system$/; next if /^tls_set_watch: .*\/cert.pem/; next if /^Generating 2048 bit RSA key/; @@ -1164,6 +1193,9 @@ RESET_AFTER_EXTRA_LINE_READ: next if /^TLS: not preloading (CA bundle|cipher list) for server$/; next if /^TLS: not preloading server certs$/; + # some plaatforms are missing the standard CA bundle file + next if /^tls_set_watch\(\) fail on '\/usr\/lib\/ssl\/cert.pem': No such file or directory$/; + # drop lookups next if /^$time_pid?(?: Lookups\ \(built-in\): | Loading\ lookup\ modules\ from @@ -1248,6 +1280,7 @@ RESET_AFTER_EXTRA_LINE_READ: # Skip tls_advertise_hosts and hosts_require_tls checks when the options # are unset, because tls ain't always there. + next if /^((>>>)?\s*host)? in tls_advertise_hosts\?$/; next if /in\s(?:tls_advertise_hosts\?|hosts_require_tls\?) \sno\s\((option\sunset|end\sof\slist)\)/x; @@ -1319,9 +1352,7 @@ RESET_AFTER_EXTRA_LINE_READ: next if /in\shosts_require_dane\?\sno\s\(option\sunset\)/x; # daemon notifier socket - s/^(\s*\d+|ppppp) (creating notifier socket)$/ppppp $2/; - s/^ \@(.*exim_daemon_notify)$/ $1/; - s/^(\s*\d+|ppppp) \@?(.*exim_daemon_notify)$/ppppp $2/; + s% \@(?=[^ @]+/spool/exim_daemon_notify$)% %; next if /unlinking notifier socket/; # daemon notifier socket @@ -1335,6 +1366,9 @@ RESET_AFTER_EXTRA_LINE_READ: # Different builds will have different lookup types included s/^\s*search_type \K\d+ \((\w+)\) quoting -1 \(none\)$/NN ($1) quoting -1 (none)/; + # and different numbers of lookup types result in different type-code letters, + # so convert them all to "0" + s%(?>>)?\s*host in pipelining_connect_advertise_hosts\?$/ ) + { + $_ = ; + while ( /^(>>>)?\s*list element:/ ) { $_ = ; } + goto RESET_AFTER_EXTRA_LINE_READ; + } + next if / in (?:pipelining_connect_advertise_hosts|hosts_pipe_connect)?\? no /; # Experimental_International next if / in smtputf8_advertise_hosts\? no \(option unset\)/; @@ -1352,11 +1392,25 @@ RESET_AFTER_EXTRA_LINE_READ: next if / in tls_advertise_requiretls?\? no \(end of list\)/; # Experimental_LIMITS + if ( /^((>>>)?\s*host)? in limits_advertise_hosts\?$/ ) + { + $_ = ; + while ( /^(>>>)?\s*list element: !\*$/ ) { $_ = ; } + goto RESET_AFTER_EXTRA_LINE_READ; + } next if / in limits_advertise_hosts?\? no \(matched "!\*"\)/; + # Experimental_XCLIENT + next if / in hosts_xclient?\? no \(option unset\)/; + # TCP Fast Open next if /^(ppppp )?setsockopt FASTOPEN: Network Error/; + # DISABLE_TLS_RESUME + # TLS resumption is not always supported by the build + next if /in tls_resumption_hosts\?/; + next if /RE '.outlook.com/; + # Environment cleaning next if /\w+ in keep_environment\? (yes|no)/; @@ -1442,13 +1496,12 @@ RESET_AFTER_EXTRA_LINE_READ: # Postgres version-dependent differences s/^initdb: warning: (enabling "trust" authentication for local connections)$/\nWARNING: $1/; + # Postgre DB server PID + s/ \[\d+\] (?=(LOG: redirecting log|HINT: Future log output))/ [pppp] /; # Not all builds include DMARC next if /^DMARC: no (dmarc_tld_file|sender_host_address)$/ ; - # TLS resumption is not always supported by the build - next if /in tls_resumption_hosts\?