git://git.exim.org
/
exim.git
/ commitdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
| commitdiff |
tree
raw
|
patch
|
inline
| side by side (from parent 1:
503e055
)
Testsuite: add cipher-suite seen on OpenBSD
author
Jeremy Harris
<jgh146exb@wizmail.org>
Fri, 13 Oct 2017 16:05:59 +0000
(17:05 +0100)
committer
Jeremy Harris
<jgh146exb@wizmail.org>
Fri, 13 Oct 2017 16:25:10 +0000
(17:25 +0100)
test/confs/2102
patch
|
blob
|
history
test/confs/2119
patch
|
blob
|
history
test/confs/2132
patch
|
blob
|
history
test/runtest
patch
|
blob
|
history
test/scripts/2100-OpenSSL/2102
patch
|
blob
|
history
test/scripts/2100-OpenSSL/2132
patch
|
blob
|
history
test/stdout/2102
patch
|
blob
|
history
diff --git
a/test/confs/2102
b/test/confs/2102
index 8b2083959934cce838c7c8e5fa7f796973fc49d0..58ff6fbaa8df2c949447ed3b96e7b2cec57d7c3f 100644
(file)
--- a/
test/confs/2102
+++ b/
test/confs/2102
@@
-40,7
+40,9
@@
check_recipient:
DHE_RSA_AES_256_CBC_SHA1 : \
DHE_RSA_3DES_EDE_CBC_SHA : \
ECDHE-RSA-AES256-GCM-SHA384 : \
DHE_RSA_AES_256_CBC_SHA1 : \
DHE_RSA_3DES_EDE_CBC_SHA : \
ECDHE-RSA-AES256-GCM-SHA384 : \
- ECDHE-RSA-AES128-GCM-SHA256
+ ECDHE-RSA-AES128-GCM-SHA256 : \
+ ECDHE-RSA-CHACHA20-POLY1305
+ logwrite = cipher: $tls_in_cipher
warn logwrite = ${if def:tls_in_ourcert \
{Our cert SN: <${certextract{subject}{$tls_in_ourcert}}>} \
{We did not present a cert}}
warn logwrite = ${if def:tls_in_ourcert \
{Our cert SN: <${certextract{subject}{$tls_in_ourcert}}>} \
{We did not present a cert}}
diff --git
a/test/confs/2119
b/test/confs/2119
index 26ae4c1bcf7eff21262ccd6e6b131931427e6b20..d55232d05dc51a8839b3058f22c1f5db982fc65c 100644
(file)
--- a/
test/confs/2119
+++ b/
test/confs/2119
@@
-39,7
+39,8
@@
check_recipient:
DHE_RSA_AES_256_CBC_SHA1:\
DHE_RSA_3DES_EDE_CBC_SHA:\
ECDHE-RSA-AES256-GCM-SHA384:\
DHE_RSA_AES_256_CBC_SHA1:\
DHE_RSA_3DES_EDE_CBC_SHA:\
ECDHE-RSA-AES256-GCM-SHA384:\
- ECDHE-RSA-AES128-GCM-SHA256
+ ECDHE-RSA-AES128-GCM-SHA256:\
+ ECDHE-RSA-CHACHA20-POLY1305
accept
accept
diff --git
a/test/confs/2132
b/test/confs/2132
index 7fb561bdc68e7dbcab021470817fd3e5bb8b3c1c..7e491b8a6a9b29ff34631e7cd8ec92485eacf0be 100644
(file)
--- a/
test/confs/2132
+++ b/
test/confs/2132
@@
-39,7
+39,8
@@
check_recipient:
DHE_RSA_AES_256_CBC_SHA1 : \
DHE_RSA_3DES_EDE_CBC_SHA : \
ECDHE-RSA-AES256-GCM-SHA384 : \
DHE_RSA_AES_256_CBC_SHA1 : \
DHE_RSA_3DES_EDE_CBC_SHA : \
ECDHE-RSA-AES256-GCM-SHA384 : \
- ECDHE-RSA-AES128-GCM-SHA256
+ ECDHE-RSA-AES128-GCM-SHA256 : \
+ ECDHE-RSA-CHACHA20-POLY1305
warn logwrite = ${if def:tls_in_ourcert \
{Our cert SN: <${certextract{subject}{$tls_in_ourcert}}>} \
{We did not present a cert}}
warn logwrite = ${if def:tls_in_ourcert \
{Our cert SN: <${certextract{subject}{$tls_in_ourcert}}>} \
{We did not present a cert}}
diff --git
a/test/runtest
b/test/runtest
index 0a514ad658a8c1da60e88fb74d439da0b8a53378..57526db19db82c6f51f4c65b882a2304c136efcd 100755
(executable)
--- a/
test/runtest
+++ b/
test/runtest
@@
-906,7
+906,7
@@
RESET_AFTER_EXTRA_LINE_READ:
s/CONNECT_CR_FINISHED/ssl3_read_bytes/i;
s/^\d+:error:\d+(?:E\d+)?(:SSL routines:ssl3_read_bytes:[^:]+:).*(:SSL alert number \d\d)$/pppp:error:dddddddd$1\[...\]$2/;
s/CONNECT_CR_FINISHED/ssl3_read_bytes/i;
s/^\d+:error:\d+(?:E\d+)?(:SSL routines:ssl3_read_bytes:[^:]+:).*(:SSL alert number \d\d)$/pppp:error:dddddddd$1\[...\]$2/;
- s/^(TLS error on connection .*):func\(4095
:\)(No such file or directory)$/$1:fopen:
/;
+ s/^(TLS error on connection .*):func\(4095
\):(No such file or directory)$/$1:fopen:$2
/;
# gnutls version variances
next if /^Error in the pull function./;
# gnutls version variances
next if /^Error in the pull function./;
diff --git
a/test/scripts/2100-OpenSSL/2102
b/test/scripts/2100-OpenSSL/2102
index cbb9ce393dd0b266cb83af9e2e297ef07b576548..bdf5496f6d483cfb98a4c65f2bb185b60736d4da 100644
(file)
--- a/
test/scripts/2100-OpenSSL/2102
+++ b/
test/scripts/2100-OpenSSL/2102
@@
-47,6
+47,7
@@
This is a test encrypted message.
