Testsuite: split testcase for non-OCSP build

author Jeremy Harris <jgh146exb@wizmail.org>

Sat, 20 Jul 2024 19:24:31 +0000 (20:24 +0100)

committer Jeremy Harris <jgh146exb@wizmail.org>

Sat, 20 Jul 2024 19:33:48 +0000 (20:33 +0100)
author Jeremy Harris <jgh146exb@wizmail.org>
Sat, 20 Jul 2024 19:24:31 +0000 (20:24 +0100)
committer Jeremy Harris <jgh146exb@wizmail.org>
Sat, 20 Jul 2024 19:33:48 +0000 (20:33 +0100)
diff --git a/test/confs/1102 b/test/confs/1102

index 23afc36ee5d8ff80a3d82e4f10c3a3ae15a7ddf2..c8379e0f4b9b318e785f83a596e5ace21662859d 100644 (file)
--- a/test/confs/1102
+++ b/test/confs/1102
@@ -1,4 +1,4 @@
-# Exim test configuration 1102
+# Exim test configuration 1102 & 5680
  
  .include DIR/aux-var/tls_conf_prefix
  
@@ -10,7 +10,9 @@ tls_advertise_hosts = *
  
  tls_certificate = DIR/tmp/certs/servercert
  tls_privatekey =  DIR/tmp/certs/serverkey
+.ifdef OPT
  tls_ocsp_file =   DIR/tmp/certs/ocsp_proof
+.endif
  
  #tls_verify_certificates = DIR/aux-fixed/cert2
  tls_verify_certificates = system,cache
diff --git a/test/confs/5680 b/test/confs/5680

new file mode 120000 (symlink)

index 0000000..4d64262
--- /dev/null
+++ b/test/confs/5680
@@ -0,0 +1 @@
+1102
+\ No newline at end of file
diff --git a/test/log/5680 b/test/log/5680

new file mode 100644 (file)

index 0000000..89933f7
--- /dev/null
+++ b/test/log/5680
@@ -0,0 +1,5 @@
+
+******** SERVER ********
+2017-07-30 18:51:05.712 exim x.yz daemon started: pid=p1234, no queue runs, listening for SMTP on port PORT_D
+2017-07-30 18:51:05.712 server cert: CN=server1.example.com
+2017-07-30 18:51:05.712 server cert: CN=server1.example.net
diff --git a/test/scripts/1100-Basic-TLS/1102 b/test/scripts/1100-Basic-TLS/1102

index 285b3be098dbae8210d785487794c3853ce8d5bc..a29ef0ba43c7a023e083ecade4c68c4f754363fb 100644 (file)
--- a/test/scripts/1100-Basic-TLS/1102
+++ b/test/scripts/1100-Basic-TLS/1102
@@ -1,15 +1,13 @@
  # TLS server: creds caching
  #
-#
  mkdir -p DIR/tmp/certs
  cp DIR/aux-fixed/exim-ca/example.com/server1.example.com/server1.example.com.pem            DIR/tmp/certs/servercert
  cp DIR/aux-fixed/exim-ca/example.com/server1.example.com/server1.example.com.unlocked.key   DIR/tmp/certs/serverkey
-cp DIR/aux-fixed/exim-ca/example.com/server1.example.com/server1.example.com.ocsp.good.resp DIR/tmp/certs/ocsp_proof
  #
  #exim -d-all+tls+receive+timestamp -DSERVER=server -bd -oX PORT_D
  exim -DSERVER=server -bd -oX PORT_D
  ****
-client-anytls -ocsp DIR/aux-fixed/exim-ca/example.com/server1.example.com/ca_chain.pem 127.0.0.1 PORT_D
+client-anytls 127.0.0.1 PORT_D
  ??? 220
  EHLO rhu.barb
  ????250
@@ -26,13 +24,11 @@ QUIT
  ****
  sleep 1
  # Now overwrite the cert
-# XXX using server2.com fails here, on the ocsp verify.  Why?
  cp DIR/aux-fixed/exim-ca/example.net/server1.example.net/server1.example.net.pem            DIR/tmp/certs/servercert
  cp DIR/aux-fixed/exim-ca/example.net/server1.example.net/server1.example.net.unlocked.key   DIR/tmp/certs/serverkey
-cp DIR/aux-fixed/exim-ca/example.net/server1.example.net/server1.example.net.ocsp.good.resp DIR/tmp/certs/ocsp_proof
  # The watch mech waits 5 sec after the last trigger, so give that time to expire then send another message
  sleep 7
-client-anytls -ocsp DIR/aux-fixed/exim-ca/example.net/server1.example.net/ca_chain.pem 127.0.0.1 PORT_D
+client-anytls 127.0.0.1 PORT_D
  ??? 220
  EHLO rhu.barb
  ????250
diff --git a/test/scripts/5680-OCSP/5680 b/test/scripts/5680-OCSP/5680

new file mode 100644 (file)