/; - # Platform differences in errno strings s/ SMTP\(Operation timed out\)</; + # When Exim is checking the size of directories for maildir, it uses # the check_dir_size() function to scan directories. Of course, the order # of the files that are obtained using readdir() varies from system to @@ -1501,13 +1557,15 @@ RESET_AFTER_EXTRA_LINE_READ: # CHUNKING: exact sizes depend on hostnames in headers s/(=>.* K C="250- \d)\d+ (byte chunk, total \d)\d+/$1nn $2nn/; - # openssl version variances - s/(TLS error on connection [^:]*: error:)[0-9A-F]{8}(:system library):(?:fopen|func\(4095\)):(No such file or directory)$/$1xxxxxxxx$2:fopen:$3/; - s/(DANE attempt failed.*error:)[0-9A-F]{8}(:SSL routines:)(?:(?i)ssl3_get_server_certificate|tls_process_server_certificate|CONNECT_CR_CERT)(?=:certificate verify failed$)/$1xxxxxxxx$2ssl3_get_server_certificate/; + # OpenSSL version variances + s/(TLS error on connection [^:]*: error:)[0-9A-F]{8}(:system library):(?:fopen|func\(4095\)|):(No such file or directory)$/$1xxxxxxxx$2:fopen:$3/; + next if /TLS error \(SSL_read\): .*error:0A000126:SSL routines::unexpected eof while reading$/ ; + s/EVDATA: \K\(SSL_accept\): error:0A000126:SSL routines::unexpected eof while reading/SSL_accept: TCP connection closed by peer/; + s/(DANE attempt failed.*error:)[0-9A-F]{8}(:SSL routines:)(?:(?i)ssl3_get_server_certificate|tls_process_server_certificate|CONNECT_CR_CERT|)(?=:certificate verify failed$)/$1xxxxxxxx$2ssl3_get_server_certificate/; s/(DKIM: validation error: )error:[0-9A-F]{8}:rsa routines:(?:(?i)int_rsa_verify|CRYPTO_internal):(?:bad signature|algorithm mismatch)$/$1Public key signature verification has failed./; s/ARC: AMS signing: privkey PEM-block import: error:\K[0-9A-F]{8}:(PEM routines):get_name:(no start line)/0906D06C:$1:PEM_read_bio:$2/; - # gnutls version variances + # GnuTLS version variances if (/TLS error on connection \(recv\): .* (Decode error|peer did not send any certificate)/) { my $prev = $_; @@ -1520,8 +1578,10 @@ RESET_AFTER_EXTRA_LINE_READ: else { $_ = $prev; } } - # translate gnutls error into the openssl one + # translate GnuTLS error into the OpenSSL one s/ARC: AMS signing: privkey PEM-block import: \KThe requested data were not available.$/error:0906D06C:PEM routines:PEM_read_bio:no start line/; + # and then both into the OpenSSL 3.x one + s/ARC: AMS signing: privkey PEM-block import: error:\K[0-9A-F]{8}:PEM routines:PEM_read_bio:no start line$/1E08010C:DECODER routines::unsupported/; # DKIM timestamps if ( /(DKIM: d=.*) t=([0-9]*) x=([0-9]*) / ) @@ -1533,6 +1593,9 @@ RESET_AFTER_EXTRA_LINE_READ: s/signer: [^ ]* bits:\K 256/ 253/; s/public key too short:\K 256 bits/ 253 bits/; + # with GnuTLS we cannot log single bad ALPN. So ignore the with-OpenSSL log line. + # next if /TLS ALPN (http) rejected$/; + # port numbers s/(?:\[[^\]]*\]:|port )\K$parm_port_d/PORT_D/; s/(?:\[[^\]]*\]:|port )\K$parm_port_d2/PORT_D2/; @@ -1552,7 +1615,7 @@ RESET_AFTER_EXTRA_LINE_READ: s/session: \K\((SSL_connect|gnutls_handshake)\): timed out/(tls lib connect fn): timed out/; s/TLS error on connection from .