Testsuite: split testcase for non-OCSP build
authorJeremy Harris <jgh146exb@wizmail.org>
Sat, 20 Jul 2024 19:24:31 +0000 (20:24 +0100)
committerJeremy Harris <jgh146exb@wizmail.org>
Sat, 20 Jul 2024 19:33:48 +0000 (20:33 +0100)
test/confs/1102
test/confs/5680 [new symlink]
test/log/5680 [new file with mode: 0644]
test/scripts/1100-Basic-TLS/1102
test/scripts/5680-OCSP/5680 [new file with mode: 0644]
test/scripts/5680-OCSP/REQUIRES [new file with mode: 0644]
test/stdout/1102
test/stdout/5680 [new file with mode: 0644]

index 23afc36ee5d8ff80a3d82e4f10c3a3ae15a7ddf2..c8379e0f4b9b318e785f83a596e5ace21662859d 100644 (file)
@@ -1,4 +1,4 @@
-# Exim test configuration 1102
+# Exim test configuration 1102 & 5680
 
 .include DIR/aux-var/tls_conf_prefix
 
@@ -10,7 +10,9 @@ tls_advertise_hosts = *
 
 tls_certificate = DIR/tmp/certs/servercert
 tls_privatekey =  DIR/tmp/certs/serverkey
+.ifdef OPT
 tls_ocsp_file =   DIR/tmp/certs/ocsp_proof
+.endif
 