quit
??? 221
****
quit
??? 221
****
+# nonloop addr conn rejected lacking cert
client-ssl HOSTIPV4 PORT_D
??? 220
ehlo rhu.barb
client-ssl HOSTIPV4 PORT_D
??? 220
ehlo rhu.barb
@@
-57,7
+58,10
@@
ehlo rhu.barb
??? 250-
??? 250
starttls
??? 250-
??? 250
starttls
-??? 220
+??? 220 TLS go ahead
++++ 1
+help
+??? 554
****
client-ssl HOSTIPV4 PORT_D DIR/aux-fixed/exim-ca/example.com/server2.example.com/server2.example.com.pem DIR/aux-fixed/exim-ca/example.com/server2.example.com/server2.example.com.unlocked.key
??? 220
****
client-ssl HOSTIPV4 PORT_D DIR/aux-fixed/exim-ca/example.com/server2.example.com/server2.example.com.pem DIR/aux-fixed/exim-ca/example.com/server2.example.com/server2.example.com.unlocked.key
??? 220
diff --git
a/test/scripts/2100-OpenSSL/2132
b/test/scripts/2100-OpenSSL/2132
index 620a63f57b50e1af55c7f3587c97016730fa5d66..4a12fb0bb344e0c178f46fe710d7b41c3cc50ea8 100644
(file)
--- a/
test/scripts/2100-OpenSSL/2132
+++ b/
test/scripts/2100-OpenSSL/2132
@@
-58,6
+58,9
@@
ehlo rhu.barb
??? 250
starttls
??? 220
??? 250
starttls
??? 220
++++ 1
+help
+??? 554
****
client-ssl HOSTIPV4 PORT_D DIR/aux-fixed/exim-ca/example.com/server1.example.com/server1.example.com.pem DIR/aux-fixed/exim-ca/example.com/server1.example.com/server1.example.com.unlocked.key
??? 220
****
client-ssl HOSTIPV4 PORT_D DIR/aux-fixed/exim-ca/example.com/server1.example.com/server1.example.com.pem DIR/aux-fixed/exim-ca/example.com/server1.example.com/server1.example.com.unlocked.key
??? 220
diff --git
a/test/stdout/2102
b/test/stdout/2102
index 0d96d12793b55d059a0eab020df676e4a74263ff..2df808595dc9fb9d27e8d71958e3d6483f1b48ff 100644
(file)
--- a/
test/stdout/2102
+++ b/
test/stdout/2102
@@
-93,11
+93,15
@@
Connecting to ip4.ip4.ip4.ip4 port 1225 ... connected
??? 250
<<< 250 HELP
>>> starttls
??? 250
<<< 250 HELP
>>> starttls
-??? 220
+??? 220
TLS go ahead
<<< 220 TLS go ahead
Attempting to start TLS
pppp:error:dddddddd:SSL routines:ssl3_read_bytes:sslv3 alert handshake failure:[...]:SSL alert number 40
Failed to start TLS
<<< 220 TLS go ahead
Attempting to start TLS
pppp:error:dddddddd:SSL routines:ssl3_read_bytes:sslv3 alert handshake failure:[...]:SSL alert number 40
Failed to start TLS
++++ 1
+>>> help
+??? 554
+<<< 554 Security failure
End of script
Connecting to ip4.ip4.ip4.ip4 port 1225 ... connected
Certificate file = TESTSUITE/aux-fixed/exim-ca/example.com/server2.example.com/server2.example.com.pem
End of script
Connecting to ip4.ip4.ip4.ip4 port 1225 ... connected
Certificate file = TESTSUITE/aux-fixed/exim-ca/example.com/server2.example.com/server2.example.com.pem