*\K\((SSL_accept|gnutls_handshake)\): timed out/(tls lib accept fn): timed out/; s/TLS error on connection from .*\K(SSL_accept: TCP connection closed by peer|\(gnutls_handshake\): The TLS connection was non-properly terminated.)/(tls lib accept fn): TCP connection closed by peer/; - s/TLS session: \K\(gnutls_handshake\): No supported application protocol could be negotiated/(SSL_connect): error: <>/; + s/TLS session: \K\(gnutls_handshake\): rxd alert: No supported application protocol could be negotiated/(SSL_connect): error: <>/; s/\(gnutls_handshake\): No common application protocol could be negotiated./(SSL_accept): error: <>/; } @@ -1804,13 +1867,13 @@ if (-e $sf_current) for (my $i = 0; $i < @munged; $i++) { - if ($munged[$i] =~ /^[-\d]{10}\s[:\d]{8}\s[-A-Za-z\d]{16}\s[-=*]>/) + if ($munged[$i] =~ /^[-\d]{10}\s[:\d]{8}(\.\d{3})?\s[-A-Za-z\d]{23}\s[-=*]>/) { my $j; for ($j = $i + 1; $j < @munged; $j++) { last if $munged[$j] !~ - /^[-\d]{10}\s[:\d]{8}\s[-A-Za-z\d]{16}\s[-=*]>/; + /^[-\d]{10}\s[:\d]{8}(\.\d{3})?\s[-A-Za-z\d]{23}\s[-=*]>/; } @temp = splice(@munged, $i, $j - $i); @temp = sort(@temp); @@ -1880,7 +1943,8 @@ return 2; # Usable files are: # paniclog, rejectlog, mainlog, stdout, stderr, msglog, mail # Search strings starting with 's' do substitutions; -# with '/' do line-skips. +# with '/' do line-skips, +# with 'R' run given code. # Triggered by a scriptfile line "munge " ################################################## $munges = @@ -1927,7 +1991,13 @@ $munges = }, 'optional_dsn_info' => - { 'mail' => '/^(X-(Remote-MTA-(smtp-greeting|helo-response)|Exim-Diagnostic|(body|message)-linecount):|Remote-MTA: X-ip;)/' + { 'mail' => 'Rif (/^(X-(Remote-MTA-(smtp-greeting|helo-response)|Exim-Diagnostic|(body|message)-linecount):|Remote-MTA: X-ip;)/) { + while (1) { + $_ = ; + next if /^ /; + goto RESET_AFTER_EXTRA_LINE_READ; + } + }' }, 'optional_config' => @@ -2136,9 +2206,15 @@ if (! $msglog_skip) foreach $msglog (@msglogs) { next if ($msglog eq "." || $msglog eq ".." || $msglog eq "CVS"); + ($munged_msglog = $msglog) =~ s/((?:[^\W_]{6}-){2}[^\W_]{2}) - /new_value($1, "10Hm%s-0005vi-00", \$next_msgid)/egx; + /new_value($1, "10Hm%s-0005vi-00", \$next_msgid_old)/egx; + + $munged_msglog =~ + s/([^\W_]{6}-[^\W_]{11}-[^\W_]{4}) + /new_value($1, "10Hm%s-000000005vi-0000", \$next_msgid)/egx; + $yield = max($yield, check_file("spool/msglog/$msglog", undef, "test-msglog-munged", "msglog/$testno.$munged_msglog", 0, $munge->{msglog})); @@ -2250,10 +2326,11 @@ my($yield) = 1; our %ENV = map { $_ => $ENV{$_} } grep { /^(?:USER|SHELL|PATH|TERM|EXIM_TEST_.*)$/ } keys %ENV; -if (/^(\d+)\s*$/) # Handle unusual return code +if (/^(\d+)\s*(?:([A-Z]+)=(\S+))?$/) # Handle unusual return code { my($r) = $_[2]; $$r = $1 << 8; + $ENV{$2} = $3 if (defined $2); $_ =