index 0000000..ac56b84
--- /dev/null
+++ b/test/scripts/5680-OCSP/5680
@@ -0,0 +1,54 @@
+# TLS server: creds caching, OCSP
+#
+#
+mkdir -p DIR/tmp/certs
+cp DIR/aux-fixed/exim-ca/example.com/server1.example.com/server1.example.com.pem            DIR/tmp/certs/servercert
+cp DIR/aux-fixed/exim-ca/example.com/server1.example.com/server1.example.com.unlocked.key   DIR/tmp/certs/serverkey
+cp DIR/aux-fixed/exim-ca/example.com/server1.example.com/server1.example.com.ocsp.good.resp DIR/tmp/certs/ocsp_proof
+#
+#exim -d-all+tls+receive+timestamp -DSERVER=server -DOPT=ocsp -bd -oX PORT_D
+exim -DSERVER=server -DOPT=ocsp -bd -oX PORT_D
+****
+client-anytls -ocsp DIR/aux-fixed/exim-ca/example.com/server1.example.com/ca_chain.pem 127.0.0.1 PORT_D
+??? 220
+EHLO rhu.barb
+????250
+STARTTLS
+??? 220
+EHLO rhu.barb
+????250
+MAIL FROM:<>
+RCPT TO:test@example.com
+??? 250
+??? 250
+QUIT
+??? 221
+****
+sleep 1
+# Now overwrite the cert
+# XXX using server2.com fails here, on the ocsp verify.  Why?
+cp DIR/aux-fixed/exim-ca/example.net/server1.example.net/server1.example.net.pem            DIR/tmp/certs/servercert
+cp DIR/aux-fixed/exim-ca/example.net/server1.example.net/server1.example.net.unlocked.key   DIR/tmp/certs/serverkey
+cp DIR/aux-fixed/exim-ca/example.net/server1.example.net/server1.example.net.ocsp.good.resp DIR/tmp/certs/ocsp_proof
+# The watch mech waits 5 sec after the last trigger, so give that time to expire then send another message
+sleep 7
+client-anytls -ocsp DIR/aux-fixed/exim-ca/example.net/server1.example.net/ca_chain.pem 127.0.0.1 PORT_D
+??? 220
+EHLO rhu.barb
+????250
+STARTTLS
+??? 220
+EHLO rhu.barb
+????250
+MAIL FROM:<>
+RCPT TO:test@example.com
+??? 250
+??? 250
+QUIT
+??? 221
+****
+#
+killdaemon
+#
+sudo rm -fr DIR/tmp
+no_msglog_check
diff --git a/test/scripts/5680-OCSP/REQUIRES b/test/scripts/5680-OCSP/REQUIRES

new file mode 100644 (file)

index 0000000..64054f6
--- /dev/null
+++ b/test/scripts/5680-OCSP/REQUIRES
@@ -0,0 +1,3 @@
+feature _HAVE_TLS
+support OCSP
+running IPv4
diff --git a/test/stdout/1102 b/test/stdout/1102

index 3803fb2a919b9b6420a80eb716ed7f8b1b1710c7..0e9c0b366300dc82c0c2a50416658de4c7ad01ad 100644 (file)
--- a/test/stdout/1102
+++ b/test/stdout/1102
@@ -7,8 +7,7 @@ Connecting to 127.0.0.1 port 1225 ... connected
  ??? 220
  <<< 220 TLS go ahead
  Attempting to start TLS
-OCSP status response: good signature
-Succeeded in starting TLS (with OCSP)
+Succeeded in starting TLS
  >>> EHLO rhu.barb
  ????250
  >>> MAIL FROM:<>
@@ -30,8 +29,7 @@ Connecting to 127.0.0.1 port 1225 ... connected
  ??? 220
  <<< 220 TLS go ahead
  Attempting to start TLS
-OCSP status response: good signature
-Succeeded in starting TLS (with OCSP)
+Succeeded in starting TLS
  >>> EHLO rhu.barb
  ????250
  >>> MAIL FROM:<>
diff --git a/test/stdout/5680 b/test/stdout/5680

new file mode 100644 (file)

index 0000000..3803fb2
--- /dev/null
+++ b/test/stdout/5680
@@ -0,0 +1,46 @@
+Connecting to 127.0.0.1 port 1225 ... connected
+??? 220
+<<< 220 myhost.test.ex ESMTP Exim x.yz Tue, 2 Mar 1999 09:44:33 +0000
+>>> EHLO rhu.barb
+????250
+>>> STARTTLS
+??? 220
+<<< 220 TLS go ahead
+Attempting to start TLS
+OCSP status response: good signature
+Succeeded in starting TLS (with OCSP)
+>>> EHLO rhu.barb
+????250
+>>> MAIL FROM:<>
+>>> RCPT TO:test@example.com
+??? 250
+<<< 250 OK
+??? 250
+<<< 250 Accepted
+>>> QUIT
+??? 221
+<<< 221 myhost.test.ex closing connection
+End of script
+Connecting to 127.0.0.1 port 1225 ... connected
+??? 220
+<<< 220 myhost.test.ex ESMTP Exim x.yz Tue, 2 Mar 1999 09:44:33 +0000
+>>> EHLO rhu.barb
+????250
+>>> STARTTLS
+??? 220
+<<< 220 TLS go ahead
+Attempting to start TLS
+OCSP status response: good signature
+Succeeded in starting TLS (with OCSP)
+>>> EHLO rhu.barb
+????250
+>>> MAIL FROM:<>
+>>> RCPT TO:test@example.com
+??? 250
+<<< 250 OK
+??? 250
+<<< 250 Accepted
+>>> QUIT
+??? 221
+<<< 221 myhost.test.ex closing connection
+End of script
author	Jeremy Harris <jgh146exb@wizmail.org>
	Sat, 20 Jul 2024 19:24:31 +0000 (20:24 +0100)
committer	Jeremy Harris <jgh146exb@wizmail.org>
	Sat, 20 Jul 2024 19:33:48 +0000 (20:33 +0100)
test/confs/1102		patch \| blob \| history
test/confs/5680	[new symlink]	patch \| blob
test/log/5680	[new file with mode: 0644]	patch \| blob
test/scripts/1100-Basic-TLS/1102		patch \| blob \| history
test/scripts/5680-OCSP/5680	[new file with mode: 0644]	patch \| blob
test/scripts/5680-OCSP/REQUIRES	[new file with mode: 0644]	patch \| blob
test/stdout/1102		patch \| blob \| history
test/stdout/5680	[new file with mode: 0644]	patch \| blob