X-Git-Url: https://git.exim.org/exim.git/blobdiff_plain/efede11283a5825d0c6d7d200debf1e05b1cca64..ac6652c8a0ac69fc0f46d7f8535aa537cd609c94:/test/runtest diff --git a/test/runtest b/test/runtest index 27fe37199..0eda52d91 100755 --- a/test/runtest +++ b/test/runtest @@ -165,7 +165,7 @@ if (exists $TEST_STATE->{exim_pid}) { $pid = $TEST_STATE->{exim_pid}; print "Tidyup: killing wait-mode daemon pid=$pid\n"; - system("sudo kill -SIGINT $pid"); + system("sudo kill -INT $pid"); } if (opendir(DIR, "spool")) @@ -179,7 +179,7 @@ if (opendir(DIR, "spool")) chomp($pid = ); close(PID); print "Tidyup: killing daemon pid=$pid\n"; - system("sudo rm -f spool/$spool; sudo kill -SIGINT $pid"); + system("sudo rm -f spool/$spool; sudo kill -INT $pid"); } } else @@ -193,7 +193,8 @@ close(T); system("sudo /bin/rm -rf ./spool test-* ./dnszones/*") if ($rc == 0 && !$save_output); -system("sudo /bin/rm -rf ./eximdir/*"); +system("sudo /bin/rm -rf ./eximdir/*") + if (!$save_output); print "\nYou were in test $test at the end there.\n\n" if defined $test; exit $rc if ($rc >= 0); @@ -484,7 +485,7 @@ RESET_AFTER_EXTRA_LINE_READ: s/\d\d-[A-Z][a-z]{2}-\d{4}\s\d\d:\d\d:\d\d/07-Mar-2000 12:21:52/g; # Time on queue tolerance - s/QT=1s/QT=0s/; + s/(QT|D)=1s/$1=0s/; # Eximstats heading s/Exim\sstatistics\sfrom\s\d{4}-\d\d-\d\d\s\d\d:\d\d:\d\d\sto\s @@ -496,7 +497,9 @@ RESET_AFTER_EXTRA_LINE_READ: # different protocols; can't rely upon TLS 1.2's AES256-GCM-SHA384, so we # treat the standard algorithms the same. # So far, have seen: + # TLSv1:AES128-GCM-SHA256:128 # TLSv1:AES256-SHA:256 + # TLSv1.1:AES256-SHA:256 # TLSv1.2:AES256-GCM-SHA384:256 # TLSv1.2:DHE-RSA-AES256-SHA:256 # TLS1.2:DHE_RSA_AES_128_CBC_SHA1:128 @@ -506,11 +509,15 @@ RESET_AFTER_EXTRA_LINE_READ: # Mail headers (...), log-lines X=..., client-ssl output ... # (and \b doesn't match between ' ' and '(' ) - s/( (?: (?:\b|\s) [\(=] ) | \s )TLSv1\.2:/$1TLSv1:/xg; + s/( (?: (?:\b|\s) [\(=] ) | \s )TLSv1\.[12]:/$1TLSv1:/xg; + s/\bAES128-GCM-SHA256:128\b/AES256-SHA:256/g; + s/\bAES128-GCM-SHA256\b/AES256-SHA/g; s/\bAES256-GCM-SHA384\b/AES256-SHA/g; s/\bDHE-RSA-AES256-SHA\b/AES256-SHA/g; # GnuTLS have seen: + # TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256 + # TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128 # TLS1.2:RSA_AES_256_CBC_SHA1:256 (canonical) # TLS1.2:DHE_RSA_AES_128_CBC_SHA1:128 # @@ -519,12 +526,29 @@ RESET_AFTER_EXTRA_LINE_READ: # X=TLS1.1:RSA_AES_256_CBC_SHA1:256 # X=TLS1.0:DHE_RSA_AES_256_CBC_SHA1:256 # and as stand-alone cipher: + # ECDHE-RSA-AES256-SHA # DHE-RSA-AES256-SHA256 # DHE-RSA-AES256-SHA # picking latter as canonical simply because regex easier that way. s/\bDHE_RSA_AES_128_CBC_SHA1:128/RSA_AES_256_CBC_SHA1:256/g; - s/TLS1.[012]:(DHE_)?RSA_AES_256_CBC_SHA(1|256):256/TLS1.x:xxxxRSA_AES_256_CBC_SHAnnn:256/g; - s/\bDHE-RSA-AES256-SHA256\b/DHE-RSA-AES256-SHA/g; + s/TLS1.[012]:((EC)?DHE_)?RSA_AES_(256|128)_(CBC|GCM)_SHA(1|256|384):(256|128)/TLS1.x:xxxxRSA_AES_256_CBC_SHAnnn:256/g; + s/\b(ECDHE-RSA-AES256-SHA|DHE-RSA-AES256-SHA256)\b/AES256-SHA/g; + + # GnuTLS library error message changes + s/No certificate was found/The peer did not send any certificate/g; +#(dodgy test?) s/\(certificate verification failed\): invalid/\(gnutls_handshake\): The peer did not send any certificate./g; + s/\(gnutls_priority_set\): No or insufficient priorities were set/\(gnutls_handshake\): Could not negotiate a supported cipher suite/g; + + # (this new one is a generic channel-read error, but the testsuite + # only hits it in one place) + s/TLS error on connection \(gnutls_handshake\): Error in the pull function\./a TLS session is required but an attempt to start TLS failed/g; + + # (replace old with new, hoping that old only happens in one situation) + s/TLS error on connection to \d{1,3}(.\d{1,3}){3} \[\d{1,3}(.