 #tls_verify_certificates = DIR/aux-fixed/cert2
 tls_verify_certificates = system,cache
diff --git a/test/confs/5680 b/test/confs/5680
new file mode 120000 (symlink)
index 0000000..4d64262
--- /dev/null
@@ -0,0 +1 @@
+1102
\ No newline at end of file
diff --git a/test/log/5680 b/test/log/5680
new file mode 100644 (file)
index 0000000..89933f7
--- /dev/null
@@ -0,0 +1,5 @@
+
+******** SERVER ********
+2017-07-30 18:51:05.712 exim x.yz daemon started: pid=p1234, no queue runs, listening for SMTP on port PORT_D
+2017-07-30 18:51:05.712 server cert: CN=server1.example.com
+2017-07-30 18:51:05.712 server cert: CN=server1.example.net
index 285b3be098dbae8210d785487794c3853ce8d5bc..a29ef0ba43c7a023e083ecade4c68c4f754363fb 100644 (file)
@@ -1,15 +1,13 @@
 # TLS server: creds caching
 #
-#
 mkdir -p DIR/tmp/certs
 cp DIR/aux-fixed/exim-ca/example.com/server1.example.com/server1.example.com.pem            DIR/tmp/certs/servercert
 cp DIR/aux-fixed/exim-ca/example.com/server1.example.com/server1.example.com.unlocked.key   DIR/tmp/certs/serverkey
-cp DIR/aux-fixed/exim-ca/example.com/server1.example.com/server1.example.com.ocsp.good.resp DIR/tmp/certs/ocsp_proof
 #
 #exim -d-all+tls+receive+timestamp -DSERVER=server -bd -oX PORT_D
 exim -DSERVER=server -bd -oX PORT_D
 ****
-client-anytls -ocsp DIR/aux-fixed/exim-ca/example.com/server1.example.com/ca_chain.pem 127.0.0.1 PORT_D
+client-anytls 127.0.0.1 PORT_D
 ??? 220
 EHLO rhu.barb
 ????250
@@ -26,13 +24,11 @@ QUIT
 ****
 sleep 1
 # Now overwrite the cert
-# XXX using server2.com fails here, on the ocsp verify.  Why?
 cp DIR/aux-fixed/exim-ca/example.net/server1.example.net/server1.example.net.pem            DIR/tmp/certs/servercert
 cp DIR/aux-fixed/exim-ca/example.net/server1.example.net/server1.example.net.unlocked.key   DIR/tmp/certs/serverkey
-cp DIR/aux-fixed/exim-ca/example.net/server1.example.net/server1.example.net.ocsp.good.resp DIR/tmp/certs/ocsp_proof
 # The watch mech waits 5 sec after the last trigger, so give that time to expire then send another message
 sleep 7
-client-anytls -ocsp DIR/aux-fixed/exim-ca/example.net/server1.example.net/ca_chain.pem 127.0.0.1 PORT_D
+client-anytls 127.0.0.1 PORT_D
 ??? 220
 EHLO rhu.barb
 ????250
diff --git a/test/scripts/5680-OCSP/5680 b/test/scripts/5680-OCSP/5680
new file mode 100644 (file)
index 0000000..ac56b84
--- /dev/null
@@ -0,0 +1,54 @@
+# TLS server: creds caching, OCSP
+#
+#
+mkdir -p DIR/tmp/certs
+cp DIR/aux-fixed/exim-ca/example.com/server1.example.com/server1.example.com.pem            DIR/tmp/certs/servercert
+cp DIR/aux-fixed/exim-ca/example.com/server1.example.com/server1.example.com.unlocked.key   DIR/tmp/certs/serverkey
+cp DIR/aux-fixed/exim-ca/example.com/server1.example.com/server1.example.com.ocsp.good.resp DIR/tmp/certs/ocsp_proof
+#
+#exim -d-all+tls+receive+timestamp -DSERVER=server -DOPT=ocsp -bd -oX PORT_D
+exim -DSERVER=server -DOPT=ocsp -bd -oX PORT_D
+****
+client-anytls -ocsp DIR/aux-fixed/exim-ca/example.com/server1.example.com/ca_chain.pem 127.0.0.1 PORT_D
+??? 220
+EHLO rhu.barb
+????250
+STARTTLS
+??? 220
+EHLO rhu.barb
+????250
+MAIL FROM:<>
+RCPT TO:test@example.com
+??? 250
+??? 250
+QUIT
+??? 221
+****
+sleep 1
+# Now overwrite the cert
+# XXX using server2.com fails here, on the ocsp verify.  Why?
+cp DIR/aux-fixed/exim-ca/example.net/server1.example.net/server1.example.net.pem            DIR/tmp/certs/servercert
+cp DIR/aux-fixed/exim-ca/example.net/server1.example.net/server1.example.net.unlocked.key   DIR/tmp/certs/serverkey
+cp DIR/aux-fixed/exim-ca/example.net/server1.example.net/server1.example.net.ocsp.good.resp DIR/tmp/certs/ocsp_proof
+# The watch mech waits 5 sec after the last trigger, so give that time to expire then send another message
+sleep 7
+client-anytls -ocsp DIR/aux-fixed/exim-ca/example.net/server1.example.net/ca_chain.pem 127.0.0.1 PORT_D
+??? 220
+EHLO rhu.barb
+????250
+STARTTLS
+??? 220
+EHLO rhu.barb
+????250
+MAIL FROM:<>
+RCPT TO:test@example.com
+??? 250
+??? 250
+QUIT
+??? 221
+****
+#
+killdaemon
+#
+sudo rm -fr DIR/tmp
+no_msglog_check
diff --git a/test/scripts/5680-OCSP/REQUIRES b/test/scripts/5680-OCSP/REQUIRES
new file mode 100644 (file)
index 0000000..64054f6
--- /dev/null
@@ -0,0 +1,3 @@
+feature _HAVE_TLS
+support OCSP
+running IPv4
index 3803fb2a919b9b6420a80eb716ed7f8b1b1710c7..0e9c0b366300dc82c0c2a50416658de4c7ad01ad 100644 (file)
@@ -7,8 +7,7 @@ Connecting to 127.0.0.1 port 1225 ... connected
 ??? 220
 <<< 220 TLS go ahead
 Attempting to start TLS
-OCSP status response: good signature
-Succeeded in starting TLS (with OCSP)
+Succeeded in starting TLS
 >>> EHLO rhu.barb
 ????250
 >>> MAIL FROM:<>
@@ -30,8 +29,7 @@ Connecting to 127.0.0.1 port 1225 ... connected
 ??? 220
 <<< 220 TLS go ahead
 Attempting to start TLS
-OCSP status response: good signature
-Succeeded in starting TLS (with OCSP)
+Succeeded in starting TLS
 >>> EHLO rhu.barb
 ????250
 >>> MAIL FROM:<>
diff --git a/test/stdout/5680 b/test/stdout/5680
new file mode 100644 (file)
index 0000000..3803fb2
--- /dev/null
@@ -0,0 +1,46 @@
+Connecting to 127.0.0.1 port 1225 ... connected
+??? 220
+<<< 220 myhost.test.ex ESMTP Exim x.yz Tue, 2 Mar 1999 09:44:33 +0000
+>>> EHLO rhu.barb
+????250
+>>> STARTTLS
+??? 220
+<<< 220 TLS go ahead
+Attempting to start TLS
+OCSP status response: good signature
+Succeeded in starting TLS (with OCSP)
+>>> EHLO rhu.barb
+????250
+>>> MAIL FROM:<>
+>>> RCPT TO:test@example.com
+??? 250
+<<< 250 OK
+??? 250
+<<< 250 Accepted
+>>> QUIT
+??? 221
+<<< 221 myhost.test.ex closing connection
+End of script
+Connecting to 127.0.0.1 port 1225 ... connected
+??? 220
+<<< 220 myhost.test.ex ESMTP Exim x.yz Tue, 2 Mar 1999 09:44:33 +0000
+>>> EHLO rhu.barb
+????250
+>>> STARTTLS
+??? 220
+<<< 220 TLS go ahead
+Attempting to start TLS
+OCSP status response: good signature
+Succeeded in starting TLS (with OCSP)
+>>> EHLO rhu.barb
+????250
+>>> MAIL FROM:<>
+>>> RCPT TO:test@example.com
+??? 250
+<<< 250 OK
+??? 250
+<<< 250 Accepted
+>>> QUIT
+??? 221
+<<< 221 myhost.test.ex closing connection
+End of script