\d{1,3}){3}\] \(gnutls_handshake\): A TLS packet with unexpected length was received./a TLS session is required for ip4.ip4.ip4.ip4 [ip4.ip4.ip4.ip4], but an attempt to start TLS failed/g; + s/TLS error on connection from \[127.0.0.1\] \(recv\): A TLS packet with unexpected length was received./TLS error on connection from [127.0.0.1] (recv): The TLS connection was non-properly terminated./g; + + # signature algorithm names + s/RSA-SHA1/RSA-SHA/; # ======== Caller's login, uid, gid, home, gecos ======== @@ -539,7 +563,7 @@ RESET_AFTER_EXTRA_LINE_READ: s/\buid=$parm_caller_uid\b/uid=CALLER_UID/g; s/\bgid=$parm_caller_gid\b/gid=CALLER_GID/g; - s/\bname=$parm_caller_gecos\b/name=CALLER_GECOS/g; + s/\bname="?$parm_caller_gecos"?/name=CALLER_GECOS/g; # When looking at spool files with -Mvh, we will find not only the caller # login, but also the uid and gid. It seems that $) in some Perls gives all @@ -730,7 +754,7 @@ RESET_AFTER_EXTRA_LINE_READ: # numbers, or handle specific bad conditions in different ways, leading to # different wording in the error messages, so we cannot compare them. - s/(TLS error on connection (?:from|to) .*? \(SSL_\w+\): error:)(.*)/$1 <>/; + s/(TLS error on connection (?:from .* )?\(SSL_\w+\): error:)(.*)/$1 <>/; # ======== Maildir things ======== # timestamp output in maildir processing @@ -780,6 +804,10 @@ RESET_AFTER_EXTRA_LINE_READ: # other output is fragile; perhaps the debug output should be revised instead. s%(?" ################################################## $munges = { 'dnssec' => - { 'stderr' => '/^Reverse DNS security status: unverified\n/', }, + { 'stderr' => '/^Reverse DNS security status: unverified\n/' }, 'gnutls_unexpected' => - { 'mainlog' => '/\(recv\): A TLS packet with unexpected length was received./', }, + { 'mainlog' => '/\(recv\): A TLS packet with unexpected length was received./' }, 'gnutls_handshake' => - { 'mainlog' => 's/\(gnutls_handshake\): Error in the push function/\(gnutls_handshake\): A TLS packet with unexpected length was received/', }, + { 'mainlog' => 's/\(gnutls_handshake\): Error in the push function/\(gnutls_handshake\): A TLS packet with unexpected length was received/' }, + + 'optional_events' => + { 'stdout' => '/event_action =/' }, + + 'optional_ocsp' => + { 'stderr' => '/127.0.0.1 in hosts_requ(ire|est)_ocsp/' }, + + 'no_tpt_filter_epipe' => + { 'stderr' => '/^writing error 32: Broken pipe$/' }, + + 'optional_cert_hostnames' => + { 'stderr' => '/in tls_verify_cert_hostnames\? no/' }, }; @@ -1714,14 +1774,14 @@ if (/^killdaemon/) print ">> killdaemon: recovered pid $pid\n" if $debug; if ($pid) { - run_system("sudo /bin/kill -SIGINT $pid"); + run_system("sudo /bin/kill -INT $pid"); wait; } } else { $pid = `cat $parm_cwd/spool/exim-daemon.*`; if ($pid) { - run_system("sudo /bin/kill -SIGINT $pid"); + run_system("sudo /bin/kill -INT $pid"); close DAEMONCMD; # Waits for process } } @@ -1968,7 +2028,8 @@ elsif (/^([A-Z_]+=\S+\s+)?(\d+)?\s*(sudo\s+)?exim(_\S+)?\s+(.*)$/) for ($i = @msglist; $i > 0; $i--) { $args =~ s/\$msg$i/$msglist[$i-1]/g; } if ( $args =~ /\$msg\d/ ) { - tests_exit(-1, "Not enough messages in spool, for test $testno line $lineno\n"); + tests_exit(-1, "Not enough messages in spool, for test $testno line $lineno\n") + unless $force_continue; } } @@ -2681,7 +2742,7 @@ $pwcomm = $pwcomm; $parm_caller_group = getgrgid($parm_caller_gid); -print "Program caller is $parm_caller, whose group is $parm_caller_group\n"; +print "Program caller is $parm_caller ($parm_caller_uid), whose group is $parm_caller_group ($parm_caller_gid)\n"; print "Home directory is $parm_caller_home\n"; unless (defined $parm_eximgroup) @@ -2719,7 +2780,7 @@ while (($parm_ipv4 eq "" || $parm_ipv6 eq "") && ($_ = )) $_ =~ /^\s*inet(?:\saddr)?:?\s?(\d+\.\d+\.\d+\.\d+)\s/i) { $ip = $1; - next if ($ip eq "127.0.0.1"); + next if ($ip =~ /^127\./); $parm_ipv4 = $ip; } @@ -3325,9 +3386,20 @@ foreach $test (@test_list) undef %expected_msglogs; # Open the test's script - open(SCRIPT, "scripts/$test") || tests_exit(-1, "Failed to open \"scripts/$test\": $!"); + # Run through the script once to set variables which should be global + while (